IT best practices questions.jpg

start with some questions

How do you view your IT management and operations? 

  • Does it seem like a liability?

  • Does your investment in technology give you a smaller return on investment than expected?

  • Are you running from one problem to another?

  • Do you know the true cost of your IT?


ticking time bomb

As a small business owner, IT can be a challenge, especially when you have little or no IT expertise. Even though we are surrounded by technology at work and most of your work depends on it, most small businesses do not treat IT as a business priority. Restrictive budgets and lack of expertise often determines if IT gets requisite resources, if at all. This usually stems from our attitude towards technology and taking it for granted. Most of us have grown up using multiple devices, perhaps setting up home networks, and troubleshooting common computer problems at home on our own. Therefore, we feel comfortable managing our IT needs at work. However as the company grows, the complexities of managing the IT operations grow exponentially. Your in-house IT expert finds themself moving from one problem to another, and before you know there is a huge backlog of problems to resolve. Your business starts to suffocate under this bottleneck and productivity starts freefalling. As a result, company morale dips and your business suffers. Oh...and I forgot to mention that handy in-house IT expert is either you, another cofounder, or even worse, a highly paid staff member who spends most of their day fixing IT issues rather than the job you hired them to do in the first place. 

Fortunately, the picture does not have to be grim. A little planning and advance preparation can go a long way in ensuring that your IT becomes your asset rather than a liability. Here we breakdown some typical IT challenges that small to medium business owners face and share the best practices that can make your IT operations manageable.


1. IT audits

IT audit.jpg

IT audits help you identify issues with your IT infrastructure before they become a real problem. Most businesses take a reactive approach to IT; this is IT suicide! While this may appear a viable option, a reactive approach to IT costs you dearly in the long run. Your IT management should be about fire prevention, not fire fighting. Regular IT audits are integral to establishing a process that improves your IT infrastructure.

A comprehensive approach to IT management equips you with the knowledge of how technology impacts you business and enables you to create a vision of what your business will be like when technology is supporting your business the way you want. This enables you to move from worrying about downtime to using technology to meet your business goals. IT will become an asset when you align it with your business goals. Focus not on IT management but on effective usage of your IT infrastructure and how it will enable you to meet your goals. 

2. IT Plan

Failing to plan is planning to fail! Regular planning is key to predictable and manageable IT operations. Without a proper IT plan you will be undertaking projects that appear like black holes that suck in tons of money and resources without achieving anything worthwhile. Many surprises can be mitigated by a proper plan that comprehensively evaluates your IT infrastructure.

IT plan.jpg

Without a proper plan, unintended downtimes, security incidents, breakdowns all blur into one. Therefore, their impact on your business goes unevaluated. This means you will be unable to identify your true IT cost. A proper IT plan brings in adoption of best practices and monitors deviation. This makes your IT costs predictable and hence manageable.

When you have an IT plan in place, you can easily monitor the inconsistencies, and deviations and assess how they impact on your business. This puts you in a place where you can start analyzing the root cause and identify ways to prevent such problems from occurring in the future.


3. Cyber Security


If you think as a small business you are safe from cyber attacks, you have another think coming. According to in 2016, 43% of cyber attacks were targeted at small businesses while only 14% of small businesses rate their cyber security as highly effective at mitigating cyber risks and vulnerabilities.

As a small businesses owner, you should be prepared to safeguard your company and your users’ data from cyber criminals. These cyber attacks come in various forms- phishing, malware, spyware, ransomware, etc. Tight budgets and pressing priorities make it a challenge for small business owners to stay up-to-date on the latest developments in technology or even to keep your computers safe from malware and hacking. We take cyber security very seriously and have published a series of blogs sharing useful information, tips and general education.

  • Stay informed about threats - Keep an eye on the tech news to know about new threats, security patches, bug fixes, etc.

  • Keep your systems updated - System and software updates are released to fix known vulnerabilities and flaws. Keeping your system updated blocks attackers from leveraging known software flaws.

  • Backup your data - If you ever get infected by a malicious software, you can restore your system and have your data safe.

  • Educate your employees about the cyber threats - Human error is the biggest cybersecurity threat. A little education can prevent most cyber attacks as they are identifiable. Ensuring that you have even a simple security policy covering emailing, file sharing, system updates, device and network access, and password best practices is sufficient to safeguard against the common phishing and malware threats.

  • Network security - Your WiFi equipment is the gateway to your entire IT infrastructure. Therefore, it is critical that you should secure your WiFi network. Never, use the default password that comes with your router. Use WiFi Protected Access II (WAP2) code as this is the most secure kind. Also, set up a guest WiFi network that has different password and security measures that will prevent them from accessing your internal network.

  • Password management and 2FA - A multilayered security system consisting of an OTP (One Time Password) in combination with a memorized password is highly recommended. Using a password manager such as LastPass along with an authenticator such as Google Authenticator is a good example.


4. Business Compliance Needs

IT compliance.jpg

With the continuous rapid change in technology, the regulatory environment for your business is likely constantly shifting. Therefore, it is imperative that you know the compliance requirements and monitor the legislative changes for your industry. This implies that you need to keep your IT strategy up-to-date. It would be ideal to document your strategy to include at least the hardware and software compliance roadmap. This document should be reviewed at least once a year and compared with the latest compliance requirements and overall Business/IT strategy.

You should also have a set of privacy principles at the very least. Even if you do not handle sensitive client data, this should be adopted as a best practice. These principles should also address the steps to be taken in case of a data breach. Whether you need to notify your customers, regulatory authorities, or publish it on your website, it is always best to have a document you can refer in times of uncertainties.


5. Asset Management

A robust asset management system is instrumental in increasing efficiency. It gives you a clear view of all your assets be it hardware, software, virtual machines, or cloud infrastructure. A comprehensive asset management establishes and maintains a centralized system of record for your entire IT infrastructure. In addition, it ensures that your new hires are ready for digital integration from day one.

IT inventory.jpg

Your asset management system will ensure that your assets are being utilized to capacity and those that are nearing the end of their life-cycle will be replaced before there is a chance of breakdown. Any procurement should be planned with the lead time in mind at the same time you do not want your capital to be tied down in the form of excess inventory. You would want to minimize the cost of having your assets sit idle waiting for when they will be needed or for a breakdown to occur. An asset management system will help you achieve this effortlessly.

In addition to centrally managing your IT assets, an asset management system should be able to schedule and track purchases, generate reports on asset types, monitor contract expiration and renewals. Such a central management system gives you control of your assets and also give you ability to seamlessly scale your IT infrastructure when needed. 


next steps

Whether you are running a law firm, a nonprofit, or a startup, unless you are in the IT services business you should not focus on IT management. You should focus on how IT can enable you to achieve your business goals. This is where managed IT services offer a practical solution. However, hiring external help is a big step for small business owners. The first step therefore would be to determine how IT fits into your business strategy.

Whether you decide to retain IT in-house or hire an IT service provider, the decision should be made based on your bottom line as well as how IT impacts your core competency. It is always best to start with an IT plan. Rather than getting overwhelmed by the various IT challenges that your growing company will definitely face, a good plan will help you identify at which stage you will need to bring in outside help. Remember, all the technology in the world is not worth anything if it does not boost your productivity and help you achieve your business goals. 

If you're interested in learning more, please reach out to us about IT audits, making an IT plan, improving your cybersecurity, implementing IT policy & compliance, and managing your tech assets. Call or email Jones IT today!