Finding the right IT company can be a long and tedious process - but once you think you've found the right one for you, don't rush to sign any agreements! Make sure to double check what they are agreeing to do for you, so you know all your bases are covered.
So you’ve found an IT company that you want to work with. Are you sure they’re going to deliver everything you need?
While it’s certainly frustrating to have to do some homework before you sign an agreement, it’s vital that you make sure all your needs will be addressed before you make it official.
Even though you may have a contract that states and governs the managed services, your contract may still lack significant details – it’s better to check now and consider moving on, instead of finding out you’re not covered after you’ve locked into an agreement.
That said, even if you’ve already entered into a contract with an IT company, that doesn’t mean it’s too late to ask them these questions.
Check Your Cybersecurity By Asking Your IT Company These 7 Questions
Take a careful look at the agreement before you sign and double check your coverage by asking the following questions…
1. Do You Follow Best Practices For Cybersecurity Guidance?
There’s no need for security practises and policies to be unique -the Australian Signals Directorate has already developed and shared a comprehensive set of cybersecurity best practices – Strategies to Mitigate Cybersecurity Incidents:
- Application whitelisting
- Patch applications
- Configure Microsoft Office macro settings
- User application hardening
- Restrict administrative privileges
- Patch operating systems
- Multi-factor authentication
- Daily backups
Does your IT company follow these recommendations? It’s a good idea to find out for sure.
2. Are You Keeping Me Secure From Unwanted Access?
An important part of any IT service is proper digital security. To ensure you are safe from cybercriminals, the right computer services company will offer comprehensive IT security measures, including:
- Firewall settings
- Intrusion detection
- Intrusion prevention
- Encryption at the file level
- How those services are carried out
3. Are You Monitoring My Network?
If you’re paying for fully managed services from an IT company, then you want to make sure they’re taking care of your entire system – that includes the network. Network monitoring is a critical part of IT support, especially given any network vulnerabilities that can disrupt your network. Whereas most solutions have the provider monitoring every area of your system, you’ll want to ask them if they also cover …
- Mobile devices
- Virtual machines
- Remote users
4. Are You Testing My Cybersecurity On A Regular Basis?
It’s not good enough to approach cybersecurity with a “set it and forget it” attitude. Cybersecurity needs to be assessed, tested, and updated on a regular basis, otherwise it will go out of date, and quickly.
5. Are You Keeping My Staff Safe From Dangerous Emails?
Ever heard of “phishing emails”? Even if you haven’t, you should make sure your IT company has. Phishing is a hacking technique that “fishes” for victims by sending them deceptive emails. Virtually anyone on the internet has seen a phishing attack. Phishing attacks are mass emails that request confidential information or credentials under pretenses, link to malicious websites or include malware as an attachment. With only a surprisingly small amount of information, cybercriminals can convincingly pose as business members and superiors in order to persuade employees to give them money, data or crucial information.
6. Will You Keep My Data Backed Up?
Data loss is a reality in the modern business world, which is why a viable data backup solution is so important. Find out how your IT company handles backups – if the provider does use the cloud, you’ll want to know:
- How secure is the cloud backup solution?
- Is the backup hosted on a public or private cloud server?
- If it's a public cloud, will they consider using a private cloud for your backups?
- If your data won't get backed up in the cloud, where are the backups getting stored?
In the end, if you’re paying an IT company to keep you secure, then they better be doing their job. It’s your right to check in with them and make sure they’re covering each and every aspect you may be worried about it. If not, then it may be time to find someone else to keep you safe.