If you look through the marketing materials of pretty much any IT company, they will all tell you pretty much the same thing: that it's all managed for you, that it's no hassle, and that you have on-tap support when you need it. Yes, many of these things will be true, but one of the problems with outsourcing IT support is that you might not know what your IT provider SHOULD be doing, so how can you tell if they ARE doing it?
At Eurolink, we pride ourselves on supporting our clients the right way, doing what we say we will, and making sure we save them time, effort and money, but it seems that not everyone lives up to their promises. Over the last six months, we've taken on several new clients to manage their Remote IT support, but have frequently found that the client's previous supplier hadn't been delivering on their contract. Here's one typical example:
At the beginning of August, we took over a Remote IT contract from the previous supplier and started with an audit of the existing systems. What we found was:
- 60% of PCs were still running Windows 7. Windows 7 reached its End of Life in January 2020 - i.e. it is no longer supported by Microsoft - and Microsoft had been warning businesses that this was happening, for over a year. Under the contract the client had, none of the PCs should have been running Windows 7 and shouldn't have been for months.End of Life software presents a significant risk to businesses in terms of cybersecurity and data protection; when Windows XP became EOL, thousands of NHS devices were compromised by the WannaCry attack because they hadn't been updated. Your PCs should always be on the latest version, and this should be managed proactively.
- 36% of devices did not have security updates enabled. That means that even when updates were released for Windows, they were not installed on these devices. Windows Security Updates are released to patch security flaws, reduce known risks, fix known leaks and opportunities for breaches, and keep up with virus and malware evolution. Keeping them turned on and up to date is essential. Your PCs should always have security updates enabled (and your provider should have set them to this), but your provider should also be monitoring regularly and ensuring that the update has gone through correctly.
- 32% of devices were still using Microsoft Office 2010. These are old licensed products for Microsoft and although they still 'work', the 2010 version has been shown to be extremely vulnerable to malware via email. Your provider should be proactively encouraging you to update to the latest version software and explaining the risks, as in cases like these, the benefits far outweigh the costs.
- A Windows 2008 Server was still in use for MAC users because the previous provider wasn't skilled in MAC management. Not all providers can manage all of your systems, but it is essential that they openly and honestly discuss this with you and ensure that you are not left vulnerable in the areas they are not or cannot manage.
- Many of the devices were listed as 'hard drive predicted to fail'. All hardware has a life expectancy and most warns in advance of potential failures and issues. The key here is proactive monitoring and planning. In most instances, the hardware is replaced AFTER it has failed, at a point when the capital outlay is unexpected and unplanned. Although much can be done to extend the life expectancy of the hardware, in reality, your provider should be proactively monitoring and giving you prior warning that certain devices may soon fail. This allows capital expenditure to be planned and executed within the quarterly budget, and helps keep nasty surprises to an absolute minimum.
To put this in perspective, the client had been with their previous provider for more than five years, spending £400+ a month on a 'proactive', outsourced IT provision. In reality, some huge vulnerabilities were being ignored, and our new client is very lucky that they'd not been subject to a ransomware attack, which would have compromised the whole system within seconds. We have now worked to correct all these errors, as well as introducing proactive management and monitoring, which will prevent this happening again in the future.
So how do we avoid doing the same?
We don't rely on automation:
We use automation, of course we do, but our processes also ensure that real people are doing real-time checks. So while we have electronic monitoring in place to flag potential issues, all our Remote IT clients get proactive support, from real people, who you can reach on the phone in about 20 seconds. Ask yourself if your current supplier proactively looks after you?
We invest in our skills and team:
As well as having generalists, we also have team specialists which means we're up to date with the latest solutions, we understand the latest vulnerabilities and threats and we have someone in house that can advise on and deal with anything and everything. Smaller companies often struggle to keep up with the speed of change, which is something we have invested to prevent.
We challenge our clients and get them thinking:
IT is our expertise, not yours, which means we should and do proactively suggest things that will streamline your business or processes, offer you better protection, or helps your business improve based on our experience. That means as well as being up-to-date, we'll present options that save you money for example or get your systems working better. Can your existing supplier say the same?