m.a.collins
,

The Five Flaws of the Break-Fix Approach to IT

Some business owners view their IT infrastructure like they do their plumbing or HVAC maintenance – they prefer only to pay to fix problems as they manifest.  There’s nothing wrong with plumbing or HVAC companies.  They are some of our best customers.  However, the comparison is severely flawed, mainly because plumbing and HVAC systems are generally static infrastructures, and they aren’t the object of attacks from without (yet).  The old break-fix approach to managing IT is on life support, mainly because of five inherent flaws.

Break-fix approaches to IT inherently lead to a giant ball of band-aids.

Whenever a tech is dispatched to resolve a problem for a client in a break-fix arrangement, that tech is there to find the quickest remedy possible.  The tech knows that too much time spent will result in a complaint from the customer.  Thus, the tech proceeds to take the shortest route possible to restore functionality.  This band-aid approach only addresses the symptoms manifested, while it ignores the underlying root cause.  The conundrum for both the tech and the customer is that the customer doesn’t want to pay the tech for the time it would take to diagnose root causes, and the tech feels pressured to get in and out as quickly as possible.  Over time, this leads to an inefficient and cumbersome wad of band-aids that usually has to be completely overhauled to overcome.

Break-fix approaches to IT misalign missional objectives. 

The band-aid approach leads nicely into the next flaw.  Have you ever wondered if an auto mechanic has your best interest in mind?  Again, there are many great auto shops out there, but sometimes you can’t help but wonder if you’re being taken advantage of in some scenarios.  The break-fix arrangement creates competing incentives against the provider and the customer.  The computer shop only gets paid when there are problems to be solved.  The customer is literally incentivizing computer problems.  Conversely, in a contract arrangement, the service provider is rewarded for operational efficiency and penalized by customer downtime.  In that kind of arrangement, both the provider and customer have completely aligned incentives and objectives.  You both become a team who works together to do everything possible to eliminate issues entirely.

Break-fix approaches to IT cost more in the long run.

When the organizational objectives and incentives are aligned, the natural result is more efficiency and less downtime.  If the service provider is competent at all, you will see a marked improvement in IT operations.  When problems are addressed in a contract arrangement, finding the root cause and eliminating it is the primary incentive for the service provider.  Being proactive and working to eliminate problems before they create downtime or other inefficiencies is top priority.  These proactive and thorough approaches to IT management enable you to come out ahead in the long run.  Furthermore, you have a built-in consultant who can help you navigate your technological hurdles and leverage technology as a force multiplier for your organization.

Break-fix approaches to IT severely handicap your ability to recover from a disaster.

Most companies discover they have a backup problem when faced with an occasion requiring them to rely on it.  Imagine having your critical data encrypted from ransomware, and learning that your backup data was encrypted along with it.  Imagine a drive failing, and discovering your last successful backup was from months or even years ago.  Unmanaged backups create these scenarios, and they are completely preventable using modern backup and recovery technologies.  While the goal is always never to need the backup, when you do need it, you REALLY need it.  Make sure you have a managed backup solution in place. Gambling with company data is a losing proposition.

Break-fix approaches to IT are nearly impossible to budget accurately.

The break-fix model of IT support naturally ebbs and flows.  Even when you have a couple of years of history to help budget, you are one severe event away from blowing that line item.  A drive dies in a server or critical workstation, and you have an unplanned expense.  How can you effectively budget for IT support when you are one successful cyber-attack or one critical device failure away from a ton of unexpected remediation time?  Some of that can be assuaged by planned upgrades, but cyber-attacks and other threats to today’s businesses by nature are unplanned events.

The Obsolescence of Break-Fix

It’s time that we put the death knell into the break-fix approach to IT support.  It hasn’t served businesses well.  It has proven to create IT dysfunction.  It has misaligned the objectives and incentives toward efficiency and operational integrity.  It costs more in the long run, and it is nearly impossible to budget accurately.  We’ve moved on from the TRS-80s, the Pentium chipsets, and on-premise email servers – it’s time to move on from the break-fix model for IT support.

/by
m.a.collins

Should You Go with the Cheapest MSP Proposal?

Not All MSPs are Created Equal!

Just like many other things in life, all MSPs aren’t created equal. The reality is that even if you were to find two MSPs who are using the same technologies and toolsets, they can be vastly different in degrees of how they use them, how they interact with their clients, how they control the precision of implementation, how security-minded they are in implementation, etc.  As unlikely as it is to find two MSPs with identical technologies and toolsets, it’s still easy to comprehend the truth of how different they could be.

Back when I started my IT career as a network administrator, one of my bosses told me a story I would never forget to this day. He said that he met the best sales person he had ever met in a motorcycle shop. While there to buy a motorcycle helmet, a sales clerk offered to assist him. He asked the sales clerk what the difference was between a $100 helmet and a $500 helmet. The sales clerk simply responded, “Do you have a $100 head or a $500 head?” I can remember my boss laughing as he said the point was so well-made, that he walked out of the store buying one of the more expensive ones. Why would he pay more for what looks like the same thing? Because, although it wasn’t readily obvious to the naked eye, the more expensive helmet offered better protection to a vital part of his body. The same is true as it relates to IT security and MSP pricing. The right tools and the right personnel to use them properly come at a cost; and cutting corners on either could spell disaster for your business.

Three Realities That Impact MSP Pricing

The first reality regarding MSP pricing is that as business IT environments are getting more complex while, simultaneously, attack vectors are increasing in complexity, security-related IT costs are naturally going to increase proportionately. Simply put, more tools and more tech specialization are required today to implement, monitor, and employ effectively than it did yesterday.

The second reality regarding MSP pricing is sustainability. Business owners know how much of a headache switching MSP vendors can be. Choosing an unsustainable MSP due to cut-rate pricing could cost you in the long run by requiring you to make an unplanned MSP change due to that MSPs poor business practices.

The final reality when it comes to MSP pricing is every good MSP should be seeking to improve process, adopt new security technologies, and improve service delivery. Continuous improvement is itself a costly venture both in time, resources, and money. You want to choose an MSP that is committed to continuous improvement, because who wants an MSP using 10-year old technology? Or who would want an MSP approaching security the same way they did 5 years ago?  We see how fast technology is evolving around us, so wouldn’t it make sense that an MSP would need to be constantly working not only to learn new technologies but also adapt proper security protocols for them?

Just Because It’s Working, Doesn’t Mean It’s Right!

A number of years ago, we were taking over a client from another MSP.  After a couple of weeks of onboarding, we performed a permissions audit to determine why everyone in the company had access to files and folders even when they weren’t members of the associated permissions group.  During the audit, we discovered a major problem! In order to resolve a permissions issue, the previous MSP had added the everyone group to the domain admins group. This effectively giving all the users complete administrative access to everything on every server.  We worked with the customer to migrate them to a least-privilege permissions policy for all users.  This situation gave birth to one of our company mantras:  Just because it’s working doesn’t mean it’s right!  This customer didn’t realize they were one disgruntled worker away from complete disaster.  Add to that the inept backup application they were using at the time, they were on the brink of existential disaster and were blissfully unaware.

Qualifications are Important!

Just because you have an M.D. doesn’t mean you are qualified to perform brain surgeries.  In the same way, just because you know a little bit about networking doesn’t mean you are qualified to manage a company’s cyber security. It’s essential that you take into consideration the complete picture when deciding between MSPs, instead of making price the primary deciding factor.

Contact TCS today for more information on our unique approach to managing your IT infrastructure efficiently and securely, while also remaining committed to a culture of empathy and continuous improvement!

/by