Perhaps you have been thinking about outsourcing to have managed IT services. Your focus is making sure you cross your T's and dot your I's in engineering, construction, where IT simply is not your expertise or priority. You don't think it is wise for you to invest in a full-time employee for IT, and you are not alone.
According to Deloitte, managed services is expected to rise to $229 billion by 2020. IT is a big part of that.
What are managed services and why does it matter to you? Managed services involve outsourcing all of a function due to convenience, expertise, and in-house liability.
You may already have a managed IT services provider and may be wondering if you are making the most of your relationship. You may be thinking about getting one, and want to be smart about it.
When you think about it, getting and keeping the maximum value for managed IT services is important. There are increasing concerns on cybersecurity, data breaches, and identity theft with estimates as high as the US accounting for half of the data breaches by 2023. To help you, here are
10 Tips to Get Maximum Value from Your Managed IT Services Provider
We are sharing these 10 tips so you avoid making costly mistakes that may impact your engineering, construction, or consulting firm for years to come.
Once you are done with reading this, you will be clear on what to look for, what to ask, and what to review to not only get maximum value from your managed IT services provider but to keep them accountable.
Here are the 10 Tips to Get Maximum Value from Your Managed IT Services Provider.
1. Review Experience with Similar Firms
You want to ask your existing provider or the managed IT service providers you will review for work with similar size firms, and references. This is pretty standard when sourcing for managed services, or consulting firms. If the firm won't offer any, that should be a red flag for you not to continue with them. You may also love an insight into how IT solutions have evolved exponentially.
2. Ask About International Standards Organization
You will want to make sure and ask for insight into their monitoring programs, policies and procedures, and processes. You will also want to ask about certifications for International Standards Organization, and Sarbanes-Oxley (if they apply for your firm).
ISO 27001 is an international standard that provides a comprehensive framework for information security, identifies more than 100 controls for risk management addressing key areas such as information security policies, physical security, system security, operations security, access control, human resources, business continuity, and supplier relationships.
This also requires them to pass an initial audit, and recertify every 3 years.
3. Double Check on Sarbanes-Oxley Compliance
You will also want to review if your organization must meet Sarbanes-Oxley requirements. This is related to if you are a publicly-traded company and/or own publicly traded debt. If so, you will also want them to have an SSAE 18 Type 2 Certification.
4. Make Sure They Will Support You
You will want to ask if they offer support 24 hours a day, 7 days a week, 365 days a year. Ask if they will grant you a dedicated account manager for your business. Inquire about their team size and how many people they have on their help desk, and the average response time for IT issues.
5. Check on Security and Disaster Recovery
It is important that you keep in mind that if anything happens e.g. breach, hacking, data compromise, you will be the one plastered all over the news.
They will likely be a small reference. With this in mind, you will want to ask what training they will provide to your team, how often they will review your technology, and what their disaster recovery plan is. It is up to you to hold service providers accountable. You are paying them after all.
6. Review for Encryption Tools
Ask them about the tools they use to help you enhance encryption and security for your business, your data, and your email.
7. Make Sure You May Safely Browse
You will want to make sure they are periodically reviewing and preventing malicious software and apps to keep your firm running something, and browsing safely. Some of these suggestions to follow may be helpful here.
8. Ask About Advanced Threats and Backups
There are a wide variety of cybersecurity risks from data breaches to hacking to viruses and more. No one is immune. Finding out after the fact may be a costly mistake that would not only impact the trust of your customers or vendors but just could put you out of business depending on your insurance coverage.
For an idea of the reputational impact and the bottom-line impact of $18.5 million and 41 million customers, just ask Target.
You will want to ask about preventative and automated tools your managed services IT provider is using to catch advanced threats. You will also want to ask how often they will automatically backup your data, and how secure it is.
9. Review a minimum of Five Firms
With all of this in mind, you will want to review a minimum of five firms. You want to initially fill out an online form, and see if they get back to you. If they don't, you don't want to work with them. You will then want to schedule a call and a demo of their tools. You also want to see how you get along with them, and if they would be a great extension of your team.
You will then want to review them for the above items initially via phone and then recap via email what you require. Ask them if they would also be willing to sign a non-disclosure agreement to initially review all your IT systems and scope to provide you with a flat rate.
That alone can save your firm millions of dollars annually. If they are willing to do so, it will show you they are serious and will review your firm. It will also ensure they will work smart and not charge you for their lack of efficiency.
10. Review Terms and Agreements
This is last, but definitely not least. Let's say you are reviewing you are an existing managed IT services provider, going out for a bid for a new one and you finalize your selection. You will want to let them know you require the specifics on key items as agreed upon in your legal agreement.
You may also want to limit the number of new employees they have on your team to prevent from having little senior experience.
Then, you will want to have your legal team, or an attorney, or legal service review the contract for any potential exposure or liability you do not want.
We are confident that these
10 Tips to Get Maximum Value from Your Managed IT Services Provider
With even one to three of these tips, you will exponentially increase the value you are getting or will get from your managed IT services provider.
Please comment on what was your favorite tips are.
Check our blog for more tips on tools, technology, and more like this one on cybersecurity.