Technology Upgrades for Small Consulting Firms (7 Easy Fixes)

by

Your small consulting firm will benefit from technology upgrades. We’ll cover seven by incorporating source data from a thirty-person HR compliance and training client. This blog will highlight big picture advantages with select technical details and product names to trigger tech refresh ideas and questions to ask your MSP.

We’ll also emphasize the value of overhauling IT systems in the service of two goals: igniting employee productivity and strengthening cybersecurity resilience.

 

Upgrade your technology with a strategy-first approach.

We encounter fast growth professional services companies all the time who get their start without a strategic technology plan. They begin with two entrepreneurial founders, and within a year, they have several dozen associates.

It’s very easy for a two-person company to set up email, file sharing, collaboration, and storage services with Google and Microsoft. However, this approach will only take you so far.

To avoid diminishing productivity, to reduce employee frustration, and combat rising cybersecurity exposure, consider the following IT improvements:

Review existing IT policies and fill in the gaps with new ones.

When small companies grow by leaps and bounds with makeshift (DIY) IT systems, they usually do so without following official technology plans. This practice makes the review process brief and the drafting exercises for IT governance guidelines more time-consuming.

Your IT policies are captured in a library of related documents with titles that include but are not limited to:

  • Acceptable Use Policy
  • Strategic IT Roadmap
  • Computer Network Diagram
  • Cybersecurity Insurance
  • Regulation and Compliance (HIPAA, GDPR, NIST, SOC, etc.)

Do you need a few practical examples of specific technology upgrades in action? Give every administrator on your network a dedicated user account. For a small firm, this might be one of your employees and one person from your MSP.

Sharing the keys to the kingdom with multiple parties is risky.

Review Microsoft 365 settings with your IT provider to ensure they align with industry best practices. Why? Everything you need is available, but it’s useless if you don’t know where to find the service activation menus.

Learn More: IT Planning and Policy Development

Create a backup and disaster recovery (BDR) plan.

Email and file folders are not automatically archived and backed up in G Suite and Microsoft 365. Can your team gracefully pivot if disaster strikes and access to your data is blocked?

A sound BDR strategy will ensure your digital assets are backed up multiple times per day and replicated in redundant, offsite, geographically diverse data centers. When you couple this with nightly testing of the backups, you certify the process is working.

With the right mix of cloud services, you reduce the business impact of office space-related disruptions like Internet outages, loss of power, and pandemics. Better business continuity is the ultimate IT upgrade.

Learn More: Datto BDR

 

Elevate your security technology.

Your security posture is elevated when it dynamically incorporates people, processes, and technology.

Once IT policies are established, your team has a sheet of music to inform their interactions with every tech tool in your enterprise.

Institute Cybersecurity Awareness Training.

Increasing user awareness and reinforcing defensive behavior is the best way to protect your company from data breaches, ransomware, negative PR, client loss, and lawsuits.

This initiative is non-technical, and the lowest common denominator is teaching employees not to click on random email links and attachments.

Human error is the cause of more than 95% of data breaches, so small changes in user habits will reduce big problems.

Implement Multi-Factor Authentication (MFA).

MFA is easy to set up. It’s a simple cloud service add-on, available in free and subscription-based versions.

Here’s how it works:

  • You enter a user ID and password into a secure site.
  • A screen pop-up prompts you to enter a unique code.
  • This custom-generated identifier arrives via text, email, or voice.

MFA is highly effective because threat actors are unlikely to have access to your email, cellphone, and credentials at the exact moment you are trying to access a secure site.

Learn More: Make an MFA Upgrade

Update your patch management policy.

Updating patch management usually means creating a policy with a schedule, conditions, and a regular cadence.

Smaller organizations typically lag in this area because it requires technical expertise and automated systems that are too expensive and impractical to maintain in-house.

Your MSP will also know which Microsoft patches are safe to install right away and which ones can wait. Some updates need vetting because they are not ready for prime time.

Install a comprehensive antivirus (AV) solution.

AV has come a long way over the past five years with an expanded array of related services. Terms like endpoint detection and response (EDR), AI, zero-day threat intelligence, and machine learning appear on leading AV vendor websites

Frequently labeled “next-generation,” centrally managed enterprise AV monitors and controls all devices from one location, with a unified corporate policy.

This single source of truth and accountability allows for real-time alerting, updates, and the ability to apply the same configuration to all systems and employees.

Individual machines have ineffective, legacy AV solutions. This confinement leads to a higher likelihood of standalone machine failures, which can compromise your entire network.

Learn More: Next-Generation Antivirus

 

Modernize IT systems for your consultants.

Modernize aging business technology before it has a detrimental effect on the attitude and performance of your team.

With multiple hardware, software, and cloud endpoints, IT systems lose traction over time as various components experience wear and tear, capacity issues, and misconfiguration.

System slowness, connectivity problems, and the irritation of performing tedious workarounds are common user complaints.

Overhaul and reconfigure your network following technology lifecycle management guidelines.

Your network consists of servers, firewalls, switches, Wi-Fi devices, and long-neglected settings.

If the word “server” seems out of place in a small business setting, you have been doing your homework. We encourage all clients to replace servers with cloud alternatives. In this example, they have two more years before the asset’s amortization schedule is complete.

However, their firewall and switch require immediate replacement. The new firewall will have more robust VPN capabilities. The client needs this functionality because they have employees who log in remotely to access files on the server. Sometimes it works, and sometimes it doesn’t. Enough said. It’s time to renovate.

The new firewall will also have more throughput to accommodate their transition from a 50Mb Internet connection to a 100Mb fiber circuit. Unless they upgrade, their Internet speed will stay the same, and they’ll be paying more. And we can’t let that happen.

The switch needs to go because it doesn’t have enough ports for all the new devices added to the network.

We’ll conclude with a minor programming detail. The client needs to revamp their wireless network to enhance security and performance by implementing the 802.1X protocol.

This detail needs attention as soon as possible because their network is wide open to conference room guests and strangers in the hall. Both factors equate to slower Internet access and a greater risk of malicious intrusion.

Learn More: When to Replace IT Assets

 

Which technology upgrades are at the top of your list?

There’s no time like the present to reimagine ways to improve business operations with technology refreshes.

While several of these technical upgrades are inexpensive to implement, priority number one is creating an IT plan that supports your five-year business strategy.

Do you know which cybersecurity frameworks apply to your business? Have you been stumped by any of the questions on a recent cyber insurance policy renewal?

If you answered “no” to the first question and “yes” to the second, it’s time to engage your MSP in a conversation.

Learn More: The Top Cybersecurity Frameworks

Jed is a Solution Advisor at Integris who has specialized in MSP solution development, sales, and marketing communications since 2003.

Keep reading

Social Engineering Hacks—Are They a Bigger Threat than Ransomware?

Social Engineering Hacks—Are They a Bigger Threat than Ransomware?

We're making a dent in hacking. Cybersecurity tools are better, and employee security training is better too. The emergence of the cloud means that hacker delights like uninstalled security patches happen far less. Now that most companies are backing up and operating...

The Business Impact of the AGCO Ransomware Attack

The Business Impact of the AGCO Ransomware Attack

On May 6, 2022, global agricultural equipment manufacturer and distributor AGCO announced they were victims of a ransomware attack. The cyber assault hit some of their production facilities on May 5. Restoring operations to normal will take several or more days. While...

Cyber Threat Training: Cyber Threat Analysis Training for Businesses

Cyber Threat Training: Cyber Threat Analysis Training for Businesses

When it comes to your business’s cybersecurity, your employees are your front-line fighters. Ensuring every person who works for your company receives cyber threat analysis training keeps you and your private information safe from hackers. If even one employee out of...