Which IT Best Practices Do Managed Service Providers Recommend?


December 18, 2014

IT professionals often differ in opinion when it comes to best practices. In almost every case when MyITpros takes over management of a company’s IT systems, we make changes to align with our best practices. We do it because we believe the client will benefit from improved performance, stronger security or reduced cost.

Does this mean the previous managed services provider’s best practices are wrong and ours are right? Not necessarily.

Information technology is exceedingly complex. There are so many ways to skin the IT cat, it’s not surprising MSPs differ in their approach. It might be more surprising to find two MSPs whose best practices are identical.

Here are three examples of MyITpros’ recommended best practices that may differ from those of other IT professionals. Some are even shunned by our own clients.

1: Restrict Administrator Rights on User Computers to Eliminate Threats from Malware

For years Brady Adams did not have antivirus software on his laptop. Brady is our Director of IT and Projects, and our most senior engineer.

“I did it to make a point,” he told me. He didn’t need it because he didn’t give himself administrative rights. For all those years, he never had a virus or malware of any kind.

Why? Admin rights allow you to do anything with a computer. This includes installation of any program, whether it’s intended software or a hidden malware. If you don’t have admin rights and click on a malicious link or open an attachment with malware, it cannot install because you are not set up to install anything.

Enterprise IT departments in large organizations routinely lock down user computers and the only softwares allowed are the ones installed by IT staff. We’ve recommended restricting admin rights to many clients over the years, and almost none of them agree to it. Their reasons are varied and may sound familiar to you.

In the world of small business the threats are just as real, but cultures are different. Some business owners want to allow their people the freedom to install personal applications on company computers, whether it’s the Office Manager keeping her personal finances on Quicken, or the Marketing Coordinator listening to Spotify while promoting his latest blog.

Most small businesses outsource their IT support, and many don’t want to add costs by having to pay an outside professional every time they want to install software.

Some popular applications require users have admin rights to function properly. There are ways to allow non-Administrator users to run software as Administrator, but it requires extra steps that people don’t like to take.

Our guiding principle is to do what’s best for the client. Because many want or need their users to have admin privileges, we have a set of recommendations and best practices for that.

2: Create and Maintain a Business Resumption Plan

We’ve written a series of blogs about business continuity and disaster recovery. These best practices are important and may be the difference between life or death for an organization, yet these blogs are rarely read.

We also offer a Business Resumption Plan template on our website, which is a fairly popular free download. But the actual work of filling in the blanks is rarely done. Doing the work is not complicated but takes time, and it seems there’s always something more important to do.

We handle many components of business continuity for our clients, including comprehensive data backup and recovery to and from secure data-centers. Almost one in five of our clients has no servers on premise, and having servers in the cloud checks off multiple boxes for business continuity and disaster recovery. If your servers are in MyITpros’ cloud and your office is unavailable for any reason, you can still access your data and applications from any device that has a high speed Internet connection.

Reconnecting to applications and data is an important piece of the puzzle, but if your office is damaged or destroyed by fire, flood, or worse, there are other important considerations. When a crisis occurs, the time you’ve invested in a business resumption plan means you have measures in place for communications with staff and clients and recovery of telephone and other systems. You know which business functions (like customer service, finance, HR, sales, or marketing) are the highest priority, and how you will get those processes functioning again.

There’s little to no disagreement that business resumption planning is a best practice everyone should follow, but few do.

3: What Are the Best Hardware and Software Choices?

When making recommendations, the first question we ask is: does this solution address what the client needs? If so, we then assess vendors and their products and services on three key factors:

  1. Quality
  2. Price
  3. Service after the sale

Our primary recommendations change as technology changes, and we’ve worked with many vendors over the years. Our current lineup of vendors, products and services is strong, but it differs from other MSPs.

I’ve seen some rousing debates between IT professionals over which is the best server, desktop, laptop, firewall, antivirus, antispam, data backup, phones, Internet, and so on. When you’re talking about the top 3-5 choices for any of these things, there are always pros and cons. How can a small business know which best practice is best?

In the end, you should choose a managed service provider for a variety of business reasons, then follow their technology recommendations. Their best practices are based upon their experience and expertise, and your experience might sour if you insist on standards that differ from the what they know best, and believe in.

If you’ve taken an informed approach to choosing the right managed service provider for your business, and you’re confident in their knowledge and you trust in their people, you’re likely to reap ongoing benefits from following their recommendations.

If you’re looking for an IT service provider click the button below to download our free ebook.

[include id=”13″ title=”Blog CTA How To Find The Right IT Services Provider”]


Chris-BoyleChris Boyle, CEO

Please subscribe to view my upcoming articles. Our goal with this blog is to answer the questions you ask. If you have any questions about the best IT practices or any topic email me at chris@myitpros.com.


We're Integris. We're always working to empower people through technology.

Keep reading

4 Cybersecurity Takeaways from China’s Largest Data Breach

4 Cybersecurity Takeaways from China’s Largest Data Breach

Cybersecurity drama strikes again as human error leads to China's biggest data breach and perhaps the most significant hack of personal information in history. According to Threat Post, the incident was triggered after a Chinese government software developer wrote a...