Over the years IT providers to small and medium businesses have built their relationships with clients on several different business models to provide various services. The foundation of the relationship has been help-desk, managing and maintaining technologies, and performing projects. In the past several years with an increase in cybersecurity risks and the Covid 19 Pandemic, IT providers were forced to react with varying degrees of success to the changing role they would be playing.
The game has changed. Forever.
The primary driver of the relationship has been to manage and maintain equipment while providing support to users to keep them productive while protecting from data loss due to either hardware failure, think disk drive or user error, or simple malware. Over the past several years and accelerating during the Covid pandemic there has been an explosion in cyber-attacks.
The most common attack that we see is email phishing to deliver either ransomware, compromise business email accounts or take over accounts by compromising user credentials. The trends show an increase in the number, complexity, and onerousness of cyberattacks. Smaller businesses are more at risk than they often believe because they lack the money and expertise to protect themselves and fight back. Cyber-crime revenue rivals the drug trade although the amount of law enforcement resources pales in comparison to fighting drugs. Businesses primarily depend on insurance as a recovery method for an attack as they are viewed primarily as a property crime.
What’s ahead and why that’s a good thing
All businesses must undertake an “assume breach mentality” going forward, especially small, and medium businesses. By changing that mindset, they can then adopt a “security first” approach to IT. This is a foundational change in the relationship from support, maintenance, management to security.
Providers will still have to maintain, manage, and support clients for productivity and business interruptions related to hardware of software issues but now will also have to put in place the roles, processes, and tools to combat the attacks that are already happening and close those gaps. Customers are going to have to invest more in security as it represents the greatest threat to their business today.
Conclusion
The game has significantly changed and so must the relationship with your IT provider. Hourly, block hours and basic managed IT services are no longer enough for the increased risks that businesses are facing.
The new foundation requires providers also provide managed IT security services. If your provider isn’t talking to you about security, the threats your business is facing now, the trends they are seeing and strategies for dealing with these threats it’s time to find a new provider.
Scott Cooper is the President of Tower 23 IT, an IT outsource solution for small to medium businesses specializing in protecting client health and financial data to meet privacy, compliance and security requirements in the healthcare, legal, financial, and manufacturing industries. Scott can be reached at scottc@Tower23IT.com or 858.877.6219.
