What your “IT Guy” won’t tell you. MIGHT hurt you…

I’m sure there’s more than one IT person who’s reading this wondering what they’ve done to be scrutinized. But here it goes….

Things that are common with “IT Guys”

I will first list out some of the concerns that you should think about, and then we can dive deeper into them…

Single Point of Failure

Poor Documentation

Security Risk

Can’t be the” Jack of all Trades”

 

Single Point of Failure

I can’t stress enough how important this point is. Just like investing in your 401k, you don’t put all of your investments into one stock. The same is true of not entrusting a single individual to handle your entire company’s IT infrastructure.

Let’s say your IT person is hit by a bus, goes on a vacation, or has a bad day, and the office is thrown into chaos with regards to IT. The odds are that there is not plan in place to mitigate this situation, which normally means that you will be down until he can get around to taking care of the issues. It is imperative that you have some sort of redundancy or backup in place in the event that this happens.

Some Things to Consider…

What will that down time cost you in terms of productivity, payroll loss, and/or other expenses? When you calculate your IT costs, take into consideration the cost of down time and add that into your overall IT expenses as well.

Poor Documentation

Let’s face it, when something goes wrong, you just call the IT person and only he/she knows how to resolve the issue. I am sure he/she has it already memorized, but very doubtful that information is in a database that he or someone else that he works with can access to help you.

For example: An easy issue to resolve, such as pointing the software to the right database file location could be something that is made available to the client. It’s probably just a few clicks, but employees have to wait for the IT person to get around to login to their computer and perform the 3 click operation, before that user can get back to doing their job. Had this FAQ been available to the company through a portal, the employee could have performed these steps quickly and not waited hours for the IT person to get back to them.

If your IT person doesn’t keep proper documentation, be sure you have them in an excel or a word document saved somewhere for your own use just in case.

Some Things to Consider…

If there is no step by step guide that the IT guy has for their internal use, when he gets external help, the person helping will take ten times as long to figure out those simple steps, before resolving the problem. This turns into an expense in regards of lost productivity and paying for the learning curve of the other guy helping.

 

Security Risk

This is a big one! Without knowing what systems and safeguards the IT person has in place can you:

  1. Trust that his kids aren’t on his personal computer clicking and downloading games that could potentially be malicious and hijack his computer’s data?
  2. Is your company’s sensitive information encrypted on his computer or saved in word docs on his desktop?
  3. What happens if his computer crashes, is there backup to this information that contains your company data?

 

These are just some of the concerns that most face, however you can take steps yourself in order to mitigate this.

  1. Get a password manager for the IT person to use and insist he/she does not keep any sensitive company information anywhere outside of this manager.
  2. Get your IT person an inexpensive laptop and insist that its used to do work for your company only on it.
  3. Make sure that you have the latest schematics of your network, and latest passwords JUST in case you need someone else to step in.
  4. Having the schematics will allow for a lot less time for the discovery process if a new IT company has to step in. Which will save you a lot of time and money.
  5. It’s a good feeling being the captain of your own ship instead of relying on your IT guy to come back from the dead and provide the needed documents.

 

Can’t be the jack of all trades… This is when you can get in trouble

Although he/she “knows computers” this does not necessary make them qualified to setup your network to maximize security, or put in place systems that would safeguard your users, or ensure that proper Disaster and Recovery DR plan is in place, or most importantly take any responsibility for ensuring everything is safeguarded.

Ask your IT person what are the plans in place in case the following happens?

  1. What do we do if the building burns down tomorrow? Can we recover?
  2. If someone connects to our Wi-Fi, do they have full range access to our company files? What protection do we have in place?
  3. What is the company password policy and are we enforcing it?
  4. What if a user becomes a target of a phishing attack and they catch a ransomware virus and it spreads across the network.  Will be able to recover or have to pay the ransom and pray that works?
  5. How is our system protected from being held at ransom outside of just a basic antivirus program? Do we filter internet traffic, do we have additional spam and malware filters on the emails to prevent this sort of thing from happening?

 

Sounds like too much work?

If all that seems like a lot of work, you can reach out to an Managed Services Provider (MSP) in your area to help manage and keep the piece of mind in regards to your technology and IT.  MSPs replace the IT person with complete Managed Services, and a team of engineers that have your companies best interest in mind.

  • There are several people that will handle your case, so the response time is quick, and you can have a piece of mind that your company information is securely stored away in their database.
  • All policies and procedures are documented so there is no guess work for any new guys handling your tickets
  • There are no surprises in billing, it’s just a flat monthly payment, and you have an entire IT department behind your firm’s back.
  • All of your company’s information encrypted and secured and MSPs are constantly learning of new threats in order to stay on top of the latest cyber security trends to make sure their customers are always protected.
  • MSPs build out disaster and recovery plans and place systems in place to mitigate ransomware from taking over your systems. Some are starting to implement the new cybersecurity measure called the Zero Trust approach to networking which protects the network from being taken over by ransomware.
  • MSPs don’t use private computers, so you can be confident that they are clean from any malware that could potentially steal vital client data.

If you are looking for Managed IT Services in Atlanta area,  ALPHACIS can help with your MSP Needs. We focus on cyber security and a wide array of IT services, we would love to see if we can be a great fit for your company.

 

author avatar
Dmitriy Teplinskiy
I have worked in the IT industry for 15+ years. During this time I have consulted clients in accounting and finance, manufacturing, automotive and boating, retail and everything in between. My background is in Networking and Cybersecurity