When you work with an IT provider you put a lot of trust in them to keep your company protected from online attacks, data loss incidents, compliance violations, and devastating downtime.
Often business owners won’t ask the right questions when evaluating technology support and managed IT services and they end up finding out too late that the provider didn’t fully have their back.
Some providers follow best practices for IT management and cybersecurity, while others may cut corners. You want to ask the right questions to ensure you’re working with someone that “dots all the I’s and crosses all the T’s” when it comes to protecting your company’s technology infrastructure.
Here are five important questions that you should ask your IT guy today to ensure you’re not at risk.
1. Can You Prove My Backups Work?
Backing up data is only one part of the process. Data also has to be able to be fully restored fast in the event of a data loss incident.
Unfortunately, many companies think that their backup is being handled by an IT provider and don’t give it a second thought. Then, they’re hit with a ransomware attack or another data loss incident and find out that restoring their data isn’t going to be as easy as they were led to believe.
58% of backups fail during the restoration process.
One of the reasons that large companies like Colonial Pipeline end up paying the ransom to ransomware attackers is because they find it’s going to take too long to restore their backup and they feel they can get up and running faster by giving the attackers what they want.
Any good IT provider should be able to prove to you that your backups work by providing a full restoration of your data. This is actually something that should be done from time to time as part of disaster preparedness.
2. If My Server Died, How Long Would It Take to Bring Back Online?
Downtime makes up a majority of the costs involved with any type of cyberattack or hardware failure. The longer a company is down, the more business and productivity time they’re losing.
Downtime can cost over $85,000 per hour, and the average downtime outage is 79 minutes.
An IT provider needs to be proactive and not just reactive when it comes to downtime. For example, they should already identify the answer to, “Do we have backup hardware to restore data to?”
If your server goes down, you don’t want to have to wait to procure another server before you can restore your data and get back up and running.
One thing that Leverage IT does for our customers is to provide fast disaster recovery through automatic virtualization of server data either onsite or in the cloud.
3. How Are You Protecting Me Against Network Breaches?
Cybersecurity is one of the most important areas of IT support. Just one malware infection or data breach can lead to hundreds of thousands of dollars in operational losses and data privacy compliance fines.
It’s important to know in detail how an IT guy is managing your company’s IT security. Some of the standard best practices that should be in place include:
- Anti-virus with proactive monitoring
- DNS filtering
- Intrusion Detection System
- VPN Service
4. What Cybersecurity Training is Being Offered to My Employees?
One vital piece of any security strategy is cybersecurity awareness training for employees. A majority of malware attacks and data breaches happen via phishing emails, which are directly targeting unsuspecting employees.
If an IT professional doesn’t offer solid and ongoing employee training on security, that’s a big red flag that they’re cutting corners or not knowledgeable enough to keep your company fully protected.
Ongoing training that hits the key points of how to spot and deal with phishing, how to keep devices safe, etc. is vital to your security efforts.
5. How Are You Keeping Me NIST, CMMC, HIPAA, etc. Compliant?
Many companies have to comply with one or more data privacy requirements, such as CMMC, HIPAA, and others. It’s important to know exactly how your IT provider is keeping your company compliant and that they understand the intricacies of the regulations you need to adhere to.
Look for firms that are compliant themselves and ask what model a provider is following to meet the compliance requirements of a particular IT security standard.
You should also ask them how they would help you with reporting requirements should a data breach occur.
Looking for an IT Provider that Checks All the Boxes?
Leverage IT Group can help your DFW area business ensure you’re getting rock-solid IT support that doesn’t leave you at risk of downtime or major security incidents.
Contact us today to schedule a free consultation. Call (469) 458-0559 or reach us online.