Outsourcing your IT services can feel like taking a leap into the unknown. Information technology is at the heart of most modern organizations, acting as the lifeline for vital functions and services. The perception is that outsourcing management of this domain can lead to loss of control.
Unfortunately, this can be very true depending on the IT firm that you choose to trust. Transparency, cybersecurity, technical skill, and customer experience are critically important factors to consider when evaluating outsourced IT firms.
Maintaining the multitude of IT infrastructures associated with a large number of clients can drown many IT service providers if they are not adequately prepared. To help organizational leadership when “shopping” for outsourced IT, we have developed a quick list of points that should be evaluated for every provider.
This list is not comprehensive, but it should give a good idea on the most important factors to consider when evaluating outsourced IT solutions. If your organization is already leveraging an outsourced IT firm (often referred to as an MSP – managed service provider), checkout this list to see if you are getting what you paid for:
1. Customer Experience
More than anything else, the customer experience should be the #1 point to evaluate when considering outsourced IT services. If your organization is going to be waiting several days per issue, all other points are irrelevant. Look for and ask about the following factors when evaluating a new IT firm:
a. Client Referrals
There really isn’t a better way to get an idea of a managed service provider’s reputation and customer experience than asking about existing clients and calling for references.
b. SLAs
Service Level Agreements give an idea on the expected response times associated with certain issues. Ensure that the organization you are evaluating can provide hard numbers on their response times.
c. Metric tracking
The sign of a truly customer-centric organization is metric tracking and internal reviews. Ask about things such as customer feedback surveys, internal employee reviews, time tracking, and other topics that help track how the MSP is delivering their services.
2. Internal Cybersecurity Posture
Right behind the customer experience, the IT provider’s internal security posture should be a major point of evaluation. Their security is your security, and you need to ensure that their network is handled appropriately.
a. Reporting
Reporting and active alerting are critical for a stable cybersecurity posture. Ensure that the outsourced IT firm you are working with has the appropriate metrics, logging, and security reporting to instill confidence.
b. Insider Threat
People are fallible, and managed service providers are no exception. In the case of a rogue technician or accidental phishing link click, you want to be sure that your own network would be safe. You should dig into the protections and controls that the service provider has around their own internal staff.
c. RMM Posture
The Remote Monitoring and Management Tool (RMM) is the lifeblood of a managed IT service provider. Basically, this solution allows for remote control, updating, and monitoring of all connected assets. If the security around this is not taken seriously, your organization could be at risk.
3. Competitive Technologies
Ensuring that the MSP you choose to trust has the most up-to-date solutions is a key factor when evaluating service providers. Without proper tools and solutions, both your organization and the service provider leave themselves open to cybercrime, efficiency loss, and competitive disadvantage.
a. Microsoft
While specific vendors are usually not a focal point during initial conversations, by all means evaluate the relationship and experience with Microsoft. Microsoft partnerships indicate expertise in a critically important component to most organizations.
b. Security Stack
Modern security tools such as Endpoint Detection and Response (EDR) are vital to a proper security stack. If your service provider is casually approaching security, expect to have issues down the road.
c. App Support
Different Industries utilize vastly different apps. Ensure that your most common applications are supported by their team, and ask about prior experience with these apps.
4. Leadership and Experience
A managed IT service provider is defined by its leadership. IT and helpdesk technicians are critical assets to a service provider, but management is critical in order to drive and focus their skillset. Look for industry certifications, cumulative years of experience, and their history in the industry.
a. Certifications
Certifications are key for certain advanced concepts. Be sure to investigate the top IT certifications and evaluate how their team stacks-up. Very often, a certification can indicate an additional level of knowledge and provides tangible evidence of their skills.
b. Culture
This is a bit of a “soft factor,” but be sure to ask about the service provider’s culture. The last thing you want is for your outsourced IT firm to be a complete culture mismatch, leading to friction between your users and the people trying to help them.
c. Legacy
Managed IT service providers leave an impact on their customers. Investigate their legacy, ask about turnover rates, and try to get an overall feel for how they have left an impact on the community and their customers.
5. Scope of Services and Target Market
Industry, organization size, and IT infrastructure are huge factors to consider when evaluating an outsourced IT firm. If you run a large construction firm, a 2-person MSP will likely not be sufficient. Evaluate the primary verticals that your prospective service provider operates within to see if they have the right skills to help your team.
a. Target Industry
Different industries require different IT skillsets. Check with the service provider to ensure that they have experience or resources familiar with your industry’s unique needs.
b. Organization Size
In general, a bigger organization will require a bigger MSP. Ask about the primary market and ensure that your business won’t be too little or too much for their team.
c. IT Infrastructure
Do you require advanced security monitoring on hundreds of custom servers and applications? Do you have a single server running technology from the 80’s? MSPs specialize in certain environments. Always check that your ecosystem is something that they can work with and efficiently support.
