Security Issues for Remote IT Delivery

Colin Wells, chairman of JBS Computer Services, examines what SMEs should look for from suppliers when choosing the remote route for software delivery

Business conditions are unlikely to become any less volatile in the next year or so. Organisations and industry watchers are reluctant to predict when the economy will stabilise. Most businesses have already reduced costs through new disciplines and processes, and recognise that they cannot cut investment in people, equipment or IT without harming their organisations' growth prospects.

One of the obvious next steps is to consider how organisations can continually improve the quality of IT systems at their disposal without expanding budgets. The increasingly popular answer is to plug into remote IT services.

The remote delivery of applications - at one time described as ASP - is already taking off in the small and medium-sized business marketplace, mainly because SMEs have such a lot to gain from it. By paying a fixed monthly fee, users are able to remain in control of costs, gain access to applications that they could not otherwise afford, and pass the IT headache onto the service provider.

Organisations avoid the pain of installing new systems and upgrades, as the vendor will automatically supply them remotely or on-site. And minimal in-house skills are needed because the service provider manages everything remotely. Because patches, bug fixes, feature enhancements and trouble-shooting are managed centrally by the provider and shared by multiple users, the fixed cost of maintenance is minimised. Applications are more standardised than previously so there is minimal variable cost per user.

SME businesses are usually prime targets for burglary or vandalism. So another compelling benefit for SMEs in remote IT is that they no longer have to make provision for the safety of their critical information packed server at their own site.

Unfortunately any SME businesses have been broken into at one time or another, many on multiple occasions. And it is doubtful whether most SME business would have adequate back-up plans in place to ensure that a copy of the data is stored in a safe place. So if the computer systems and server are taken the ramifications to that companies business can be disastrous.

Remote IT delivery reduces security risks because servers are housed, protected and backed-up off-site. However just because it's someone else's problem, this doesn't mean that SMEs should just take it as read that their valuable company data is in safe hands.

Any server which is connected to the internet in any way is at risk from a security breach so if an SME has not got up-to-date anti-virus software they are taking a big chance with its business. Not only can a virus cripple a business, it can send it to its customers - if that happens then they need to be prepared to lose that business.

Selecting the right IT service provider is as important as selecting the right software to run your business. Before selecting a supplier to deliver your mission critical applications, it is advisable that businesses go to see the data centre used by the remote IT service provider for themselves. This is to ensure that it is both physically secure and technically secure.

Potential customers should be asking the following questions such as: Is it the data centre hard to get into, could anyone just walk in? Is there 24hr protection? Is data encrypted up and down the line? Who has access to the data? What firewalls are in place? Is it using the latest anti-virus software?

Users also need to be reassured that there are disaster recovery plans in place and that in case of machine failure there is adequate back-up. Are there uninterruptible power supplies (UPS) and how often are back-ups taken, do they have switch-to lines?

Companies also need to be happy that the service provider has adequately vetted its employees and access to customer data is limited. Ideally access should be on a need to know basis with employees.

The data centre should constantly monitor the performance of every component of its IT infrastructure. It should identify operating efficiencies proactively, ensuring that there are no threats to the performance of business critical applications.

There is no doubt that the security advantages for SMEs of remote IT delivery far out way the possible disadvantages as long as you select the right service provider. But you do need to be sure that wherever your data is being stored it is being protected in a secure location and with the latest technology. Companies should go to the data centre and meet the people to make sure they are comfortable with how their data is being looked after.

Colin Wells is chairman of JBS Computer Services., [email protected]


Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.