Managed IT Services versus Break/Fit IT
Dan: Yes, it's 8:30 and it's time for a Bit-Wizards ' Tip of the Wand. On the phone with me today, usually it's Vince and Sam, but now it's Sam and Jennifer. Welcome.
Sam: Good morning. How are you?
Jennifer: Good morning.
Dan: I'm doing well. How are you guys doing?
Sam: We are doing very well. Thank you. Yeah. We're so happy to be here again on the air with you today. Actually, I'm happy because we're at least back in the same room together so we can speak. Now, we're not in the same room with you, Dan, but at least we're in the same room on our side. So we can see each other while we're talking.
Dan: Yeah. And that's good. You know, because it's nice to be around people. I'm getting kind of tired of this loneliness. It's going to be nice to have you guys back in the studio so I can see you, and we can verbally talk about... You know, even the non-verbals is nice because just the look on your face sometimes when Vince says some things, that's always pretty good.
Sam: That is true.
Jennifer: I'm taking that role today.
Sam: Jennifer's job is to find inappropriate things to say on the radio.
Dan: That's good. But we can't see the rolling of the eyes. That's the one thing we just can't see.
Jennifer: I give Sam the Mom look.
Dan: Oh, the Mom look! Oh no! We all know what that... No, I haven't seen that one in a while. How about the wife look? That's even better.
Jennifer: That one's scarier.
Dan: That one could do damage. All right, let's get started, you two.
Announcer: Bit-Wizards ' Bits and Bytes.
Sam: Well, good morning, everybody. This is the part of the show where we look at the news, and just talk about some of the items that we've seen in the news, technology things that are coming up, new technology that's happening, changes to existing technology that affect your business. And of course, any security issues that we've seen. And this one actually came across my desk yesterday from one of our team, Jason Monroe. He's been on the air with us before on this show, but he sent me a link to say the Texas Department of Transportation got hit by a ransomware attack yesterday. In fact, this is the second ransomware attack that the state government of Texas has been hit with in just two weeks. The Texas government suffered two ransomware attacks in a few weeks. The first one took place on May 8th, and infected the court system. But now, there's a new ransomware that has infected the system of the Department of Transportation. And that's forced all of the administrators to shut down all of their systems to avoid the propagation of the ransomware. What that means is they've had to turn off all their computers, and unplug them, and disconnect the network on all of them so that if one of those machines has the ransomware, it doesn't spread to the other ones. I've even seen... I saw a humorous sign in a network closet once, where it said, " In case of ransomware, cut here." And they had a pair of scissors beneath all the wires connecting all of the computers, all of the CAT6 able, because you've got to stop it from spreading around to the rest of the network. And so of course, with the state's Department of Transportation over in Texas, they discovered this infection, and it came from an unauthorized access into their department's network. So they're now working with federal law enforcement to try to figure out how the bad actors got in. But they did announce it today because the Department of Transportation, executive director James Bass said, " We believe that we have a duty to inform our fellow Texans and our fellow state agencies of this unfortunate incident. We want every Texan to rest assured that we're doing everything we can to swiftly address the issue. We're also working to ensure critical operations continue during this interruption." So they're working now closely with the FBI to try to identify the individuals responsible, and to prosecute them, of course, to the fullest extent of the law.
Dan: Gosh, yeah. I have a question, Sam.
Dan: Hey, in that case, did they have everything backed up to the Cloud, like you guys suggest, so that they would be able to continue their operations? Or did this tie them up at a standstill at one point?
Sam: That's actually the part that I'm looking into because I do know that parts of the state government in Texas has already migrated to Office 365. They've migrated to Microsoft Azure as their Cloud platform, but I'm not sure how fully they've extended. And unfortunately, a lot of these ransomware people are getting smarter and smarter. And now, a lot of times they're waiting until they've identified all of the backup systems so that they can make sure that their ransomware has now spread to all of the backup systems. And it's sort of like a sleeper. It just sits there until someone sends the keyword. And then it's like the Manchurian candidate, where all of a sudden, all of the data locks down all at once when they get this... whatever the trigger is for them, that they have to... that it starts that.
Dan: Oh, no.
Sam: Yeah, you're absolutely right. The best protection against... well, not against ransomware, but the best way to recover from ransomware is to have adequate backups in place that are being backed up daily.
Dan: Yep. So what do you recommend like that? If they could possibly get into your backups, what do you think would be the fix on that?
Jennifer: So that's a good question. We've talked about this on the show before. There's a few different solutions and preventative measures that can be taken. Really, the first thing is to be proactive and vigilant. And that's really the first form of prevention. So knowing what to look for, and being very cautious when you're opening emails, and files, and things like that. Of course, the backups are very important. That's the number one method of recovery. And if the backups are infected, that's going to be a challenge. If the backups run for 30 days, maybe even 60 days, maybe even 90 days, you'd have a longer recovery, but it's still something versus losing everything. And then another way to limit access, if you've heard the acronym, MFA, it stands for multifactor authentication, that is a really good setting to have enabled for your various accounts, especially email. And that will limit others from gaining access to your email.
Dan: Mm. Okay.
Sam: Yeah. In fact, that MFA... It's starting to come out now that the MFA is really helping to prevent ransomware. So I know it's a giant pain in the butt when you have to try to log in, and then it sends a text message to your phone. And anytime you even go to your bank online, I'm sure it does the same thing for you, where you have to do this multifactor authentication. You put in your username and password, then it pops up on your phone a number it texts you, and you have to punch that number in to let you in. But I was in a webinar this week on ransomware and security. And the company that was hosting this webinar had said that they had yet to encounter a case where a company had been attacked by ransomware successfully when they had this MFA enforced for all of its employees.
Dan: Oh, that's good news.
Sam: Because what it does, is it ensures that the person who is signing into the email, or the computer, or anything like that, the system, it really is that person and not somebody who just managed to get access to their password. Because that's obviously what happened here, at the Texas Department of Transportation. They've identified that somebody got into the system who wasn't supposed to be in there. And the only way they could have done that was to piggyback on somebody else's credentials. They must have been able to uncover somebody's password from another website somewhere else. Or maybe it got shared somewhere. But that password... If the password wasn't the only thing required to let you in, that wouldn't have allowed them to get in and take advantage of the system if they had also had to have responded to a text message to be able to log in, then that bad actor would have never been able to get in, in the first place.
Dan: Oh, that's interesting. So that the MFA is, sounds like, even though like you said, it can be kind of a pain, if they've never encountered a ransomware on somebody who's been using that, man, that's the way to go.
Sam: Absolutely. So from a security perspective of ransomware, there's a few preventative things you can do. And that's things like having MFA in place, and having backups ahead of time set up for all of your workstations, all of your servers, all of your data. And of course, employee education and making sure that everybody knows what they should and shouldn't click, and knowing how to identify when something smells fishy. But then the actual prevention of the ransomware itself comes down to making sure you have antivirus, making sure you have threat protection, making sure your backups have backups of themselves that are stored elsewhere so that if one set gets infected, then you always have something to fall back on. And for us at Bit-Wizards, protecting data is really our primary concern. That's why we always laugh about this. We've got the billboard campaign Protect your Privates all around the area, because we really feel so strongly about this. Your data is your private information.
Jennifer: And not just protecting the data, but also testing, being able to restore the data. I'm a stickler for compliance. It's a weird quirk about me. I like to see that we can physically restore backups, and make sure that everything is not just in place, but we can prove that we can bring it back. So that's another aspect of that.
Dan: Yeah. So when you do the backups, so you're talking about obviously backups to the Cloud.
Dan: But when you talk about backups, do you ever recommend your businesses that you work with the backup like on a hard drive? Or is it strictly with the Cloud?
Sam: Well, I'm a big believer in... You can't really have too many backup solutions. In fact, there's a rule that they say it's a 3-2-1 rule of backups. Your data should exist in two places : two of them at your location, and one of them at a different location somewhere else. So that Cloud could be the one, but then the two that you have at your primary location could be the machine that it is, itself. And then maybe an external hard drive that you take home with you once a week because it'll be really hard for it to spread across 11 miles down scenic 98 on its own without some sort of connectivity. Which actually, I think, it really leads us into... The next step of this is how do you make sure that your company is covered? And there's a lot of different ways that your business can handle its IT. And I thought we could even talk about some of the different models of that today in our What's up Our Sleeve section.
Dan: Let's do it.
Announcer: Bit-Wizards. What's up our sleeve?
Sam: So for this one, we wanted to talk about, like I said, a couple of different models on how your IT can get taken care of. And in fact, Jennifer put a lot of this together, and she came up with, I think, what was a really good analogy on how to look at your company's technology needs. And the comparison that she's used here is comparing this to a car. So if you think back to maybe that first car you owned, I'm guessing, unless you grew up on the right side of the tracks, that your car wasn't brand new, off the lot, that year's model, with bumper to bumper warranty. So your first car was probably an older vehicle. And so, then as it starts to break down, you have to take it to a mechanic or repair shop to get some repairs done. And a lot of times, if your car is older, you'll notice that the new parts for the new cars are not compatible with the old components on your older car. And so of course, that then causes more issues, which then of course means more repairs are needed for the vehicle to be operational. And so it seems to be a little bit of a stretch, but it does tie in to IT, and what this has to do with the way your IT is done for your company. And we compare it to really two different models. The one model is a break / fix IT model, and the other is a managed IT model. And so what we're going to look at is sort of compare those two different models.
Jennifer: Yeah. So one of the big differences between the break / fix IT and managed IT is break / fix, if there's a problem, call somebody, they come over, fix the problem. And then if the problem keeps occurring, if your computer stops working, they identify that it might be a hard drive going bad. They come over a couple of times to work on the hard drive, and then eventually your computer just completely dies. So you've already paid for the break / fix IT person to come and spend time working on the issue. And now you still have to spend the money to replace this hard drive. And if your hard drive fails, there is a possibility of data being lost if the right backups are not in place. And so, one of the big differences between this break / fix model and the managed IT model is that in managed IT, we strategically... We watch for hard drives failing, and we strategically plan for when parts or machines need to be replaced. We also plan with our clients ' budgets, and really what they should be looking out for with their technology within the next three months, six months, year out, that type of thing. And so we take a more proactive approach instead of when something's broken, let's try to fix it.
Sam: Right. I would say that's probably the two big differences, is that it's either reactive or proactive about your business technology. There are pros and cons of course, to both sides of this, but with the break / fix model, it's what we call it in the industry, is break / fix. But really, what it means is when something breaks, then you start to figure out how you're going to fix it. And that might be either having an IT person that you know, or your neighbor's nephew who likes computers, or it might be YouTube University where you ask the person at the front desk if he can figure out what is going on by going on YouTube and see how other people have resolved it. And often it involves then calling out a professional to come out and take a look at it. And that is that break / fix model of... Typically, there's a minimum amount of hours that they would have to do to be able to identify the issue. And their only job is to identify the one issue and then move on. Versus the managed IT model, which is a proactive model that says, what you're going to do is have IT that is constantly looking at your technology environment, and trying to identify problems before they happen. Trying to make sure that we can prevent things from going poorly, work with you, as Jennifer said, on your budget that you have to see... But more importantly, maybe even look at your business goal, see what it is you're trying to achieve. How are you trying to reach your demographic? What are the tools that you could have in your industry that would set you apart from your competitors? What are some of the technology trends that are happening that would help your business move forward? And a managed IT service is significantly different than that reactive, break / fix model because you have essentially a partner with you, who is taking care of your IT along the way.
Dan: You know what I like about that? I liken that to when I was in the Air Force, we would call that crisis management. So every time something would break, it would be a crisis. That was the only way you got it done. Your proactive approach sounds to me like the best approach overall. Obviously, I mean, that's just the best way to go. Because I'm thinking about in my business, for example, if something breaks and I have to spend all that time trying to figure out how to fix it, or like you said, go to YouTube University, there's all that downtime. So you guys understand the business side of things, what it takes to keep these people going and their business going through IT to keep it up and running, keep it current, keep it in good shape. So they're not down and trying to figure out, scratching their head like, " I don't know what happened. I think it's a hard drive, but who knows?" Now my business has completely stopped and I've got to try and figure out what's going on. You guys make it a nice, smooth little transition to keep your business going.
Jennifer: Yeah, that's right. And one of the other advantages also has to do with response time. Dan, if you've ever had computer issues and you didn't have anybody to jump on it right away and fix the problem, every minute that goes by where you're just sitting, waiting for somebody to help you with your computer can be very frustrating.
Jennifer: And sometimes the response time, it can take somebody a little bit extra time to stop what they're doing if it's one single IT person to come help you. And one of our advantages is that we have a team of infrastructure engineers. And I think we have eight engineers on our team right now. And so there've been times where we've had multiple engineers working on multiple issues for one client, and it's really tough to duplicate yourself when you're one person.
Dan: Yeah. And be an expert in every field, too.
Jennifer: Mm-hmm (affirmative).
Sam: That's right. And in fact, even the cost model of that, it seems... There are, again, pros and cons because in a managed IT proactive model, it is going to be a recurring expense that goes with that as you basically are keeping an IT company, not on retainer, but proactively looking at your environment and taking care of things before they happen. Versus that break fix / model, where you really are only calling someone out... you're calling Joe the IT guy to come out and work on your system anytime something breaks. But actually... And it seems like that may be a cheaper way to go. But a lot of times the value in that is it ends up costing a lot more because... mostly because of the amount of time that it takes to come in and repair everything, because it will only get attention once it's broken. Whereas in a proactive model, it's getting attention before it breaks to make sure that it doesn't break. And a break / fix model, the devices only get attention... the IT and the technology only get time spent on them after they've broken, which, of course, means employee downtime. And according to continuum. net, 44% of the businesses lose an average of around $10,000 for every hour of employee downtime. That's of course not what they're paying that employee for that hour, but the amount of work, and the amount of rework that has to happen to get back, caught up to where you were after the downtime is really where that expense comes in. That's where it starts to get really expensive. And so having ongoing managed IT, proactive on that, actually ends up saving you money because you can now have predictable expenses. You can have a model to know how much it's going to cost you throughout the year, or throughout the month moving forward. And of course, there's also the element there of having a professional, who can get the job done in a much quicker amount of time, much shorter amount of time. And as Jennifer said, we have a team of technicians on our side. So that means it's even faster response times because it's who's available at that time, and also the shared brainpower of that entire team that can resolve a problem a lot quicker. I don't know. I liken this to... I mean, it's the same in every single industry, and I'm sure whatever your business is, you know the speed factor's a... I've done some amateur locksmithing. A friend of mine is a locksmith, and he's taught me some of the tools, and picking locks, and things like that. And I have fun. It's a hobby, and I'm learning it. And it takes me a little while, but I get there. But my buddy, who's been doing this his whole life, and his dad did it before him, and his dad did it before him, it seems to me like he even hardly has to look at a lock, and it's already popped itself open in fear because that's what that professional element brings to it. It's having someone who really knows what they're doing. So... As opposed to that YouTube University model of trying to figure out what is going on. It's working with people who actually already know what's happening, and can understand the implications of what they're seeing. And so for us, that's a pretty big value add for us, when you have an IT company that's your virtual CIO. You know, a partner to help you get through the year, and all of the technology changes, and have someone that can be there when things fail to be able to get you back up on your feet again.
Dan: That makes a lot of sense. You know, I could liken that back to the Air Force. You know, I've been in there for almost 30 years, but on the flight line, when it comes to an aircraft, it's kind of like what you're talking about. When you have a team... On an aircraft, you have engine guys, you've got the spark chasers, the electricians, you have the people that work with the fuels. You have all these different specialists that come in to work on a part of the airplane. Not one person can take care of the entire airplane. So kind of the same thing with your business. When you have a computer, and you have all of the things with your software, and your hardware, and everything, everybody in your business with Bit-Wizards, everybody has a specialist. I mean, you probably know a lot all the way across the board, but each one of them dips down deep as a specialist in certain parts. Just like I was listening to you talk about earlier, when you were on that information on getting that seminar about all this malware and all the other things that get into computers. I mean, you're sitting there watching all of that. So you're up to date with all of that, and I'm sure not everybody does that. So you're the specialist in that area.
Sam: Yeah. I couldn't agree more. That's something that we take pretty seriously, that we make sure that our team is excited about technology, and passionate about IT. So they are staying up to date with the changes that are happening. In fact, that's really where even some of this radio show came from is these are conversations we're already having with clients. These are conversations we're already having in the community, and conversations that we already have internally about new technology changes. And " Oh, did you hear about the new thing that's changing in Windows 10 next month?" Or, " Did you hear about this new feature that just came out in Office 365?" All of those different things that we stay on top of, especially from a security perspective, to make sure that we are knowledgeable. But on the other side of that, we spend time with our clients to know their business, and what it is they're trying to achieve and how they get there. I'm never going to be an expert in the vacation rental industry. But the fact that I have the few clients that I work with in the vacation rental industry means that I now have a better understanding of what it is they're trying to achieve. What is valuable to them, and what is not valuable to them, and what drives their business success. And that's what we're often looking at, which really comes down to then... And I'll ask Jennifer this question. How do you decide the right model for your business for your IT needs?
Jennifer: Well ultimately, having focus on IT and technology in your business is not a luxury anymore. IT is part of business. So whether somebody is going through break / fix, or a managed IT service model, you really have to kind of compare. As far as the break / fix model, if you don't mind interruptions because of the IT problems on a daily basis, and if the cost of downtime or data loss does not bother you as a business owner, then break / fix might be the right choice. But if your company needs to stay productive and focused, then managed IT is probably the best option. And there's always going to be a cost involved in managed IT. But overall, you have to consider the cost of your productivity and being able to keep your business moving forward, versus having to press pause continuously because of technology problems.
Sam: Yeah. It just comes down to evaluating the overall value that it will bring to your company about focusing on the technology involved.
Dan: You know, the break / fix model reminds me of the guy that goes, " Hold my beer. Watch this!"
Sam: That's exactly right.
Jennifer: The managed IT model is similar to you getting your annual checkup, your physical, from the doctor's office. So you get your annual physical, right Dan?
Dan: Yep. Of course I do. I have to. I'm old. All right, let's get into the next section, guys.
Sam: So anyway... Yeah. Let's do that.
Announcer: Bit-Wizards. From the spell book.
Sam: So this is the part where we take a technology term, and we define it for you. And so this one I picked for today is called... the technology term is captcha. It's spelled C-A-P-T-C-H-A. And it's actually... I don't know what they call this kind of acronym. It didn't come... They made the definition of the acronym after they already made the acronym. So it stands for completely automated public Turing test to tell computers and humans apart. And what that is, is if you signed up for a website or you've had to log in, and it's asked you to confirm that you are a human, it'll be a button there that says " I'm not a robot." Right? And what it is, is a challenge response test using computing to determine whether the user is a human, or a computer. And that's because some tasks are very easy for humans to do, like identifying things visually, and other things are very easy for computers to do, but hard for humans. And so this is a little different than multifactor authentication, which we were talking about a little earlier, because that proves that you are who you say you are. This one, actually, is to prove that you are a human being, not some sort of automated system that's trying to hack into your email. And so the older model, you probably remember this, it would start out with like a little box of garbled text, letters and numbers that were all distorted, and blown up, and stretched, and lines run through them, and colors, and everything. And that's because it was easy for a human to still identify those letters in there and say what it was saying, but for a computer it'd be incredibly difficult. Now we don't see those as much anymore. What we now see is a button says, " I'm not a robot." And you click that button, and it pulls up a grid of... What is it? I think 16 squares. And it's like one of those little puzzles you had as a kid, where you had to move the squares around, and get them in the right order. Except now, it's asking you to identify, " Could you show me all of the streetlights?" Or, " Identify the crosswalk," or fire hydrants, or buses, or bridges and all of that. What is really interesting about that is, again, it's tougher for a computer to determine, is that a crosswalk or is that just something totally different? Because it can't see in 3-D. But what's interesting, you may have noticed that all of these images nowadays involve scenes from traffic. They might be stoplights, or stop signs. And the reason for that is, while... It's serving two purposes. It's helping us to log in securely to services, making sure that we're human, but on the other side, it is actually teaching the computers for the automated cars, the self-driving cars. So that's the purpose of that in the long run, is that it has a bunch of humans teaching the self-driving cars right now what does a stop sign look like? What does an intersection look like from this angle with a bunch of stoplights, and one of the stoplights is out? What does it look like if there's a fire hydrant on the side of the road? And so all of those things there, we're actually using our collective human brain power right now to teach these artificial intelligence models, how to drive cars into the future. Isn't that interesting?
Dan: That is very interesting. And we're getting close to the end of the show. You've got about a minute or so, and I know you like to bring up one of your clients to talk about them.
Jennifer: Yes. We want to give a huge shout out to Vanover Law Firm. They are full blown beach attorneys with over 28 years of experience. They're located on 2018 Lewis Turner Boulevard in Fort Walton, and they specialize in elder law, DUIs, and criminal defense. And we want to give a special thank you to attorneys Keith and Chris at Vanover for choosing Bit-Wizards. They are working to utilize technology as a strategic enabler to help serve the community in the Florida panhandle. And we want to give a thank you to the whole hardworking team there for allowing Bit-Wizards to serve you.
Dan: Well, thank you. Oh, we're out of time. Thanks, Sam and Jennifer from Bit-Wizards. Tip of the wand!
Jennifer: Thank you.
Sam: Thanks very much. Have a great day.
Jennifer: You too. We'll see you next... We'll talk to you next Tuesday.