Tech + Talk

what's happening at brio and beyond

SMB and Midmarket IT Departments Are at Risk

IT departments get audited all the time. Requests come from every angle; compliance agencies, vendors, and the federal government being just a few examples. Requests are usually always the same—they ask that IT provide proof that their data or licenses are being managed and used properly. The policies, procedures, and processes related to IT are investigated to ensure they meet a certain level of sophistication.  The large entities who request IT audits understand that a sophisticated technical operation is the best way to remediate risk—which is why they require their partners to prove their adherence. 
 
Why don’t all IT departments voluntarily audit themselves? Fortune 1000 IT departments have full-time IT governance employees whose sole purpose is to oversee technical operations compliance. But if you are not an IT department for a very large company you probably do not have the luxury of having a full-time IT governance staff. You may even think you are too small to need oversight or perhaps you can’t convince executive leadership to put it in the budget.
 
Historically IT trends spread through the large enterprises first and then through midmarket and SMBs. Over the past 10 years though that has changed. The cost of entry is so low for new technology that any savvy business can leverage it, regardless of their size. A 1,500-user midmarket company can implement Salesforce or AWS in the same manner as a Fortune 50 company. 
 
The migration from capital expenditures to operational expenditures for IT services means that not only are upfront costs minimized but recurring costs are related directly to the size of the deployment. The normalization of those costs now removes barriers for non-enterprise businesses. 
 
So, what does all this mean? It means that most companies are leveraging the same platforms, regardless of size. Those platforms require the same level of governance for all businesses. The idea that only very large companies need to audit their technical operations is dangerous. All modern companies are using the same basic technologies and leveraging them in the same way to provide value to their end users. 
 
In short, small to midmarket businesses need to understand their systems and data are at risk in the same way as enterprise companies. The processes and procedures related to the data are also at risk for security breaches causing unexpected downtime. So, regardless of company size—if you have a modern IT department that leverages cloud services, data analytics, or mobility—you need to invest in some form of process IT audit. 

IT process maturity audits are a critical component to ensuring that systems are working at a high level of efficiency as well as not increasing company risk. This form of audit
 will provide you a detailed report on specific deficiencies within your technical operations along with recommendations on how to mitigate them.  Don’t assume your IT department is too small or not sophisticated enough to need oversight. Modern platforms are complex, don't wait until you feel the pain of a less than mature IT department before you act. Spend the time upfront to investigate and fix your deficiencies before you lose the opportunity.


Chris Bovasso was born and raised in central New Jersey. His lifelong fascination for science and technology brought him to Drexel University to study Information Technology. After graduation, Chris spent years focused on building data centers for companies such as Catholic Health, Citi, and  AT&T. As technology changed, Chris pivoted away from infrastructure and instead focused on how technology can help businesses grow. As CIO of Brio Solutions, his main role is to help clients build a strategy around their data, applications, and processes.  Chris can be found most weekends playing with his two young daughters and (when the grandparents can babysit) going out on dates with his wife Julie. 






 

Categories: Brio News, IT Consulting and Strategy, IT CONSULTINGNumber of views: 452

Get in Touch

Tell us about your project. We'd love to meet you!