By Legal Futures’ Associate Amazing Support [1]
The average IT Support contract can be baffling for lay people and law firms alike.
It’s easy to get lost in a bunch of jargon. It’s possible that you don’t even know what your business is actually covered for. Here’s some aspects that should be covered on your support contract. If they aren’t, then you should ask your support company why not!
1. Managed Backups & Monitoring
Are you worried that your backups aren’t actually working?
Or maybe you are worried that the backups are completing successfully, but are either too nervous to actually see if you can restore anything from them, or you are not sure how?
In the vast majority of clients that we see, they have a backup system in place that was setup when the server was installed and has never been checked since. Everyone is ‘hoping’ that it will work when there is a problem or disaster but at Amazing Support [1], hope is just not good enough.
Time and time again we have come across failed backups, missed files (the important ones of course) and unsupported tape drives and it simply is not acceptable when a business is reliant on these for disaster recovery, business continuity and data loss prevention.
At Amazing Support [1] we have a proven backup methodology as well as different types of managed backup solutions which have saved clients hundreds of thousands of pounds of potential loss of business, from systems downtime to total data deletion and even encryption of data by ransomware.
Whether a local backup, online backup, disaster recovery as-a-service (DRaaS) or a mix of technologies, we recommend the right backup solutions to work for your business, recovery times and data objectives. We know it works because we religiously check that the backups and disaster recovery processes complete every single day, as well as ensuring that should a disaster strike, we can recover your data and system integrity.
2. Security Reviews and Compliance
Criminals continually find new ways to exploit business networks and steal sensitive data.
Our security and compliance reviews lets us identify external business network weaknesses and validate compliance with regulatory standards through vulnerability scanning and qualified systems auditing.
If your network is left unprotected, thousands of potential entry points on a business network are available for criminals and opportunists. As new ways to access these entry points are invented daily, checking your external business network and critical services for vulnerabilities and exposure is crucial at regular intervals.
As part of our audit review and recommendations, we go through all of your critical systems and services and ascertain how they have been setup and if they are potentially “at risk” from external security threats. One of the additional security tasks that we perform is an external vulnerability scan. This is to identify if there are any security holes in the network that exposes the company to an external threat. It also identifies if a company is compliant to Data Security Standards, notably PCI DSS compliance.
After the security audit has been completed, if your business is not compliant to Data Security Standards or is weak in prevention areas, we help bring these in line with best practice recommendations and business continuity standards, plugging those security holes to ensure maximum protection and “ring-fencing” from potential external threats.
Another significant security issue that a lot of companies do not know much about is Data Leakage and many do not even realise the huge impact it has on their business and their clients. The way employees use internal company data, document storage, web browsing and email is quite unsecure and largely uncontrollable when you think about what they are doing with it.
Scenario 1: A member of staff wants to innocently work on a piece of company information at home, so they email documents and confidential client details to their personal email account.
Scenario 2: An employee has their own version of cloud storage (such as Dropbox or Google Drive) installed on their workstation, enabling them to copy confidential documents and data to their own personal online briefcase to again, review out of the office.
Scenario 3: Anyone in your business can use a USB Flash Drive or CD/DVDs to copy confidential company information in order to work-from home, or simply as a method of backup and portability. Again largely unsafe when you read about unprotected (unencrypted) data going missing on the transport networks.
Scenario 4: Using their web browsers, your staff are able to access “send it” websites or their own personal email account where they can upload and send documents and confidential data to any external email account.
Scenario 5: Unknown to you, your email account has been spoofed/hacked by criminals and you are receiving “seemingly authorised” emails from third parties and banks providing you with account details to make payments to that seem to relate to genuine transactions.
Occasionally, employees also use company data for personal gain especially when moving jobs, which is a major threat when you are competing with similar service companies.
The main problem is, as soon as any of the scenarios above occur, your confidential, company and client information has already leaked out of your network and is completely out of your control in regards to how your data will be used.
More worryingly, you are not even aware when these instances happen (and from recent client audits they happen frequently). Not-to-mention the legalities and professional body intervention if client information is leaked externally. Every company is at risk of data and security issues and the requisite prevention and protection solutions should be setup to ensure that your intellectual property data remains in-house and not used out-of-house.
3. Email Redundancy
Email is king.
It is the one element of a client’s system that causes the most amount of stress when it is not working.
This is because most of today’s correspondence with clients happens through email – be it new orders or simply keeping in touch.
The strange thing is that people don’t really look at their email and take into consideration what would happen if it went down.
At Amazing Support [1] we take email very seriously. We can offer a range of options that give you redundancy, failover or backup all depending on what’s most important to you.
We will even setup a business continuity mailbox that you can access automatically when your local or cloud mail server is offline, ensuring no incoming emails are lost. With the facility to read and send emails at these times, you meet data security compliance standards, as well as Disaster Recovery and Business Continuity objectives.
Get in touch with us so we can look at how you are currently set up and whether that is appropriate for your needs, together with your email redundancy requirements.
4. Server and Network Maintenance
For any businesses it is vital that your servers, workstations and network are constantly monitored and supported.
It is also important that your core systems and network are kept up-to-date with the latest patches, fixes, releases and operating system updates.
However, what is more essential is that an IT Company [1] knows what is going on with your network before a problem arises and resolves any issue even before you realise that one exists.
Our proactive server, workstation and network maintenance is on a true 24/7/365 monitoring basis to ensure your critical systems are maintained properly and we have invested heavily in monitoring platforms to keep your systems online and trouble free.
We understand how important it is that your critical systems are constantly supported, managed and reported on by us. This is handled by our experienced team of support technicians remotely as well as on-site at regular and scheduled periods.
As a business that understands the difference between pro-active, not re-active IT support, our server, workstation and network monitoring and maintenance will keep your critical daily systems stable, updated, secure and supported without the need for any interaction from you.
5. Network Audits
Audits can usually be translated into ‘sales tool’.
This may not be the intention for many suppliers (or maybe it is!) but there is no denying that the process is used more to push a product than to really review the system.
At Amazing Support we genuinely use the audit as a test bed against industry best practice and recognised procedures. If you have a support agreement with us then we will do an audit as part of the initial due diligence with our clients.
We like all of our sites to conform to best standards as ultimately it enables us to support you better and usually results in a more stable system.
We follow the process “circle” outlined below in order to maximise on the information captured at the audit stage, so that we can provide you and our team with the necessary “bible” documentation to support you and understand your site.
If you do not have a support agreement with us but need to have a network health check, then we can tailor this to your specific requirements or areas of concern. If you do have a support contract with us, then our audits are usually carried out annually to ensure you’re using the right IT Support services [1] and that all of the monthly figures tally up. It also gives us an opportunity to see any flex from the previous year, understand growth trends and also discuss any changes in the year ahead.
We are able to perform full disaster recovery and business continuity audits, asset management audits, archiving compliance audits, data leakage and security audits, as well as full system, sites and network audits.
Each of these use our simple traffic light system which highlights and recommends areas which may need addressing or improvements. We don’t try to sell you anything, we simply make best practice recommendations based on our experience. If we do feel a number of matters need to be addressed urgently then we can help you [1] decide how to prioritise them.