Cybersecurity can seem overwhelming at times. Your IT Provider handles this so why do you have to know so much about it?
Our goal is to limit the impact any one cybersecurity layer has on our clients. However, in some situations it does require buy-in from our client base. Multi-Factor Authentication (MFA) is a perfect example of this. This is one of the few layers that will require the user to participate.
What is Multi-Factor Authentication?
In the past, a username and password has been somewhat sufficient to protect your accounts. However, more data is ending up on the dark web and easily accessible to the bad actors.
Multi-Factor Authentication is a second form of authentication to login to your account, rather than just your password.
While this may sound cumbersome, we make this easy.
After implementing the rule that all users must have Multi-Factor Authentication, they will be prompted to set up a second form of authentication.
There are multiple options to choose from:
Authenticator App – Preferred Method
Text code to their phone
Call their phone
USB Key – For organizations that do not have company owned mobile devices or do not want employees using personal devices to authenticate.
The user will just need to set up their preferred method and go through the prompts. This process is usually quick and easy, but we are here to help if they run into any roadblocks.
The Authenticator App:
This free app can be downloaded from an Apple or Samsung device. The user will be prompted to “add and account” and scan the QR code that is displayed on their computer screen. This will pair the app with their account.
User Experience
With this enabled, the user can now easily log in to their Microsoft 365 account but with significantly enhanced security on their account and your organization.
They will be prompted every single time they login to a new device. However, their primary device will be remembered so it will not prompt the user every time, making it less intrusive. The primary concern is a login on a new device, which is why the policy is laxer for the daily/weekly use computer.
Your question may be, how long does it take?
What’s your favorite movie?
It’s as quick to answer that question as it is to use MFA with your Microsoft 365 account.
While it’s impossible to completely prevent cyber-attacks on your Microsoft 365 account, this layer makes it significantly more difficult for the bad actor to gain access to your businesses Microsoft 365 accounts. With more data than ever moving to the Microsoft platform, this layer is no longer a recommendation but a requirement.
Microsoft will soon be requiring this for all accounts, so it’s best to get ahead of this change and start today.
If you need help getting this started for your business, please reach out and we’ll walk you through the quick process.
Let’s be real: keeping the computer hardware for your entire staff up to date is a pain. It’s expensive and usually time-consuming, and even when the hardware swaps go well, there’s always a little bit of lost productivity as users wait for the new device to be installed and then take the time to configure settings like they’re used to.
Still, the pain of regularly upgrading your staff’s PCs is nothing compared to the true costs of not keeping hardware updated. This doesn’t always feel true because many of the costs of hanging onto old computers in your office are hidden costs, or things that you can’t quite put a dollar sign next to.
We don’t believe in pressuring clients into hardware upgrades. Instead, we want our clients to know exactly when and why they need to upgrade. So, with that in mind, let’s explore the true costs of keeping older machines around in your office — including the costs you may not see right away and those that won’t show up on a balance sheet.
Understand the True Costs of Using Old Computers
To understand the actual costs, you’re risking by keeping old hardware around, we need to talk about three main areas.
Effects on Morale
First is the human cost, or the hit to morale. As PCs age, they slow down— some of this is due to the physical components aging, while most of it is in the pace of technology advancement.
Newer software and systems expect more out of the computer’s processing capabilities because newer computers have more of it. Using current software on older hardware creates a mismatch between expectations and reality, in other words, a slow computer.
If you’ve ever been stuck with an old computer that just couldn’t keep up or that regularly crashed, you know the effect this can have on morale. An employee sitting there first thing in the morning for five, maybe even 10 minutes just waiting for the PC to boot up has roughly the same amount of time to sit and think. And often those thoughts drift quickly to things like “This company can’t even give me the tools I need to do my job effectively” — or worse.
Drain on Productivity
Related to the effect on morale is a negative effect on productivity. If an employee is staring at a boot or load screen or watching a spinning circle, that employee is not doing productive work. In many roles, all available productive work lies within whatever software isn’t loading fast enough, or otherwise relies on the slow computer.
Instead of being productive, employees are stuck waiting. You can almost feel the morale draining from their bodies as they do.
Security Concerns
Old computers present significant security concerns that disappear entirely when that older hardware is removed from the equation.
One of the most serious is a lack of updates. Security researchers and bad guys alike are constantly discovering new flaws and vulnerabilities in software, operating systems (like Windows and macOS), and even hardware. Usually these vulnerabilities get fixed (or patched) quickly — which is why it’s so important to keep your software and OS up to date, but that’s a separate blog post.
The problem comes when a particular piece of hardware is no longer supported. Think of your smartphone: an older iPhone eventually isn’t capable of updating to the latest version of iOS. The same thing happens with Android and with desktop OSes.
Once your hardware reaches a point where it’s no longer receiving updates, it’s left unprotected from any new vulnerabilities that are discovered.
Sometimes you’ll have a PC performing a specialized task that relies on legacy software, and that software only runs on an older OS, like Windows 7 (or, gulp, Windows XP). The only problem? Microsoft stopped actively supporting those older operating systems years ago. When new vulnerabilities are discovered, no one’s doing anything to patch them.
Hidden Maintenance Costs
Last, old computers create hidden maintenance and repair costs for your organization. One white paper estimates the “stealth costs” of maintenance and required upgrades land at $561 per PC once those PCs are four years old or older.
Keep in mind as well that all of these problems circle back on each other: when that older PC needs maintenance, the employee using it isn’t fully productive — and likely isn’t happy.
The Direct ROI New Computers Deliver
Not only do old computers create hidden and not-so-hidden costs, keeping your team’s machines current creates a direct return on investment. Here’s how.
First, it’s not rocket science to say that new computers run faster than old ones. When your team members can do any and every business task without sitting and waiting for their computer to catch up, they can accomplish more. So new computers deliver a productivity boost that in turn should increase revenue.
Second, new hardware gets the best support from OS makers like Microsoft. You’ll always be able to run the latest version and take advantage of the new and updated features it contains.
Third, you’ll see a drop in service tickets because new hardware is much more reliable than old computers. You’ll save time and resources on your service desk costs, plus you’ll avoid the associated downtime and loss of productivity that come with unreliable hardware.
Two Options for Replacing Those Old Machines
When it’s time to replace those old computers, you’ll need to determine how you want to do so. There are two main methods: purchasing and provisioning machines yourself or doing so through an IT service provider.
When you work with your service provider for this, you’ll gain an expert guide who can advise on what specific hardware makes sense for your business functions. Your IT service provider will handle purchasing, installation, initial setup or provisioning, and even haul-away or recycling.
When you do this work yourself, all those decisions fall to you or your IT team. You’re forced to spend time and energy researching various vendors and specifications, and you’re responsible for the transition from old to new hardware.
There’s a lot that can go wrong in that process if you don’t have the right experience and processes in place, which is why we highly recommend you work with an IT service provider like us for your next IT refresh.
Questions? Ready to start the upgrade process? Reach out to our team today!
There is a shift happening in the marketplace where businesses are increasingly choosing to outsource specific roles to Managed Service Providers. There is a realization that it is not effective for larger entities to outsource all IT roles.
After 100+ endpoints, it’s important to have an internal IT manager or team. However, the IT budget does not always grow as fast as the IT department needs to. Therefore, IT leaders are choosing to outsource certain tasks to ensure the organization can have the proper technical support while sticking to their allocated budget.
Shifting to Co-Managed IT can seem like a daunting task. Our goal with this guide is to give you the tools you need to be successful in this transition.
Step 1: Evaluate multiple providers
This is without a doubt the most important aspect of transitioning. Consider the below points:
Evaluate at least 3 providers – You want to make sure there are a wide variety of plans and proposals presented. It’s also recommended to have at least 2 meetings per group that you are considering. Anyone can fake the first meeting. Ask them the direct questions found in the E-book. Spending enough time with the individuals at each organization and uncover the good, the bad, and the ugly.
Go visit their office – Go look around. Is the office a mad house? Is it organized and efficient? How is the physical security? This tip can reveal a lot about the management and employees at a potential provider.
Ask to speak with an engineer – The level 3 engineers are going to be the most honest individuals you may ever meet. They usually don’t care about the sales process and will tell it how it is; a great way to get some honest expectations around working with this provider.
Always get references – This is a must! Get at least 3 references (ideally more) and actually call those individuals. This should be nonnegotiable.
Step 2: Clearly define Outsourced/Augmented IT role before agreement begins
When you fully outsource your IT operations to a Managed Service Provider (MSP), they assume all responsibility of an organization’s IT infrastructure and network security. However, as a business gets larger, it will not make sense to outsource ALL roles. However, it also won’t make financial sense to bring everything in-house (usually). So, a mixture is not only common, but growing in popularity. This mixture will require the company leadership, in-house IT, and outsourced IT to set clear expectations of roles.
Here are some examples of clearly outlining outsourced roles:
Server management: Changes made to the server, security audits, updates, and migrations are done by the MSP.
Backup and Disaster Recovery: The MSP manages the data backups onsite and offsite. They monitor, test restore, and all the other plethora of items associated with data redundancy.
Level 1, 2, or 3 help desk: Outsource lower level or higher-level help desk tickets to the MSP.
I’m sure you can see why internal IT departments outsource. Imagine the backup scenario, for instance. In-house, you may need a dedicated individual for that one role. That is a big expense for just one role. The other option is to have them take on additional roles. That’s great, but that spreads them thinner which will inevitably lead to a ball being dropped. Unfortunately, the ball cannot be dropped even once when it comes to data backup or network security. Too much at stake.
Step 3: Onboarding with a new IT company
This is a critical part in the process. You may have been blown away by the sales process/person, but now it’s time to see if the organization can back it up. On the flip side, the sales process may have completely sucked but you decided to give the provider a try anyway. Just because an organization puts a lot of time and effort in sales does not necessarily mean they will put the same level into their service, and vice versa. This phase will flip the rocks to see what’s under the nice haircut and polished presentation.
Factors to consider:
Is there a clear timeline and expectation for onboarding?
Did they meet or exceed this expectation?
Were you informed and comfortable with every step in the process?
How was communication? If communication and response is not quick in the “new client” phase, you better believe it will not get any better.
Did the provider provide excellent recommendations to improve your workflow, or did they just provide recommendations that will make them more money and do very little for your productivity?
Here is the unfortunate truth: If anything is dropped, delayed, or unsatisfactory during onboarding you need to understand that’s probably not an anomaly and may be present for the remainder of your partnership. If multiple items went wrong, then you have a critical question to ask yourself: Do you halt the transition and restart the process at Step 1? Or are you going to be okay with the level of response and attention to detail that you received during onboarding?
If the onboarding is smooth, communication is on point, recommendations are helpful, and the timeline is met, then congratulations! You probably found the right Co-Managed IT Firm.
Bonus Tips for a successful transition to a Co-Managed IT Firm:
Speaking from experience again, Managed Service Providers usually love Co-Managed IT partnerships. It frees them up to handle very specific roles for the client which makes them more efficient, and profitable, overall. Because of this, they are often willing to come down slightly on their typical managed service price. Whether this is the per workstation, user, or server price. See the full article on Managed Service Pricing HERE. Granted, you don’t want to push them too hard on the price. If you think they are the right fit, it’s not worth starting the partnership on a bad foot by requesting drastic adjustments or ultimatums.
Tool kit! A good MSP has a ridiculous number of security, network mapping, and other productivity tools they utilize to support their customers. Oftentimes, it’s cost prohibitive for an-house IT to purchase some of these tools. Since MSPs support so many endpoints, their per device price goes down quite a bit. Usually, they will have little to no problem providing access to some or all these tools. This can provide a significant value proposition for your internal IT. So, make sure to ask the provider what tools they will utilize to support your organization and see if your team will be able to leverage any of them.
