IT Support – A Complete Solution Part 4 (Conclusion)
The last few weeks we’ve been discussing a lot of different important aspects of IT Support. Frankly, there are probably a lot more things that we could talk about, but I’m a minimalist at heart. Plus when you boil things down if folks would just tackle the basics they would be in much better shape. The last things I want to address this week are IT Security and System Administration.
IT Security
There is a lot that could be said about IT security, so again I’m keeping this as simple as possible. This is likely one of the most important things that businesses can do to protect themselves, and it’s frequently overlooked. Firms will pay thousands of dollars a month for insurance, and nothing for IT security.
Why is that? I think it’s the idea of clear and present danger. They can easily imagine what it would be if one of their employees ran over a pedestrian with a work truck, but they don’t know enough about IT security threats to imagine the damage that could be caused.
A Scenario
Let me help you imagine. Say you’re a business with 200 employees located at several different locations. You have servers at one of your sites with key applications and data that are used by all your employees. You do 10 million in sales every month.
What happens when your network gets hit with ransomware? Ransomware is a new cyber attack where hackers essentially gain access to your network and then encrypt your data. Once encrypted it becomes completely unusable to everyone on the network. They then demand a ransom paid in bitcoin to decrypt your data so it’s usable again. What’s the cost, what’s the impact?
By the way, there were around 100 businesses hit by ransomware just in Salt Lake City alone in the last 90 days.
For starters you have downtime. If we assume an average salary of $50,000 per year (probably a low estimate) that equates to about $25/hr paid to each employee every hour. Lets assume that this wouldn’t render them completely useless, but rather just half as efficient as normal. For 200 employees that would equate to a loss of $2500/hr. Essentially you’ll lose 20K every day in lost productivity. If they’re completely dead in the water it could easily be as much as 40K.
In addition there are huge potential losses in revenue. A company with 10 million a month in sales is generating 333K per day in revenue. So with one day of downtime you have a potential to lose some or all of that.
If downtime is extended to multiple days it could mean millions in lost revenue, lost productivity, and brand damage. What will your clients think when you can’t deliver as promised?
So that’s why you should pay attention when I talk about IT security.
Layered Security
If there is one thing I can get across about IT security it’s that it functions best in layers. So what are the layers? (These are just the basics)
- Business Class Firewall
- Perimeter protection in the form of gateway anti-malware, anti-spyware, intrusion prevention, applications intelligence, threat sand-boxing
- PATCH YOUR MACHINES! Microsoft releases security updates on a weekly basis that have to be patched in a timely manner for all servers and workstations.
- Antivirus
- Email Security
- End User Security Training (people are often your weakest link)
- Data Encryption
- Multi-factor Authentication
There are really a lot more things that could be on this list and would likely add security to your business. However my audience is mainly small and medium businesses, and I’ve found it’s a struggle to get them to even put these things in place. You’ve gotta start somewhere.
There are evolving security threats all the time that businesses should be aware of and striving to protect themselves against. If your IT team isn’t bringing these items up they should be. If they’re not experts on security you should probably talk to somebody that is.
Network Administration
Folks don’t often think of it in this manner, but network administration according to established industry best practices is actually an essential part of network security as well. Having standard operating procedures for deleting users when they leave the company and revoking access is a big deal. Also having permissions administered correctly in active directory.
Network administrators also give oversight to the overall health and well being of your network. They’re an important part of a complete solution for IT and shouldn’t be overlooked.
That about wraps up our series on a complete IT Support solution. There is definitely a lot to think about. Just remember that it’s not as daunting as you think. Take things a piece at a time and keep working on it till you get where you want to be. Having experts on your side is a huge advantage. i.t.NOW stands ready to help, and can implement turnkey complete solutions for IT that take the worry and hassle out of it and free you up to grow your business. Call us today for a free network evaluation.