Proactive vs Reactive IT

Proactive vs Reactive IT

A potential client reached out to me because they had recently been hit with ransomware for the 3rd time in 2 years.  Each time they had been able to recover their data.  However, each time they suffered significant annoyance, downtime, and lost productivity.  They needed to better understand proactive vs reactive IT, and I thought it might make a good topic for discussion here as well. We did an analysis on their network to see if they had existing vulnerabilities.  This was a small business network with about 50 users.  They had an internal IT manager that was in charge of the network.  His boss was the one that hired us to take a deeper look at what was going on. The results of our analysis came back, and we didn’t find any huge glaring holes in the firewall or obvious entry points.  What we did find were 15 small things to help them proactively manage the network and shore up security. All of those small things added together were the cause of their problems.  Their in-house IT was not overloaded.  He only had 50 users to support and a handful of servers.  Honestly, that’s not even enough to justify a full time IT resource, but they had him anyway. The big problem with their IT was that he didn’t proactively fix anything.  There was no monitoring or alerting to warn him of problems.  Patches weren’t up to date.  Anti-virus was installed, but not on all machines.  He had left the admin account on his server, and password policies didn’t enforce complexity or periodic resets. Everything he was doing was reactive.  He would wait until something broke and then he would fix it.  There was no future planning.  There was no continuous improvement.  There was insufficient maintenance.  When ransomware hit, he fixed it.  He could have done more to prevent it.  This is reactive IT.

Reactive IT

So why is reactive IT such a bad thing?  When something breaks, it has to be fixed right?  Of course. Even the best IT professional will have things come up they didn’t anticipate or couldn’t control.  When that happens, they need to work to fix it expeditiously.  However, there is much that can be anticipated and many problems that can be prevented with proper planning and maintenance. It can also be a vicious cycle.  The longer problems go without unaddressed the larger they become.  This means they take more time to fix.  That means that you have less time for the maintenance that does need done.  Soon IT can simply be running from fire to fire without any hope of being able to catch up and do the needed planning.  This can exacerbate the problems. The other big problem with reactive IT is increased downtime.  If you’re experiencing downtime because of a lack of planning and maintenance, that is a missed opportunity and has real financial repercussions on your business.

Proactive IT

Proactive IT is a completely different animal.  They put systems in place to automate routine IT functions such as patches and updates.  They are looking to the future and planning years in advance.  They perform routine maintenance on the network to prevent problems and downtime. There is also a system for continuous improvement in place.  They are reviewing past tickets for trends to see if they can make changes or fixes that will eliminate future requests.  This trend analysis can assist in implementing changes that reduce requests, lower downtime, and lower the burden on IT. They meet with the stakeholders in their organizations regularly to discuss their technology usage and understand the business needs.  What changes in the business will need a technology solution?  What functionality do they need?  Regular business reviews help IT to plan for the technology needs of the company and growth.

Is your IT proactive?

A lot of folks say they have proactive IT; however, I can usually ask one question to really know if they do or not.  I’ll ask, “When was the last time you met with your IT provider to have a business review?”  Simple, that’s it! A person with proactive IT will usually answer that they’ve recently had a business review.  Moreover, they have them on a regular ongoing basis.  They will also be able to tell you about the plans that their IT has and the ongoing maintenance they’re doing to prevent problems in the first place. A person without proactive IT will most likely say they’ve never had one, or that in the beginning they met pretty frequently, but it’s been a while since they had one. Proactive IT isn’t just about catching computer problems before they become widespread issues that destroy productivity; it is also about regular communication where you discuss what is currently happening, plan, review the past, and discuss ways to improve & adapt. If you IT provider isn’t doing this, look at i.t.NOW.  We designed our service model from the ground up with proactive IT services in mind.  We can help you take your next step in IT and move from a reactive to a proactive solution.