The Security and Financial Perils of Do-It-Yourself IT
Doing IT yourself might seem like a smart way to save money, but the risks aren't worth it.
A man who is his own lawyer, so the saying goes, has a fool for a client. You could probably say the same about the small business owner who tries to play IT pro. It might seem like a smart way to save money, but the risks aren't worth it.
What could go wrong? Consider these scenarios.
You'll Underestimate Security Risks
"We've turned on the Windows firewall and our anti-virus software is up-to-date. What else do we need?"
Professional help, maybe? Ask that question of any reasonably well-informed security professional and you'll get a lengthy lecture on the current threat landscape and all the ways that your business can suffer grievous harm from outside attackers. Have you secured your network by disabling the insecure SMBv1 network protocol that made this year's WannaCry worm so deadly? Is your wireless router set up so that guests don't have access to your production network? Are your cloud services configured to require mandatory two-factor authentication? Are your employees trained in the importance of using strong, unique passwords, and have you given them access to a robust password manager or single sign-on solution?
And that's just the tip of the iceberg. You might think your business is too small to be a target, but the majority of attacks now target small organizations. "Small businesses are typically the least able to sustain losses from a successful breach," says Scott Paul, senior director of the Microsoft alliance at AppRiver.
You Might Forget Something Important About Your Backup Plan
You have a backup plan, right? If so, congratulations, you're more prepared than most of your peers. Surveys of small businesses consistently show that the majority lack any kind of disaster recovery plan. And even among those that back up data regularly, few actually test the recovery process to ensure they can get back in business quickly after a disaster or a ransomware incident. Can your business even survive if you can't recover your data within a day or two?
You Might Buy the Wrong Product
Why should you pay $20 a month for an Office 365 Enterprise E3 subscription when you can get the same apps and services for $12.50 a month with an Office 365 Business Premium subscription? There are many important reasons.
Just wait until you try to secure your network by implementing some Office security features through Group Policy settings. Sorry, that feature isn't supported in your Business Premium plan, nor is Azure Information Protection. And if your business expands beyond 300 employees, you'll be forced to migrate to an E3 plan anyway. That's an expensive and time-consuming process that'll probably cost more money than you saved in two years, not to mention the downtime you'll incur.
And let's not even consider the possibility that you'll choose the right product but buy the wrong license, setting yourself up for an expensive audit somewhere down the line.
You'll Encounter Unpleasant Surprises
Imagine coming in to work on a Monday morning, turning on your PC, and discovering that Windows 10 is installing a big feature update. You won't be able to do any work for at least an hour, maybe longer. Now imagine that's happening to every PC in your office.
That scenario actually happened to one small business I heard from recently. All 30 PCs in the bustling office had been configured to defer upgrades using the Windows Update for Business feature; unfortunately, no one noticed when Microsoft announced it was releasing the latest version of Windows 10 for installation on PCs that had been configured with that setting.
An IT pro who was on top of the latest "Windows as a Service" news could've configured those PCs to defer updates for up to six months longer and then scheduled the upgrade for a more convenient time.
But the worst thing that happens when you try to handle IT yourself is that you can't spend that time growing your own business. IT is a strategic resource. It's too important to be left to amateurs.
Ed Bott is a Microsoft MVP and an award-winning tech journalist who has covered Microsoft for 25 years. He's written numerous books on Windows and Office, including the best-selling "Inside Out" series from Microsoft Press. Bott delivers outspoken advice on a wide range of technology topics at his ZDNet blog, "The Ed Bott Report."