3 Things Your IT Firm Is Not Doing, But Should Be

Christopher Lentz | October 07, 2013 04:20 PM

If you have owned or operated a small business for more than 5 years you have likely worked with more than one IT firm. Maybe you were looking for a better price, or worse you were replacing an incompetent firm. Either way, it is probably a safe bet that you have had your doubts about even the best IT firms. You are not alone, we have all had our doubts about vendors and their practices...or lack therein. Today, we are going to discuss how your current IT firm falls short and what clues to look for.


Making your clients feel warm and fuzzy is on of every company's top priorities. However, some IT firms will actually either negate or falsify their regular reporting to you. Have you ever had a major issue one week and then have a business review with your IT firm a few weeks later and they tell you everything has been fine and dandy? Ever gotten a report with lots of GREEN graphs all over the place? If so, you have likely been part of this first group. Here is a way to check: Go back through the reporting your IT firm has given you each time. Are there pages in one set that are missing in another set?

Those of you who receive reporting are lucky, there are still some IT firms that do not even give a regular reporting to their clients. If this is you, it's time to look for new IT support...yesterday!


Backup testing is the key to a successful disaster recovery plan. Without testing your backups you risk not being able to recover your businesses most critical data in the event of a natural or man-made disaster. Though there is no easy way to check on this item, your best bet is to simply ask your IT company to demonstrate the testing process for you from time to time. If nothing else, they should at least be notifying you that they have successfully, or unsuccessfully, tested the backups for all your business critical systems. If they can\'t do that...they may not be testing it at all.


In IT we experience all types of users, some who are not so good at remembering their passwords even when they are simple. The truth is, some IT firms allow their clients to have loose standards when it comes to passwords. This problem is two-fold: One, a password should only be known by it's user. Two, those passwords should be complex and changed on a regular basis. Let's look deeper at the first problem.

When your IT staff or other people know you passwords, you run the risk of them getting upset one day and reeking all sorts of havoc on your accounts. The best practice is to create a temporary password and require the user to change it upon their next log on attempt. This ensures that only the user knows that password.

For the second problem, it is going to take some convincing for some of you. We understand that it is hard to keep track of passwords, especially in our overly digital world. If your IT team is good though, most of your business critical apps are using a single sign-on of some sort. Keeping a password complex helps protect you from malicious hackers and even disgruntled ex-employees. Changing the passwords on a regular basis means that malicious users have to start over again if they have already gathered your encrypted data. The more frequent your password changes the better...but we recommend every 60 to 90 days.

The world of the small business is growing ever more dangerous in this evolution of technology, why not stay ahead of the game by following best practices and making sure your IT firm does the same.

If you're not sure how your IT firm stands up to these tests, give us a call at 408-844-4808 and we will give you a no-cost consultation to help assess them from head to toe.


Enforma IT provides Cisco Network Consulting, VMware Virutualization Consultanting, and Server/Desktop Support in the San Francisco Bay Area, Oakland, San Jose, and Chicago metropolitan areas.

© 2019 Enforma IT. All Rights Reserved.