There are plenty of good reasons for outsourcing IT operations to a service provider, but doing so comes with inherent risk. Today’s organizations are entrusted with customers’ financial data and other sensitive information, so it’s never been more important to carefully evaluate potential service providers.
A lot is at stake when it comes to IT management, especially around security practices, business continuity and disaster recovery, supporting a mobile workforce and more. After all, your IT operation is the backbone of your business. You simply can’t afford to hire a provider that promises the world and doesn’t deliver, or even worse, one that doesn’t adhere to the right practices.
In this slideshow, Chris Messer, senior vice president of technology at Coretelligent, outlines the nine important questions organizations should ask prospective service providers to be sure they’re getting the right business partner.
Chris Messer is senior vice president of technology at Coretelligent, a leading provider of comprehensive managed IT and private cloud services. Chris works with some of today’s most advanced technologies, and he personally architected Coretelligent’s geo-diversified private cloud – CoreCloud – as well as Coretelligent’s global client monitoring systems. He advises organizations of all sizes on their IT strategies, and helps develop custom roadmaps for private, public and hybrid cloud deployments.
Selecting the Right IT Service Provider
Click through for nine important questions organizations should ask prospective service providers to ensure they’re getting the right business partner, as identified by Chris Messer, senior vice president of technology at Coretelligent.
Who are the team members I’ll be working with and what is their experience?
Understanding an IT service provider’s core competencies is key, but knowing the individual team members you’ll be working with is equally important. You want to work with individuals who are familiar with your organization’s industry-specific challenges and really understand your business and its short- and long-term goals.
Often, service providers will introduce you to their top technicians, then pull a bait-and-switch where you get an entirely different team once you sign an agreement. To avoid this, be upfront and ask for introductions to the specific team members you’ll be working with should you sign. What are their experience levels? Which certifications do they hold? And most importantly, do you trust them?
Do you staff your own in-house help desk or outsource to a third party?
The best service providers staff their help desks onsite. Providers with onsite help desk support are better able to train their technicians and uphold them to the highest standards, which can translate into a better overall customer support experience.
Providers that outsource help desk support usually won’t proactively make this known, so be sure to ask. Know that if you partner with a provider that outsources support, you’ll likely be speaking with overseas technicians who aren’t familiar with your business and preferred processes.
What is your model for high availability?
Data loss and IT outages can be catastrophic. According to the National Archives and Records Administration, 93 percent of companies that lost their data center for 10 days or more due to a disaster filed for bankruptcy within one year; 50 percent of businesses that had no data management within the same period filed for bankruptcy immediately.
You simply can’t afford downtime due to an IT issue. That’s why it’s so important to ask prospective IT service providers about their model for high availability and how they’ll ensure uninterrupted continuity of operations should a failure occur.
What are the terms of your service-level agreement (SLA)?
An SLA is a contract between you and the provider that outlines expected services, metrics to measure those services and possible penalties should the agreed-upon metrics not be met. It’s important to have a strong SLA with reasonable terms. With an SLA, everyone has the same understanding of requirements and neither party can plead ignorance should an issue arise.
Providers usually provide a standard SLA, but it’s important to ensure the terms are in your best interest. Know that these standard SLAs are just a starting point for negotiations, and any provider not willing to adjust their terms is cause for concern.
One item to pay close attention to is the promised support request response times. Some providers, for example, might hide behind a two-hour response window, so they’re protected. That’s obviously not in your best interest, and this should be discussed and adjusted.
What type of automated monitoring do you provide?
Any IT service provider that you’re considering partnering with should provide around-the-clock automated and remote monitoring. This is a must-have. Without automated monitoring, it can take providers a long time to check systems and determine what caused a failure. That’s downtime you can’t afford.
Ask providers what remote monitoring and management (RMM) solution they use. RMMs proactively monitor critical infrastructure to identify potential issues before they become costly problems. If they’re not using an RMM, that’s a red flag.
Internet Service Providers
How many upstream Internet providers do you connect to and is there a single geographic point of failure?
Ask prospective IT service providers how they’re connected to the Internet. You want a partner with at least two Internet service provider (ISP) connections who has tested failover scenarios – the more connections the better.
Providers with only one ISP connection are cause for concern. With only one ISP connection, there’s a single point of failure. Should that ISP experience an outage, you’ll lose access to critical data. Multiple ISP connections would avoid this worst case scenario. If one ISP connection is down, the others should have the bandwidth to keep things running smoothly.
Are your cloud services proprietary or are they outsourced to a third party like Amazon or Rackspace?
Nearly all IT service providers offer some kind of cloud solution. It’s extremely important, however, to understand whether a provider’s cloud services are propriety or if they’re outsourced to another cloud computing provider.
There are security concerns with any provider that outsources cloud services to a third-party vendor. Your IT service provider may have promised to adhere to the highest security standards, but what security practices does the third-party vendor follow? And who is responsible should a failure occur?
Also, who owns the data? Your IT service provider may have promised to destroy your data should you part ways, but will the third-party vendor really do so? If not, your data is vulnerable to theft – even if you’re no longer working together.
Access and Vetting
What level of access do your employees have to customer data, and how are employees vetted?
If you’re considering moving to the cloud and entrusting your data with a provider, it’s import to understand whether your data will be stored in a way that’s readily accessible to the provider’s staff. This is particularly relevant if you have sensitive data-at-rest that is subject to compliance requirements.
If employees do have access to customers’ data, it’s important to know how trustworthy these staff members are. Need an example of this gone horribly wrong? Edward Snowden.
What references can you offer who are running the same kind of applications I’ll be using?
If you’re feeling confident about partnering with a specific service provider, make sure to ask for references before signing an agreement. Ask for at least two to three references from other clients in your same industry.
Reach out to those references and find out what their experience has been. Ask how long they’ve partnered and if the reference feels confident in recommending them. Ask about specific challenges that have come up and how the provider responded. Ask what the reference’s biggest complaint is.