Five Things Every IT Department Should Do This January

Evaluate and optimize your IT infrastructure 

Evaluating and optimizing your IT infrastructure is vital in ensuring that your systems and data are protected and that your business can operate effectively. There are a few key steps that you can take:

1. Take inventory or update or audit current systems, networks and storage solutions to create a holistic view of what you have in place and how it is used. 
2. Identify areas for improvement. Ask yourself: How old is your hardware, and what is the expected life cycle? Is it at risk for failure, and what plan do you have in that event? Where are the bottlenecks and areas that require the most resources? Can you optimize or upgrade outdated systems or utilize more modern technologies to streamline resources and run more effectively? Is there software to assist with bringing your processes up to date? Sometimes it’s best to bring in a new set of eyes to audit your infrastructure. 
3. Consider third-party solutions. Are you utilizing the features of your software to maximum benefit? Research and evaluate industry best practices to address any areas targeted for improvement. Often the features you want are already available, but you just need to upgrade your licenses. Consider the balance of cost and value to the organization, compatibility with existing systems, and human resource benefits.
4. Embrace the change! Once you’ve identified best practices and solutions for your company’s needs, implement the changes within your IT infrastructure. Don’t forget to communicate to your stakeholders, including your MSP, how and why these changes are necessary and their anticipated impact.

Enhance your cyber security posture

Cyber threats are at every turn, so there is no single most important step that you can take to enhance your company’s cybersecurity against malware and hackers. Effective cybersecurity involves implementing a combination of measures to protect against a slew of daily threats at your company. However, some key initiatives that you can take this year to improve your company’s cybersecurity posture include:

1. Password management – It is critical to implement a system for employees to utilize that easily manages their unique and complex passwords across the environment for all accounts and systems. Using a top-tier system will also require regular updates and notify you of any dark-web activity of those keys to your kingdom.
2. Patching and updates – regularly updating software and security protocols is paramount to reducing vulnerabilities to hackers. Scheduling these and managing all updates should be built into regular maintenance if it’s not already. Assessing how to address urgent updates routinely ensures a quick response to imminent threats. 
3. Continuous training for employees – subscribing to a continuous training program that rewards employees for staying current and aware of ever-present threats to the work and home computing environments is essential. There’s no bigger threat to your network than an insider threat; if your employees let their guard down, it can put business continuity at risk.
4. Conduct regular security assessments – schedule them for the entire year and build them into your routine now. Regularly assessing your firewall and antivirus software effectiveness, your employee commitment to protecting their private information, and penetration testing should become routine, not an event in and of itself.
5. Don’t forget to protect your backups! One of the primary targets for hackers is to delete your backups and launch ransomware that cripples your system entirely. Once they have a stranglehold on your data and deleted your backup, you’re at their mercy. Consider our enhanced data protection as insurance against those bad actors and insider threats to your business continuity and disaster recovery.

Review and update your disaster recovery (DR) plan

A DR plan should be treated as a living document that is regularly reviewed and updated to reflect changes in your IT environment and business operations. The new year is a great time to dive deep into the plan, checking to see how it’s evolved over the past year, what is still relevant, and areas that should become a higher priority. Doing so ensures you are prepared when a disaster occurs and can recover quickly.

1. Set an unwavering schedule to review your disaster recovery plan.
2. Update the plan as appropriate, reflecting any updates to the DR plan based on the changes to your IT environment, staffing changes, or business operations. 
3. Share the update with your DR provider! It’s important that your managed service provider stay current with your needs. You do not want to be in a disaster recovery event and have your MSP working from an outdated DR plan. 
4. Communicate the updates with all internal stakeholders so they know their roles and responsibilities in the event of a disaster in the coming year. When a disruption in your environment occurs, having a clear chart of responsibilities reduces chaos and helps you to swiftly recover from a disastrous event.

Conduct an annual Disaster Recovery test

Test your disaster recovery plan to ensure that it is effective and you are prepared for when disaster strikes. In the worst-case scenario, failure to properly test your disaster recovery plan could result in the permanent loss of critical systems and data, which could have severe financial and reputational consequences for your organization. By embracing this best practice (which is much easier to conduct with a fully-managed MSP), you can identify weaknesses or gaps in your plan that weren’t apparent previously, as well as ensure that your team is appropriately trained and prepared to execute the plan when needed. 

There are a few steps typically included in an annual disaster recovery test:

1. Define the test scope – Determine what systems and data should be included in the test and the specific scenarios you want to simulate.
2. Prepare for the test – Gather all the necessary resources, including backup systems and data. Assemble the team who plays a role in the overall recovery process.
3. Execute the test – simulate your disaster scenario and exercise your DR plan, including spinning up in a virtual environment and recovering systems and data from backups. Some companies will have their staff physically change geography to emulate the total destruction of their building. 
4. Debrief at the conclusion – Ask your team: How did the recovery process go? Where can it improve? What weaknesses or gaps did we identify? It’s important to include your MSP in this process so they can help troubleshoot any issues or errors and offer guidance on how to better implement the plan in the future.
5. Based on the feedback from your debrief, update your plan to address those issues and bridge any gaps. Remember to share the revised plan with your MSP!

Foster a culture of continuous improvement.

Our last piece of advice is to encourage your team to continually seek ways to keep processes and systems optimized and future-proofed. Cyber threats are increasing at an unprecedented rate. Your team can be your biggest asset by bringing new ideas for improving processes and systems.

1. Provide them with resources and support, including training and development opportunities. 
2. Recognize and reward success for those who help to identify and level up your systems/processes. 
3. Establish a continuous improvement mindset by regularly discussing and promoting the importance of IT excellence.

If you’d like help addressing any of the above, we’re here to help! Send us a message. We’re happy to guide you into a healthy IT new year! 

More DRaaS & BaaS Articles