Hagai Bar-El

Service Model

Our uniqueness comes also from the versatile ways by which we provide service. We are not a consulting firm but a small group consisting of Hagai Bar-El and colleagues. Our aim is to provide knowledge, not just to bill hours, which makes us able to adopt service methods that are more effective both for the customer and for us. Since we do not usually work or bill by the hour we aim at providing our service in the most concise and effective way possible. The following paragraphs describe our service methodology.

Face to Face meetings are an important factor of customer-provider relationships and are often required for the projects success. However, they impose increased cost that is shifted on to the customer, as well as cause delays resulting from availability and travel constraints. Our methodology is therefore to have face-to-face meetings where necessary, yet to have as much done without it.

E-Mail Correspondence and written documentation are service tools we value. Having every advice or design recommendation documented allows both us and the customer to remain well organized. It also serves the customer as a reference point. When evaluating products, when evaluating new technologies, and when addressing design consideration, we always document our findings.

Conference Calls are useful. When involved in the design of a product we actually prefer having weekly or biweekly conference calls for catching up on new issues and for presenting our views. Each research we do is followed by a conference call on which the findings are presented. We form calls either by phone or over H.323.

One-time Calls are often helpful when an occasional customer requires a quick opinion on a certain, well defined, matter. In such cases we do not attempt to make a lengthy project out of each such question but rather get the question, process our answer, and present it in a one-hour conference call with the customer. This service is available also to customers with whom we do not have any existing relationship. We believe that in this service we have a high advantage over typical consulting firms.
Let us imagine a company XYZ that develops a product, which is not necessarily a security-related one. However, they happen to need a brief advice on what encryption method to use for securing the application's data files, or would like to know if this or that method they consider is considered to be secure.

When working with a typical consulting firm they are likely to bear with the following procedure:

1. Contact the consulting firm, get a salesman to call back, and explain their needs.
2. After a few days, get a quote for a project involving several phases, meetings, analysis and report writing.
3. Start the process by meeting an account manager and later meeting the technical guys.
4. Wait for the consultants to do their full-blown analysis and write a detailed report that will be long enough to seemingly justify its cost. Of course, the customer needs to spend some time reading this report later.
5. An invoice comes about a month later, detailing some trivial and some less trivial components of the work. The customer needs to review, probably ask for clarifications, and eventually pay.

This process is essential for large consulting firms. After all, a consulting firm has such overhead costs that a project of less than $10,000 (or more) is probably not worth their efforts. They should therefore either make it a $10,000 project or so, or just not take it.

We offer an alternative service model which seems to fit the customers needs better:

1. The customer contacts the office either by e-mail or by the contact form, and briefly presents the issue on which assistance is required. The purpose of this brief description is so we can assess if it is within our ability to help. If we can't do a good job, we prefer to save the customers money as well as our reputation and time. We respond within up to two days on whether or not we can contribute. If we cannot, we can often refer the customer to someone else. By submitting this form the customer makes no obligation whatsoever.
2. If we are capable of helping out and the customer is interested, he can (at any point in time) ask for a one-hour conference call with the person most capable of addressing the issue. The customer requests this conference call using an online form, on which it is also possible to specify the best day and time for the call. After requesting the conference call the customer pays online only for that single session, using one of several payment methods. The per-one-session transaction is processed online, and the customer gets his receipt immediately.
3. The conference call takes place, over the phone or over IP (H.323). If a longer project is desired, it can be discussed after the session ends. If another such call is required, one can be scheduled by the customer (repeating only step #2) at any time.

One may say that this is more of a retail approach to consulting. This is probably right. However, when dealing with "occasional consulting" this model is probably the best for the customer.

On-Line Chat Similarly to one-time calls we allow an even easier way to get service right away without any longer obligation. Anyone can engage in a one-time on-line chat session with one or more experts, paid for online by a credit card. The process is the simplest: The customer contacts the office either by the contact form or by phone (during office hours). If the topic is one we can help with, then the customer receives a link where he/she can complete the payment and log in immediately for the session, over a secure connection. It's really as simple as it sounds — the relationship between the customer and the office starts when the customer needs it and ends an hour or so later. Pricing is also fair (US$100/Hour/Expert) due to the reduced administration overhead.

Research Papers are another way by which we sell knowledge. A research paper is a document that discusses a particular topic and attempts to address it from several angles providing the most up-to-date information known about this topic. Other research papers discuss a known information-security related problem and the ways for solving it. Research papers of the first type are of interest to entrepreneurs and investors who would like to invest in new products or technologies, as well as to companies that need to properly evaluate security products. Research documents of the second type are more of interest to developers who design products that deal with cryptography and security and who are likely to encounter at least some of the problems that we have already faced. Research papers are typically written by specific customer requests and for a fixed price. Additionally, some research papers that were already written are available for sale. By filling in the contact form one can express interest in a particular topic and be informed of any existent research papers on this topic, any similar research being in progress, or on the availability of the office to perform such a research per-demand.