FAQs: Common Business IT Questions

Outsourcing means hiring external vendors to complete tasks that are currently (or are traditionally) performed by internal employees. As business needs have become more complex and specialized, outsourcing of IT services has become a cost effective way to get the expertise you need at a lower cost—especially with highly technical roles like IT support and cyber security.

IT outsourcing can take a few different forms, from project work to outsourcing only a specific ongoing task, such as your after-hours help desk, to providing a set number of IT support hours per month. These are what is often referred to as “break-fix” solutions because they are designed to fix a problem or concern. What they don’t do is work proactively to keep problems from occurring in the first place. For that you need a managed service provider (MSP).

Managed IT services provide a comprehensive solution that usually includes a help desk and project expertise, cyber security and proactive monitoring and strategic insights that keep your network humming. They provide 24/7/365 coverage for a flat monthly rate and their teams are large enough to have specialized experts in complex and highly variable areas of IT, such as cyber security. All of this for less per month than most companies would spend on a single IT hire. It’s no wonder the outsourcing of IT services is becoming the go-to method of support for small and mid-sized businesses.

When you hire an external vendor to provide as-needed tech support to your team, it is called IT help desk outsourcing. While managed service providers provide help desk services as part of their suite of services, when the term “IT help desk outsourcing” is used, it usually refers to a standalone solution.

Help desk staff are typically reachable by phone, email (or support ticket system) or chat and do their best to help the user with his or her immediate issue. This may include:

• Running diagnostics.
• Installing or updating programs.
• Repairing or making changes to hardware or software.
• Escalating unfixed issues to someone with more experience.
• Follow-up to ensure that customer issues were resolved.

When you use a managed service provider for your help desk, there are additional benefits. Your MSP team will know your network inside and out, as well as your business, making it easier to fix issues and ensure those fixes stick for the long term. After all, this is the same team that is actively working to prevent issues from happening. Outsourcing your help desk as a standalone service usually means the technicians providing your support will have far less insight.

IT project outsourcing is when you hire externally for a project with a specific scope and time period. It often involves integrating multiple systems and even other vendor services. Think of a project to migrate your business from an on-premises server to a cloud solution. That cloud migration project requires specific skills, previous experience and a lot of dedicated time to go smoothly; things that most in-house IT teams will have trouble fulfilling. Project outsourcing is the answer. Some managed service providers will offer IT projects in general while others will only complete them for their managed clients.

Other common IT projects are email migrations and CRM integrations.

A managed service provider (MSP) supports your company’s IT needs including your network and infrastructure — usually for a flat monthly fee that’s all inclusive. Because of the payment model, MSPs are incentivized to keep your systems up and running. After all, they are paid the same whether they spend five hours proactively monitoring and pre-empting issues or 500 hours fixing tech fires and outages.

A managed service provider is more than a help desk (although their services include that). They don’t wait around until things break and then fix them. They are proactively improving your systems to make sure they run without interruption, improving productivity and security.

Their job is complex and involves monitoring and protecting all your endpoints (devices, computers), data and infrastructure (servers). They also proactively monitor and patch manage your network to prevent disruption. The best IT providers operate as a partner to your business, helping you stay ahead of the latest tech trends and plan for future needs. Learn more with our Choose IT Support Checklist.

A cloud service provider is a third-party company which offers cloud-based application, platform, infrastructure and/or storage services. It’s akin to a utility company in that you only pay for the services you use (usage based fees). A cloud managed service provider bundles your cloud services along with the support you need to keep it optimized and secure into a managed services agreement.

There are many different types of cyber security services providers, all of which protect your data to a degree. They focus on cyber security by using software and tools to identify vulnerabilities.

When you work with a cyber security managed service provider you receive end-to-end technology services including cyber security. They are also called managed cyber security service providers or MSSPs.

An MSSP ensures your infrastructure is secure. They assess for risks/gaps thereby identifying other vulnerabilities. After they close any found gaps, they provide recommendations to implement specific security and productivity improvements.

Your system is monitored and supported 24/7/365. When you partner with an MSSP, tech problems are handled immediately as they proactively respond to attacks — usually blocking them before they breach your system.

A quality cyber security managed service provider will also provide ongoing security training for your entire team. An unwittingly uneducated staff is a business’s top security vulnerability. MSSPs provide training to all your employees so they become part of your defense. Learn more about choosing the right cyber security partner for your business.

Yes. Many. Here are just a few of the top cloud computing benefits for small business:

1. Accessibility. Because your data is housed off-site and accessed via the internet, your staff can connect to it from anywhere and they can do it simultaneously with other staff members. It also saves employee hours as they no longer have to wait for the other users to respond. They work together. In addition, there is a cost saving in that application and software upgrades do not have to be done on each user’s computer. It’s all done in the cloud.
2. Flexibility. Cloud computing increases user flexibility and manageability by adding or expanding technological infrastructure resources on an as-needed basis. No need to estimate how much data storage you will need next year nor how many locations are needed to access that data. Data storage can be scaled up or down depending on your needs.
3. Lower infrastructure costs. No longer will you need to plan for capital expenditures, like purchasing servers. With a public-cloud delivery model, you will only plan for the operational expense of the third-party infrastructure. This saves money in two key ways:
• You’ll need fewer IT hours to apply and manage your data.
• You will be on usage-based pricing so you only pay for what you use.
4. Less maintenance. Applications do not need to be installed on each user’s computer. They’re on the cloud, so those programs are accessible even if users are working from a different workstation or traveling.
5. Easier to adjust at peak demand cycles. Resources and costs are shared across a large pool, meaning:
• Infrastructure can be centralized in locations with lower costs.
• Peak-load capacity increases.
• Efficiency is improved for systems that are often underutilized.
6. Redundancy of backups. By using multiple redundant sites, cloud solutions protect your data and make it available even if there is a disaster or cyber security threat.
7. Security. When implemented correctly, the cloud is just as secure or more secure than traditional systems.

Many companies consider co-managed IT services to be the best of both worlds because you, the client, decide how much you want in-house and what you want from a managed service provider (MSP). With co-managed (also called hybrid) IT services, you maintain an internal IT team but leverage an MSP for additional expertise and support or specialized services.

Here are a few examples of how a hybrid IT setup might work:

• Your in-house IT team handles the day-to-day IT maintenance. You lean on the expertise of a managed service provider for advice and assistance.
• Your MSP helps you to strategize, plan and select the tools needed for them to become an outsourced CTO. Your internal IT team executes those plans and manages your systems.
• Your MSP provides your after-hours help desk and coverage for sick and vacation time to keep your internal team from burning out. Plus, they offer additional bandwidth for peak times or special projects.

Cyber security assessment services are professional tests that help determine and address your cyber security risks. There are many types and which you need will depend on your industry, company size, type of business and your risk tolerance.

The most common cyber security assessment services include:

• Vulnerability assessment. The one test most businesses need, a vulnerability assessment finds potential weak spots in and outside your network that could be exploited.
• Penetration test. This is a “practice” cyber attack run by “white hat hackers” (authorized cybersecurity experts). They are complex and expensive tests that most small businesses don’t need.
• Network audit and access review. A network audit looks at everything on your network. It is helpful for finding unauthorized software or hardware installations as well as licensing or performance issues. Access reviews look at who has what permissions on your network and applications. Limiting access is one of the best ways to protect your cyber security.
• Compliance audit. Is your company following all the rules, regulations and laws that relate to your industry? A compliance audit will find out. There are many types of compliance to consider, from common PCI compliance (required by any business that accepts credit card payments) to specialized requirements for DoD contractors. An audit will first determine what areas of compliance impact your business and then examine your business and external partners or vendors.

Finding managed IT services providers in Dallas Fort Worth won’t be hard, but choosing the right one for your business will be more challenging. After all, managed IT services providers (MSPs) come in all shapes and sizes, from the guy working out of his garage to large national or global firms. To find the top IT provider for your business, start by asking potential providers these questions:

1. What is your average customer (CSAT) satisfaction rating? What’s the period of time that covers? Will you provide references of that score?
2. Do you monitor and support 24/7/365? For all issues or only urgent ones? Who decides the urgency, you or us?
3. Is your office in the Dallas Fort Worth area? If not, where are your headquarters? Will you come to our offices if needed? Do you schedule regular onsite visits to review equipment or train staff?
4. How quickly will you respond to issues or tickets? Will that response be simply “Your request has been received,” or “We’re working on it” or can I expect a resolution time frame? How soon will most tickets be resolved?
5. What about the terms of your contracts: long-term, monthly, quarterly? What is the shortest term you offer? If we decide we’re not happy and want out, is there a penalty and how much is it?
6. Our business is unique (in terms of industry, environment or requirements). Can you provide references from similar current clients?

Once that’s done and you’ve narrowed your search, move to specific IT requirements you need. This free download can help: Choose IT Support Checklist.

Multi factor authentication and 2 factor authentication are often used interchangeably. They are both advanced methods of verifying who you say you are. The difference is that 2FA specifically requires two authentication factors while MFA can be more than two. So all 2FAs are MFAs but not all MFAs are 2FAs.

Two-factor authentication is usually your email/password and one other factor such as previously answered security questions . This significantly lessens the possibility that your information was stolen but does not eliminate it — especially with cyber criminals scraping personal data off social media and other platforms.

MFA introduces another factor, and something that is not purely information based. This may include the use of biometrics (fingerprints, facial recognition, etc.) or an authenticator app on your phone. MFA makes your credentials almost bulletproof and greatly increases your cyber security.

So in the multi factor authentication and 2 factor authentication battle, MFA wins. But as a user, you may not control the options you have on every platform. What is important is to make use of 2FA or MFA whenever they are available. As a business owner, you should implement MFA on your network and require vendors to do the same.

Check out more about multi factor authentication and 2 factor authentication in this blog.

Few changes will have more impact on your business’s cyber security than implementing MFA. But change can be tricky for any organization. Here is a plan to get through the multi-factor authentication set up smoothly.

1. Talk to your IT team, whether they are internal or a managed service provider (MSP). Make it an immediate goal to roll out MFA across your networks and systems for all users.
2. Make end-user training and support a requirement of the transition for the entire team. Your entire team needs to understand why MFA is so important and become comfortable with the new protocols. Training will also help limit the stress of the transition and any impact on productivity.
3. Require that all vendors and partners also have MFA enabled. For any not offering MFA security, consider switching to a provider that does.
4. Establish a process to monitor for invalid access attempts then use that information to improve your cyber security. Monitoring is especially critical with teams dispersed across a variety of locations and settings, such as remote work.
5. Provide quick support to people locked out or otherwise unable to authenticate. This will minimize any attempts to “work around” the system and also make sure that your MFA rollout has as little impact as possible on productivity.

Multi factor authentication is not self-intuitive and implementing it can be a challenge — especially for businesses without strong IT support. Many benefit from hiring an MSP to help with multi-factor authentication set up and ongoing support. Even companies with in-house IT teams often find it more cost effective to partner with a managed service provider (MSP) to support their internal teams.

Some of the primary benefits of IT service management include:

• Adaptability to your needs.
• Reduced risk factors.
• Reduced IT costs (scopes out redundant or obsolete assets).
• Improved efficiency.
• Improved service, which contributes to improved customer satisfaction.
• Enables shared knowledge through workplace teams.
• Reduced downtime when breaches occur.
• Helps prevent breaches and plans strategies for natural disasters and criminal situations.

IT service management achieves all of the benefits listed above by:

• Educating your staff about newly-built technology and sticking to the process, as well as re-educating coworkers when circumstances arise.
• Constructing and carrying out IT infrastructure. 
• Enforcing the right process for your company.

ITSM resolves numerous issues, including all managed service requests. Some common requests include:

• Implementing a change to the system (e.g., “I need to modify/remove/add something to the database.”).
• Incidents that affect the overall system (e.g., “My laptop is down.”).
• Recurring problems (e.g., “This desktop app is stuck again.”).
• Requests for a new piece of equipment (e.g., “I need a new keyboard.”).

Outside of these primary benefits, using an ITSM allows for day-to-day conveniences that help contribute to your business’ success by allowing it to run efficiently and effectively.  

Choosing the best IT provider for your business doesn’t have to be a headache. Our free IT Planning Cheat Sheet takes the guesswork out of comparing IT providers.

An IT service management (or ITSM) company helps improve your IT to best serve you and your customers. They do this by using a process to support, plan, implement, create, operate, and deliver your IT technology. ITSMs supervise all workplace technology, including all technology services, servers, laptops, printers, passwords and all software applications.

ITSMs ultimately reduce costs, leading to better service, which in turn leads to more customer satisfaction. Here’s what an IT service management company does:

• Examines every application and endpoint (computer, phone, scanner, etc.) to ensure they are updated to the latest system requirements (and update them if necessary).
• Helps streamline your infrastructure to improve delivery of the high-quality internet technology needed for your business.
• Guides you on the best type of data backup to handle any possible data breaches, whether they arise from natural disasters or criminal activity.
• Reviews your cybersecurity processes and plans to reinforce the existing structure or offers to replace them with safer ones.
• Ensures your company data is accessible exclusively through an authorized current endpoint user (client, staff, etc.). Additionally, the ITSM will purge the system of former clients or employees who still have access to your network. This protects your company when someone forgets to block their entry or change their passwords when they leave the company.

Finding the right IT Support Partner doesn’t have to be difficult. Download our managed IT checklist. 

A zero-day attack is a cyber security breach that occurs when a hacker exploits an unpatched or unknown vulnerability for the first time (this can also be referred to as “zero-day vulnerability.”)  Here are some examples of zero-day exploits:

• A formerly unknown vulnerability that is exploited 
• Undetected or new malware 
• A known vulnerability that has never been previously exploited

Critical exposures and vulnerabilities are tracked by watchdog tech organizations and websites to distribute to others. Lists of these exploits are tracked, and then these websites and organizations release patches that will fix them. Once the software patch is released, a “zero-day vulnerability” is no longer considered a zero-day vulnerability.

There is often a gap between a zero-day vulnerability and a zero-day exploit. Sometimes, the vulnerability is known, but exploiting the vulnerability might still be a mystery. Additionally, vulnerabilities can sometimes only be discovered once people figure out how to exploit them. 

Your average anti-malware and antivirus software can only seek out what known vulnerabilities and exploits are out there, and as a result, they do not protect against these threats.

Over 50 percent of all small and mid-sized businesses have been victims of cyber attacks. Download our free Cyber Security Essentials Checklist to help keep your business secure.

Have you ever considered the difference between a vulnerability vs an exploit? 

A vulnerability is a weak spot in a system, human or otherwise. Hackers and software crackers can gain access to a network through vulnerabilities. In IT tech systems, it is almost impossible to have no weak spots. It’s important to remember that not all weak spots are contained in the system’s code itself. People are the biggest cyber security vulnerability for many companies. 

Some examples of human vulnerabilities are when a human responds to phishing emails, or when a human generates an easily remembered (but weak) password. Software vulnerabilities include outdated software that hasn’t been patched or updated or a weakness in the software code of a program.

An exploit occurs when a malicious party uses a vulnerability to enter or compromise IT systems or software. Exploits need vulnerabilities to exist, which is why preventing vulnerabilities is so important.

Nowadays, criminals don’t need to be computer experts or sophisticated coders to exploit a vulnerability, especially human-based vulnerabilities. There are automated tools hackers can purchase to exploit weaknesses on a grand scale. There’s lots of information available on the dark web to trick your team into making a mistake and letting them in.

Cybercriminals know how to target your people, so your best defense is to train your team on how to spot fishy (and phishy) emails. If you’re concerned about phishing attempts on your company, feel free to download our Phishing Prevention Cheat Sheet.