In IT Management, Managed Services, Technology Audit

ist2_12135785-it-guy[1]I know your IT guys are really nice. And they really do try to drink less than five cups of your coffee every morning when onsite. But let’s pretend that in some parallel universe your IT guys just maybe cut a few corners. What might those corners be?

1.  They skipped the easy stuff. Relate this to your car – you change the oil, the spark plugs and the fluids in hope that your engine won’t blow up at 60k. It’s the same with your network. Some IT people overlook things like Microsoft Windows updates (hard to believe, I know). Last month we signed a new client with 50 workstations and 3 servers whose Windows updates were over two years old! When we came in, the first thing we did was apply the updates. It solved a few compatibility issues they were having and also sealed some enormous security gaps.

2.  They assumed your ISP’s firewall would work fine. Are you using your Internet Service Provider’s (ISP) firewall? Or perhaps you were thinking that the router was the firewall? Either way, if you’re using the ISP’s equipment, it’s likely you’re driving a car with no airbags, seatbelts or brakes. Sure it drives, but it’s not exactly an IIHS top safety pick. First, you need a firewall (different than a router). Second, your firewall needs to be able to monitor and filter content, scan for malware and viruses and offer several levels of security. Your ISP’s firewall is as cheap as the ISP can get away with without being criminally negligent or at least civilly liable.

3.  They thought cutting costs would make you happy. And it does. But some things you just can’t cut corners on. If you’re running AVG-Free or MSE as your primary antivirus please stop reading this and call someone. Call your support team – call the President – call someone somewhere and get it fixed now. I’ve seen this in firms large and small, but regardless of your size, it’s always a huge mistake. Free software is free for a reason. And not so fast! If you’re using McAffe Home Edition you’re guilty too. You need professional, enterprise quality antivirus regardless if you’re a sole practitioner or a 1000-attorney law firm.

4.  They forgot to backup the most important things. Everyone is performing some kind of data-backup. But, as I found out a few months ago, not everyone knows that some backup programs such as Backup-Exec require a SQL agent and an Exchange agent in order to back up all your email, contacts, cases and financials. And if you don’t have those backed up then you might as well not bother backing anything up at all.

5.  Most problems can be fixed before you even call them. It’s Monday morning and your coffee is getting cold because you’re busy trying to figure out why going to is causing your browser to crash. Luckily enough you know the fix is as simple as START MENU / RESTART. It’s like magic. The first thing my network engineers told me when I started here was to restart my computer before I ever called them. And to think I thought they hated me…

So, did your IT guys or gals make the cut? Don’t get me wrong. I’m not saying every IT person out there is corner-cutting or incompetent. But, I’ve seen each of these mistakes at least once in the last year. What mistakes have you seen recently? Is anything suspect? Leave it here and we can talk about what’s standard practice and what’s not being practiced at all.

Showing 6 comments
  • IT Guy

    I think you are misleading folks with this article. I have worked for a couple of law firms and any time a corner had been cut, it was at the behest of the IT staff. Updates are not pushed because the attorneys do not want the reboot and God-forbid we inconvenience them with one. Security is always a moaning point with IT. We would much prefer strong passwords and locking down the firewall. I don’t know what firms you have seen this in; however, I do not know a colleague or peer that would ever not employ a true hardware firewall. We do not recommend free or open source applications as options. Why would we? It is the support (of course we would prefer not to pay the costs, but it is necessary) that provides us the added insurance for malfunctions and implementation help that we may not, otherwise, have due to the personnel cuts and skillsets that have walked out the door. Your no.1 item? Suggest to an attorney that they reboot and see what happens. You get an earful on how much their time is worth.

    You should really have a disclaimer on your blog that identifies you as a consultant, so your posts can be taken in context. I think you owe an apology to many of the IT departments out there, since it is they, rarely the attorney, that would call you for your services.

    • Accellis Technology Group

      IT Guy – I appreciate your concern and I am glad you brought up these points! From what I understand, what you’re telling me is that you disagree with the post for the following reasons: you don’t know anyone that wouldn’t employ a hardware firewall, you don’t know anyone that would use free antivirus software, you suggest that asking an attorney to reboot their computer and/or accommodate regular maintenance would imply that we don’t value their time, and that you believe that it’s not the attorney’s fault but rather the MSP’s fault for most problems.

      For the firewall and antivirus: As crazy as it sounds I have walked into several law firms where either the attorneys who manage their own network, the IT person they have hired on staff or the MSP they’ve outsourced the work to has not suggested a hardware firewall and/or was using AVG-Free or just MSE! I know – trust me – I know that it’s negligent. But it’s exactly what we saw when we got there. And it’s why we are their MSP now and furthermore it’s why we are making a suggestion to those who don’t know any better that they ought to reconsider how cost-effective free things really are.

      For the time element you question: I totally agree. Some attorneys are at fault for either not doing themselves or letting their MSP do regular maintenance. The same goes for a system reboot – they just feel they don’t have time for it. And you’re absolutely right. But for the regular maintenance – that can all be scheduled after hours or at least not during peak usage hours. It’s otherwise unacceptable to not find a way to get it done, even if that means you have to schedule it sometime afterhours. It’s essential to have the latest releases because in not being current you’re subjecting the entire network to undue risk. Also, for the system reboot, what we’re saying is that by rebooting your PC, which takes a minute or two, you can save yourself ten minutes on the phone and a 0.1 service charge. It’s more time and cost effective! Sure it means we get less calls and sure we bill less hours but the bottom line is it’s the right thing to do.

      We specialize in Managed Network Services specifically for the legal industry so we know how valuable an attorneys time is. That’s why we created unique processes and methodologies that solve these problems while minimizing impact on the attorneys and, ultimately, increasing workflow.

      Your final point, that it’s the attorneys fault for not taking advice from the MSP – certainly valid. We’ve had a number of clients who have run their networks down to a point of no return despite our constant reminders. And with those attorneys there is nothing you can do. It doesn’t, however, exonerate the MSP who doesn’t at least raise the point – and again, as crazy as it sounds, we have actually seen that!

      As for the disclaimer – while we provide consulting services we are a fully Managed Network Services provider (MSP), we have offices in Cleveland and Pittsburgh, and we have clients throughout Ohio, Pennsylvania and West Virginia. We also have had a 100% Managed Services client-retention rate for the last six years. Our 10 years of experience in the field in combination with our retention rate and ongoing education qualifies us to speak knowledgeably, and we do so at Bar Associations, tradeshows and training courses throughout the country. To be clear though, as noted in the post, “I’m not saying every IT person out there is horrible, corner-cutting and incompetent. But, I’ve seen each of these mistakes at least once in the last year.” We just want to make sure that the information is out there – even if it may seem rudimentary!

      Does this at least give you a little better understanding about where we were coming from? Please let me know if I haven’t answered your questions! And I genuinely appreciate the feedback – your comments and opinions help make our company better! Email me anytime at or leave another comment here!


      Accellis Technology Group

  • IT Guy

    Thank you for clarifying. And I appreciate your identifying that not all IT departments are perpetrators of these misdeeds. The title of your article leads the reader to believe that all IT professionals are guilty of these indiscretions.

    Additionally, thank you for the disclaimer. I am sure you and your team are very good at what you do.

    • Accellis Technology Group

      No problem at all! And yes, you’re absolutely right. There’s been many instances where Partners cuts costs too. And it results in the same damage. So you’re right – clarification was in order. Thanks again for commenting!

  • JOE_IT

    As an IT guy myself, I work for a small start up company. There have been several (at least 10 this month) times I’ve suggested more security and alternative methods to things. The owners don’t hear anything until you say “cost is” then they explain why they won’t pay for anything. I beg others in the office to preform maintenance (They have laptops in case they want to work from home). Not giving me access to a machine until it breaks. You car analogy is more like taking a car to a mechanic who begs you to bring it in and get the oil changed and six month later you see the sticker in the windshield and think “maybe I should do that, but I’ll wait.” Then when gunk builds in the crankshaft people start screaming at the mechanic.

  • Accellis Technology Group

    Joe, you’re absolutely correct. We do regular maintenance on a number of things in our life: our cars, our health, our teeth…heck, even my radar detector must be sent back to the manufacturer every year or so to get updates and get cleaned out. We do these things because we don’t want to blow our engines, we don’t want to get sick, and we don’t want speeding tickets. It’s no different when it comes to IT: you prevent viruses though applying patches and updates regularly (this closing security vulnerabilities); you get better performance of your equipment with tune-ups (just like your car); and you prevent server failures by keeping things current. The alternative is to let everything go and deal with the viruses, hardware failures, and downtime.

    The problem is that this is more expensive than just doing the maintenance. You will lose revenue if your network crashes. We know this because we can test this theory with relative ease: just pull the plug for the month of October and see how business goes. To keep the network up, you must perform maintenance. Keep at it my friend – we find that the best motivator is experience. When the network crashes, senior management should change their minds! All you can do is continue to make recommendations (verbally and in writing) so that you have backup when they point your finger at you.

    – Mike O’Neill, Accellis Technology Group

Leave a Comment

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.