As the business environment evolves, we are all becoming increasingly reliant on our IT infrastructure. As a result, it is now more crucial than ever that SMEs have agile, manageable and secure IT systems in place to protect their business from threats.
As business owners, we will hopefully have a degree of control over our IT systems. If we’ve planned well we will have the right people in place (internally and externally), deploying the best solutions and regularly maintaining systems, with on-hand expertise at the ready to resolve any technical issues that surface across the business.
BUT, imagine this…
Your IT resource disappears overnight. You get into the office and can’t log onto your computer. The team are no longer available, you can’t call them and you can’t fix the problem. What would you do? How quickly would you recover? What would the cost be to your business?
The message is simple: Plan for the things you think will never happen.
Any significant disruption to IT systems can have a severe impact. Everything from a cyber-attack to the loss of key system documentation or personnel can create disruption within organisations, with businesses of all sizes at risk.
In these scenarios, the best case is loss of productivity and revenue, the worst case can be inability to trade at all through extended periods of downtime. More recently, particularly in light of GDPR, IT failures can also result in regulatory issues in tightly controlled sectors such as Financial or Legal services.
For many business owners with a number of pressing items on the to-do list, the temptation with IT may be to back off and leave it to the experts. We often hear statements like “I don’t have time to deal with it” and “IT is not a top priority for me right now”.
Business owners don’t need to learn how to configure a network or a server but understanding how your infrastructure works and the risks associated with it must surely now be a key part of running any organisation.
As a starting point there are some simple steps we should all take (if we haven’t already), most of which don’t take a huge amount of time or cost to implement, but will likely make a big difference:
- Ensure your operating systems are up-to-date
- Make sure your anti-virus software is monitored, installed and working (you get what you pay for here so seek advice if you’re running free software (they’re free for a reason!).
- Re-run your vulnerability scans and quickly fix any discovered vulnerabilities
- Train employees to look for suspicious activity (opening unknown emails is only one aspect of this)
- Check you have your network and systems documented
- Make sure a senior person / business owner has access to all system information/passwords
- Test your password strengths
- For the technical aspects, make sure you have regular contact with your IT team or provider to ensure that they are keeping on top of things.
For those outside the IT industry, this may seem to be a complicated minefield but the ‘head in sand’ approach can be dangerous. The cost of maintaining technology, dealing with new regulations on data processing and coping with the increase in cyber-crime may appear to be significant obstacles for business owners, but the key is to work with a trusted IT partner that can help your business carefully plan for disaster recovery and business continuity in the event of an IT failure.
To coin a cliché, the first steps are the hardest but it’s not as complex as you may think.
Now, more than ever, you need to be in control of your IT.