Posts

Forego the standard IT staffing model?

From the outset, even the smallest start-up is reliant on an IT infrastructure. Digital technology cannot be avoided. For small-to medium-sized businesses, developing and bringing on staff to support that IT infrastructure is often a low priority compared to ramping up operations and meeting the revenues goals necessary to stay operational. Resources to address IT needs may not be available (for at least, perceived to be unavailable) Management is focussed on revenue growth and meeting operational and business requirements. Management may also be incentivized to direct available funds in these directions, rather than building out a robust and sufficiently risk averse IT infrastructure. Also, management may not have the background that provides sufficient experience to identify areas where IT staffing is necessary to maintain a stable and sustainable business.

In a small- to medium-sized business beginning to explore the development of an IT support staff, or even in a large organization undergoing significant transformation, there may be a tendency to begin the process of IT staffing with a top level individual–a CTO, IT director or IT manager. Once hired, that individual would be relied on to begin the process of building out an IT staff.

Problems facing organizations: initiating an IT staff build-out

For any organization, from a small firm looking to bring on its first dedicated IT staffer to a large organization, there are a number of hurdles that may be encountered. One of the most immediate is the shortage of available IT professionals. No matter what your needs, it may be difficult to find appropriately skilled applicants to meet your staffing requirements. This may mean that following the top-down development model may cause risky delays in your goal of protecting and securing the IT infrastructure needed to remain competitive. The job market in IT is especially competitive. This is just one reason we are suggesting that you consider setting aside the top-down build-out model and take a different approach.

Another reason that the top-down model may be problematic, especially for small- to medium-sized businesses, is that it may be a little too “perfect.” When resources for IT staffing are limited, creating the IT department that covers everything can be unrealistic. Creating this traditional model takes time and resources to make sure you have the IT support that possesses all the diverse skills needed to meet the many requirements of a sound IT infrastructure. As a result, this model may not truly meet the immediate/urgent needs of a developing or transforming organization. As ever, the perfect may be the enemy of the good.

So how does a firm looking to strengthen its IT infrastructure and protect itself from vulnerabilities–from cyber attack to single point of failure– protect itself? Lack of available applicants and limits make traditional build outs unrealistic. And will also take too long to address urgent needs.

In our next blog post we discuss a value based approach

/by

MSPs can focus on issues you don’t have time for

Every business relies on technology to function. From simple things like email, VoIP, and the internet, all the way to predictive analytics for inventory and sales, digital technology is at the root of every business. Unfortunately, no matter how much small- to medium-sized businesses may rely on their IT infrastructure to operate, they often try to “get by” with their in-house IT staff to keep things running. In this blog, we will discuss the value a Managed Service Provider brings to an SMB: a value that cannot be replicated in-house.

First, it is important for a business owner to realize that an IT infrastructure is not a static entity. Nothing is “plug-and-play” in today’s business environment. There is no “build it and forget it.” Because everyone relies on technology that must be running 24/7, businesses need to be proactively monitoring the performance and availability of critical infrastructure, such as servers and networks. There are just so many things a business has to worry about. Cyber criminals are always coming up with new threats, so anti-virus software isn’t enough. Consequently, active endpoint monitoring needs to be happening around the clock.

So, why is an SMB limited in its ability to meet all of its technology needs in-house? One reason is management focus. Business owners need to focus on core competencies. They need to focus on running the business and producing revenue-driving goods or services in their area of expertise. Diverting focus to managing an IT team in-house may not be an ideal use of their time. It may also not be an ideal use of their skills. Additionally, resources are limited, and an SMB loses the advantages of economies of scale when it tries to do everything in-house. In a smaller operation, IT staff often need to focus on day-to-day functions, including putting out fires. This limits their time to think strategically and determine ways that technology can innovate and keep the business competitive in the longer run.

So what can an MSP offer that the in-house IT staff cannot?

A Managed Service Provider is staffed by IT practitioners whose sole focus is technology. Many focus only on specific industries. This means that your MSP organization is composed of individuals who have specialized experience and training in one specific area of technology such as cyber security, cloud computing or network infrastructure. MSPs also have the resources to invest in continuous training and professional development. That means keeping up with the latest developments in technology and emerging trends. If focused on one industry, they analyze competitive changes in that industry and how technology can provide strategic advantages for their clients. MSPs also can set aside time for attending conferences, webinars, and networking events to share knowledge and stay ahead in their field. They are also more likely to have the resources to provide their consultants with access to professional publications and newsletters.

Why is this so important? First, analyzing present problems and performing routine maintenance tasks isn’t necessarily “routine.” New threats and changes can create disruption in existing configurations. (Anyone who has downloaded a new software upgrade is aware of that!) Secondly, in-house tech staff, except for those in the largest organizations, are more task focused than strategic. This isn’t due to a lack of awareness of the value of planning and development. It is primarily a resource problem that is inherent to SMBs. Unfortunately, the result is that in-house staff may not be able to contribute at a strategic level, thus limiting the ability of the organization’s leadership to incorporate new technology into long term plans.

/by

Strategic IT planning for your business

One thing that the best MSP can do is become a strategic partner. Your expertise is your industry, business, or profession. Trends and innovations in technology aren’t your focus. However, your business can benefit from some long-term strategic planning in terms of the technology you will deploy to remain competitive. New technology will offer new opportunities. An MSP who has experience in your industry can become a partner. After taking the time to learn your business, your goals, and the competitive field in which you operate, an MSP can take a seat at the table of your business planning. At the highest level, this is where a skilled MSP becomes a significant asset as your business grows and faces new market challenges.

Additionally, An MSP can help with other parts of your IT infrastructure to protect your data as well as facilitate more effective collaboration internally as well as with clients. Here are three examples.

Backup and recovery

Another area related to data security is the process of securing your data in the event of theft, a hardware or software issue, or even a natural disaster that cuts access to your data’s physical location. Backing up your data needs to involve a lot more than running nightly backup to an external drive. That may be ok for your home laptop, but it doesn’t cut it if you want to protect your business data. An MSP can support continual data backup to offsite locations. This means at any point there is a system failure or breach, all of your data remains secure at one or more distant locations. Backup also includes recovery. Having your data safely stored in the event of a disaster isn’t enough. Your business will need continuing access to that data. An MSP can develop recovery plans that work to ensure your operations see minimal disruption in the event of a failure. Also, clean backups are critical for avoiding the consequences of a ransomware attack. Poorly handled back procedures can leave your data vulnerable,

Cloud Services

The decision to use cloud services is closely related to data security and cybercrime. Locating all of your data and software applications physically in your own location may seem like the safest thing to do, but that may not be correct. If you utilize cloud storage, you can maintain access to that data from any location. If a natural disaster or other emergency limits access to your physical locations or disables it, your business and employees can access the data from anywhere. Also, the cloud offers economies of scale. To maintain sufficient capacity to meet peak times, maintain all of the necessary hardware and software, and monitor it 24/7 involves considerable in-house labor and capital expense. Migrating to the cloud means you share those fixed costs with others. An MSP can handle selecting and designing a cloud solution most appropriate to the needs of your specific industry and business.

Unified Communications

Unified communications is a service that pulls together the different channels your employees and clients use to collaborate, sell, communicate, etc. Unified communications systems have many moving parts. Encryption, data security, ease of use, cross platform support as well as other support services can create a communications system that works for everyone, no matter what channel they choose to be using.

/by

Staffing should address risk first and foremost

,

For any business, but especially a smaller one without deep pockets, the consequences of some disaster may mean the end of the business. As a result, risk evaluation becomes critical. There are an endless variety of events, from mishaps to major disasters that challenge your viability. Risk management inventories all of the possible risks that could befall the organization and places them in a hierarchy of significance. At the top are single points of failure disasters or extreme events that would shut down the business, at least temporarily. Risk management then works to channel limited resources toward mitigating the most serious risks. Here are some examples of risk in the IT area that could be especially damaging if left unprotected

  1. Data Security and Cybercrime –
    1. Loss of data – Failed backups or human error can lead to lost data. Every business needs to have the IT expertise to ensure that quality backups are maintained, preferably in real-time
    2. Data breaches – More significantly, data is constantly at risk from crime. From malware to ransomware, viruses and cyber attacks can destroy a small business. Consequently, quality IT support is most critical in this area. It should be an issue of highest priority.
  2. Hardware redundancy – Your entire physical IT infrastructure represents a vulnerability. Single points of failure could shut down your business. Proper design of your infrastructure, and 24/7 monitoring of it is, again, a risk mitigation factor. How much evaluation has been done to determine your level of risk?
  3. Natural and human-made disasters – How prepared is your IT infrastructure to continue operations in the event of a flood, fire, or natural disaster that prohibits access to your physical location? How would you handle a long-term power of broadband outage? IT professionals skilled in disaster recovery can help you mitigate the risk in the face of a major event.

    The point here is not to list all the possible risks you face, but to recognize that IT support should be focused on the most critical areas. Whether you bring them in-house or use the services of an MSP, resources should be directed first at areas where the risk is greatest.

How can an MSP help support a risk-focused IT strategy?

  1. Hiring individual in-house support can be expensive and slow – Given the tight labor market, finding ideal candidates can be exceptionally difficult, and as a consequence, too expensive. An MSP represents a faster way to bring on support and can be utilized only when and where the most critical services are needed.
  2. Up-to-date support – Over-worked in-house IT staff in a small company may be too busy putting out fires to keep up with the latest developments in specific corners of their field. As a result, you may lack the knowledge depth needed on narrow but critical areas. IT is a very broad field, and only a diverse IT team has the depth to cover all of the different areas. With an MSP, you don’t have to worry about how technology is changing. A good MSP will not only be up-to-date with the latest in tech but also advise you on what tech changes you need to make to stay ahead.
  3. Scalability – The size of your in-house IT support staff is, in the short term, static. If you experience peak demand times, resources can be stretched to the point of being overwhelmed. .Choosing a managed services provider, however, provides the flexibility to scale up or scale down your IT investment to suit your business needs.
  4. 24/7 monitoring and availability – Until your organization gets big enough, an in-house IT staff cannot be available 24/7. Nor can it provide 24/7 monitoring for that part of your business that must be functional all the time. An MSp has the resources, because of economies of scale.

In the end, don’t think of IT support as “IT Hiring” instead, think of it as staffing. What is the best use of limited resources to meet your most immediate vulnerabilities? That is the best perspective to take on IT support when resources are limited.

/by

Forego the standard IT staffing model?

From the outset, even the smallest start-up is reliant on an IT infrastructure. Digital technology cannot be avoided. For small-to medium-sized businesses, developing and bringing on staff to support that IT infrastructure is often a low priority compared to ramping up operations and meeting the revenues goals necessary to stay operational. Resources to address IT needs may not be available (for at least, perceived to be unavailable) Management is focussed on revenue growth and meeting operational and business requirements. Management may also be incentivized to direct available funds in these directions, rather than building out a robust and sufficiently risk averse IT infrastructure. Also, management may not have the background that provides sufficient experience to identify areas where IT staffing is necessary to maintain a stable and sustainable business.

In a small- to medium-sized business beginning to explore the development of an IT support staff, or even in a large organization undergoing significant transformation, there may be a tendency to begin the process of IT staffing with a top level individual–a CTO, IT director or IT manager. Once hired, that individual would be relied on to begin the process of building out an IT staff.

Problems facing organizations: initiating an IT staff build-out

For any organization, from a small firm looking to bring on its first dedicated IT staffer to a large organization, there are a number of hurdles that may be encountered. One of the most immediate is the shortage of available IT professionals. No matter what your needs, it may be difficult to find appropriately skilled applicants to meet your staffing requirements. This may mean that following the top-down development model may cause risky delays in your goal of protecting and securing the IT infrastructure needed to remain competitive. The job market in IT is especially competitive. This is just one reason we are suggesting that you consider setting aside the top-down build-out model and take a different approach.

Another reason that the top-down model may be problematic, especially for small- to medium-sized businesses, is that it may be a little too “perfect.” When resources for IT staffing are limited, creating the IT department that covers everything can be unrealistic. Creating this traditional model takes time and resources to make sure you have the IT support that possesses all the diverse skills needed to meet the many requirements of a sound IT infrastructure. As a result, this model may not truly meet the immediate/urgent needs of a developing or transforming organization. As ever, the perfect may be the enemy of the good.

So how does a firm looking to strengthen its IT infrastructure and protect itself from vulnerabilities–from cyber attack to single point of failure– protect itself? Lack of available applicants and limits make traditional build outs unrealistic. And will also take too long to address urgent needs.

In our next blog post we discuss a value based approach

/by

Cyber insurance What’s the cost and what does it cover

,

Cyber insurance covers a range of elements, the most basic being the legal expenses incurred as a result of falling victim to cybercrime. This includes legal fees, expenses, and even any fines that you may have to pay or financial settlements that have to make with your customers or third parties who have been affected as a result of the incident. Apart from this, depending on the coverage you opt for, your cyber insurance may cover the following.

Notification costs

In the event of a data breach, the business is required to inform all affected parties of the breach. This involves reaching out to them individually and also through the press. Cyber insurance may cover the costs related to this process.

Restoration costs

After a cybercriminal attacks your IT infrastructure, you will have to spend money restoring it. There will be considerable expense in terms of recovering the lost data and repairing or replacing affected IT systems.

Analysis costs

In the event of a data breach, you will have to conduct a forensic analysis to identify the root cause of the breach and figure out how to prevent further occurrences. Cyber insurance may cover the costs of such an investigation.

Downtime costs

When your business operations shut down, even temporarily, due to IT issues, you lose revenue. You could get a cyber insurance policy to cover such downtime costs.

Extortion money

In some cases of data theft like a ransomware attack, cybercriminals usually demand a certain amount of money as ransom or extortion to let you access it again. Considering how rampant ransomware attacks are these days, it may make sense to opt for a policy that covers this angle as well.

How much does cyber insurance typically cost

Depending on the coverage and risk, annual cyber insurance costs range anywhere from $1000 a month to about a million dollars. But, what you need to ask yourself is, how much can it cost you if you ignored cyber insurance? The answer is, it could cost you your business, your customers and your brand reputation. With cybercrimes rising at alarming rates, cyber insurance is not a luxury that only the big players should invest in. It is the need of the hour for any business, irrespective of its industry or size.

/by

Don’t let hurricanes blow your data away!

“Life is not about sheltering yourselves from the rain, it is about learning to dance in the storm”, goes a popular saying. But, if you are a small business, you first need to shelter your assets from the rain, before you can afford to dance in the storm without a care in the world. Hurricanes, tornadoes and thunderstorms can catch you off-guard resulting in losses worth thousands of dollars. Your inventory may be damaged, your place of business may be flooded and your critical business data lost. While most small businesses do take timely steps to ensure their inventory and place of business are protected from natural disasters, a lot of them tend to overlook the risk such natural disasters pose to their IT infrastructure and data. To many, it doesn’t seem to be that big an issue–and invariably, this is where they go wrong. Data loss due to natural calamity or any other reason can cause significant damage to a business, resulting in extreme consequences such as complete business shutdown. Safeguarding your data shouldn’t be a project you embark upon after a hurricane warning is issued.

In this post we discuss the steps you can take to mitigate the risks natural disasters pose to your data and IT infrastructure.

  1. Recognize the need for data safety, security and recovery in times of disaster.
  2. Bring together your key resources and create a team that’s responsible for implementing your disaster backup and recovery plan.
  3. Identify the key areas that need to be addressed. In the event of a disaster, what are the processes that absolutely need to function to keep your business going and what needs to be done so they still function smoothly?
  4. Prepare a solid disaster recovery-business continuity plan. You can enlist your in-house IT team or bring an MSP onboard to do this.
  5. Create a list of all the software programs, applications and hardware that are critical to your business process
  6. Include floor plans, physical access details, entry-exit security codes etc, pertaining to your place of business in the plan.
  7. Include information about your backups in the disaster recovery and business continuity plan.
  8. Conduct mock drills and audits to ensure your plan is executable and gives you the intended results.

All of this can be overwhelming, especially with a business to run and a Hurricane to watch out for! That’s why most SMBs rely on trusted managed service providers to do it for them, while they focus on their core area–managing their business and customers.

/by

Do your homework: 3 things to do when looking for an MSP

,

Thinking of hiring a Managed Service Provider, but not sure how to go about it? Here are a few things to do before you zero in on one.

Figure out what you have already

The first step in a good plan is to figure out where you stand currently. Before you talk to an MSP, conduct an audit of your IT infrastructure to decide what you have currently. List all your hardware and software. When performing this IT audit, don’t forget other technologies that you are using, such as biometric access systems, CCTV systems and even telephone systems. You may think they are irrelevant as they are not directly related to your IT infrastructure, but, in the near future you may want them all to be connected to one another, and so, including them in the audit and inventory right now is a good idea.

Figure out what you need

This is the next step. After you determine what you already have, the next step is to figure out what you need. What do you want to add on or remove from your existing IT infrastructure? Are your servers too slow? Do you want to switch to the Cloud instead of traditional services? Do you want a Unified Communications set up instead of your current PBX phone line? Do you want to shift to a work-from-home model and need the infrastructure to support that?

Do your research

Now that you are clear about what you have and what you need, start doing your research. If you have an in-house IT team, you can ask them to evaluate the various options that can help you reach your goal. If not, then there are plenty of resources available online for SMBs that help with tech questions. https://www.sba.gov/learning-center is one great resource and a Google search will get you more.

As a part of this research, you should also make a list of credible MSPs in your area and learn more about them. A Google search can help you with that, but it would be even better if you reach out to a couple of your peers requesting them to refer you to their MSPs, if they have one.

Hiring an MSP means trusting them with your IT infrastructure, so it is very important that you have a clear understanding of what you really want and need, so you can share your expectations with your new MSP. This transparency and clarity goes a long way in determining the success or failure of your relationship with the MSP.

/by