Security, Scalability and Growth: Toward a Comprehensive IT Strategy
As a company that focuses on the MSP space, we are tasked with designing IT strategies for a variety of companies. While there is no uniform approach to scaling and ensuring maximum reliability, we often focus on four pillars: Hardware/software sourcing, network security, user training, and scalability. Each one of these are incredibly important in their own right, but when properly designed, they inform one another as the basis of a foundational IT strategy. Let’s deconstruct before moving forward.
Hardware and Software Sourcing
One of the forgotten challenges of most companies is hardware lifecycle management. Technology evolves rapidly and so does the software we use. For companies to stay ahead of the curve, we always recommend hardware leasing so that it imposes a responsible lifecycle management strategy and keeps your equipment current. Overall, you end up paying about 85 percent of total machine ownership over a three-year lease and you get to trade up as new technology emerges, without accumulating a tech graveyard.
Moving your software licenses to perpetual monthly agreements entitles you to always stay up to date and avoid large capital expenditures when it’s time to upgrade. Many software companies, like Adobe and Microsoft, have moved almost exclusively to this type of set up but it pays to be ahead of the curve.
Most importantly, the leasing and cloud license strategies help shift your IT expenses from capital to operating, making your budgets more predictable and manageable.
We often see clients rely on the equipment that they got from Spectrum or FiOS. This leads to ugly WiFi names, twin broadcasts (2.4 Ghz and 5ghz) and, more importantly, a single WiFi password that never changes. This can compromise your security, because employee turnover means that institutional knowledge and security walk out of the office.
We are huge believers in user-based authentication to WiFi networks. Many of today’s enterprise systems have the ability to incorporate with a RADIUS server or even have them built in. This type of setup gives each user on your network their own login and password, that you can provision or de-provision without affecting other users. This can even be extended to device-based management, so you can have full control over who accesses your network and with what type of device.
This is just one of the many instances where a properly designed and comprehensive strategy increases your security and network reliability.
No matter how many resources a company spends on network security, spam filters, and hardware or software, the biggest vulnerability to networks are still humans! As a company, we are firm believers in not only implementing a full stack security solution but training users on how best to use it. We have come across numerous offices filled with tech-savvy users who fall victim to phishing scams.
While imposing email security strategies like two-factor authentication is important, users can still open vulnerabilities via their own personal emails. We recommend running internal phishing tests and scheduling regular security trainings in order to keep all staff apprised of the existing and emerging threats. This ensures that you are not only protecting your staff, but your staff is actively protecting your business.
There is no question that the adoption of cloud technologies has accelerated exponentially over the past few years. We have seen numerous instances of the struggle between physical and cloud-hosted, when it comes to file servers in particular. We are big believers in the cloud, as long as your security protocols and trainings are up to date. Whether it’s G Suite or Office365, Dropbox or OneDrive, Adobe Creative Cloud or Sketch, soft phones or full VoIP setups, running your organizational assets via a cloud portal allows you the flexibility to grow without major capital expenditures. Cloud licenses are designed to scale with your organization as you grow or even as you need to scale back. You can also tie these all together with single sign or cloud identity management solutions, allowing for one-click deployment.
Bringing It All Together
Whatever your industry, companies now need to take each of the broad categories above into consideration. Technology strategy has now fully become business strategy and can no longer be held in isolation. Just think, if you were to lose Internet today, could you properly function as a business? The answer for most people is a resounding, NO! Your strategy needs to be designed in order to maximize what technology can do to find efficiencies, build out scale, but most of all, support your business needs. With the advent of the Internet of Things (IoT) space, companies are now able to even leverage technology to extend to things like physical space security (shoutout to Kisi!) as well as smart thermometers and security cameras, among others.
Whatever components you choose to include in your technology stack, we always encourage outside guidance to help give you perspective. Some parting advice that we always give our clients: Think of where you will be as a company in a year from now and grow into your technology, rather than always playing catch up. By thinking of each of the four categories as you make the decisions, you will always be well placed when it come to IT strategy.