A ramsac guide

The essential
IT health check
The 10 killer questions you should
be asking about your IT
 The essential IT health check

Organisations depend on the smooth This guide will give you the 10 simple Contents
running of their IT – if something questions you need to ask to perform
goes wrong, chances are the entire your own routine “IT health check” Know What to Do When Something Goes Wrong
company will be affected, but if and make sure your technology and 1. How quickly can you restore a file – or your whole system? 4
everything is ticking along nicely work information assets are working for, not
2. Are your key systems covered by a manufacturer’s SLA- 6
is more efficient, staff frustration is against, you.
backed warranty?
lowered and life is easier.
3. Are your licences in check? 7

4. Are you monitoring the network? 8

5. Who’s updating the system? 9

6. How well are you controlling access? 10

7. How well do you train staff on IT security? 11

8. When did you last test your business continuity plan? 12

9. What are you tolerating? 13

10. Do you have any single points of failure? 14

2 3
1
The essential IT health check

How quickly can you

restore a file – or your
whole system?

Most organisations understand the If you’re running a traditional tape If you’re backing up to the cloud, Don’t assume that, just
need to run a robust backup. But backup, you should consider the question what’s being backed up, because your files are stored
many feel that once they’ve made the following things: where the data is being stored and
in the cloud, you don’t need to
investment in an online backup or a ›› rotation of tapes how quickly you can undertake a
tape drive, the work is done. In truth, significant restore. Cloud backup think about a separate system
›› the process for ensuring tapes are
not all backups are created equal, is brilliant for removing the backup.
changed daily
and you need to ask some important inconvenience of changing tapes
›› off-site tape storage We have seen many organisations
questions about your own system. each day, but if you have a significant
›› how often snap-shot backups are lulled into a false sense of security
incident and need to restore your
As with an insurance policy, you really taken out of the tape rotation and after storing all their data on a shared
entire shared drive, doing so will take
only know how good your backup stored permanently off-site Google drive, only to discover a virus
a very long time if you have to restore
system is when something has gone has infected the whole drive and
It’s no good running a two- it file-by-file over a sluggish internet
wrong. But that’s the worst time to everything has been lost.
connection.
find out that your system isn’t quite week rotation of tapes if you
Although cloud providers such as
what you hoped it would be! discover someone deleted a Also question what’s being backed up.
Microsoft and Google will have their
It’s no good backing up files and not
In truth, the question isn’t ‘how good client folder four weeks ago own backups, they are geared towards
backing up the system itself – if your
is my backup?’ but, rather, ‘how – at the very least you should recovering from disasters in their
entire system goes down, it will add
effective is my ability to restore?’ keep a month-end and year- systems, not general issues with
days to your recovery time if you can’t
And as well as running your backup corrupt, deleted or overwritten files.
end tape in a safe somewhere quickly restore the system settings,
each day, you need to question how There are cloud-based systems that
frequently you are testing the ability
away from site. server profiles and user info, as well
back up your cloud files to another
as the files themselves.
to restore a file, folder or full system, source – it’s often low cost and low
and how long a recovery would take. admin. But don’t think that just storing
files in a cloud makes you watertight;
data should always be stored in at
least two locations to ensure that if
one source fails, you have a ‘plan b’ to
fall back on.

4 5
2 3
The essential IT health check

Are your key systems Are your licences

covered by a manufacturer’s in check?
SLA-backed warranty?

If you’ve ever bought a washing Skimping on warranty cover is Keeping track of software can be When we audit an
machine from a high street electrical generally a false economy. When tricky. Make sure you know whom organisation, we find as many
store, you will no doubt have had a machine is under warranty, the within your organisation is responsible
people that are over licensed
the awkward conversation about manufacturer will continue to hold for ensuring that everything you
extended warranties. Thankfully, PCs replacement parts, even if that use is properly licensed. It’s not just as we do those that are under
and tablets are now so easily available, particular device is no longer made. Microsoft products; think about the licensed. You could be paying
and relatively cheap, that there’s You will also be at the front of the call line of business applications you use, for more than you need to.
very little point worrying about long out queue. To not have a warranty the creative team’s software, your
warranty periods. But there are some means you might not source the antivirus and back-up products and If you haven’t yet been audited by
core parts of your network that are replacement part or you could wait the systems that you use to run your Microsoft, chances are you will be
costly to replace, complex to configure two days to get an engineer onsite – a building, such as door entry and soon – they are slowly reviewing all UK
and affect everyone’s ability to work. costly delay if your whole organisation security systems. organisations and a license review can
For these items, it’s important to know is unable to work. be hard work. Ensure you know what
Microsoft licensing can be really you need and what you have, and
that if a part fails you can guarantee
Most servers ship with a three-year complicated – it’s not just about the check that someone is tracking expiry
a replacement will be on site within a
warranty which can normally be licenses for your local PC or laptop, dates – it can be twice as expensive to
few working hours.
extended to five years, or, in some you need to consider all of the renew some licenses if the expiry date
Typically, you should ensure cases, seven years. Check that your servers, and, in some cases, the ‘client has already lapsed.
that any servers are protected key systems are all covered and access licenses’ needed for each user
that you have a system in place for that accesses server applications.
by a manufacturer’s warranty,
ensuring you don’t miss a renewal
with a four-hour response. date.
This means that if the motherboard
in the server dies, you’ll know that
a replacement part will be available
and will be with you on the same
day, reducing your exposure to
companywide down time.

6 7
4 5
The essential IT health check

Are you monitoring Who’s updating

the network? the system?

There are very few critical Your network should be set up with We all know how annoying it is when You should check who is monitoring
events that can’t be predicted monitoring tools that automatically you attempt to close down your user devices and servers to ensure
alert you to potential risks, such as laptop to go home, only to receive that systems are being kept up
and therefore prevented, but
spikes in disk space, backup failure, the message that your machine is to date. When it comes to server
only if someone is actively failing hardware, attempts by hackers, downloading 34 updates and must updates, these need to be reviewed,
managing and monitoring the and devices on the network that not be switched off. But patches and managed and installed at a time
network. haven’t got up to date antivirus updates are essential and primarily where the network isn’t busy, as they
software, and these alerts should be serve to keep your system safe. can sometimes require restarts or
Though most modern cars will actioned in a timely manner so that cause downtime. End-user devices
proactively monitor things such oil Malicious attacks, system
you prevent something small from should generally be set to download
levels, tyre pressure, and emissions vulnerabilities and performance
escalating into a much more serious updates from the network rather than
to catch issues before they cause limiting issues are being discovered
problem. directly downloading from the web, as
damage, physical checks and servicing by software manufacturers every day,
the latter can cause network delays if
are still essential. You don’t wait for and the patches and updates that you
all machines start downloading across
your car to break down before you are prompted to download are there
your internet connection at the same
ensure that someone has at least to correct those issues or to secure
time.
checked under the bonnet – you take a newly discovered vulnerability.
it to the dealer for regular assessment Systems that are not kept up to date Updates should be planned,
and servicing. are accidents waiting to happen. controlled, enforced and, most
Malicious users actively scour the
importantly, regular!
internet looking for vulnerable
systems, making an unpatched
network the equivalent of an open
door for a burglar.

8 9
6 7
The essential IT health check

How well are you How well do you train

controlling access? staff on IT security?

There’s no point in putting the best Also think about who has access – IT security is not just about good Training should be applied across the
locks on your front door and installing you wouldn’t give every member of investment in technology. You can board and should be programmed to
the latest intruder alarm if the last your team access to your internet have a fastidious password policy happen regularly.
person out of the office at night leaves banking, but it’s amazing how many and the latest firewall technology in
the door wide open. Access control organisations allow multiple team place, but all that sensible investment The industry changes at a
to your information systems is about members to have admin access to the is useless if an employee clicks on breakneck pace – the threats
great housekeeping – it is essential servers. a phishing email and reveals their we’re battling today did not
that you have a good password policy password to a complete stranger. exist six months ago, so
in place, which ensures users regularly Remember, if I have admin
IT security is 50% infrastructure, training should be kept up to
change their network passwords access to your server, I can
and 50% user training. And yet few date.
with something more complex and see all your files and all your
businesses ensure that their teams
secure than ‘Password01’, but it’s also emails. regularly receive up-to-date training
important to make sure that someone
on good practice and cyber security
is tidying up after users that leave the Think about who really needs which
awareness.
organisation. Idle user accounts are a levels of access, and then consider
hacker’s dream, an ideal opportunity what you do if one of your trusted
to exploit weak passwords and gain employees moves on.
access under the radar.

You should run a monthly check

on your user directory to query if
accounts have passwords that aren’t
set to expire and how many accounts
haven’t been accessed for 30 days, as
that probably means that someone
has left the business but no one has
closed down their account.

10 11
8 9
The essential IT health check

When did you last test your What are you tolerating?
business continuity plan?

Though some people find business You should schedule in regular ‘table This question is actually good to ask You don’t have to accept work-
continuity planning fascinating, most top’ tests of your BCP, involving about your wider organisation too, arounds or second best. If
would probably admit it’s quite a long different parts of your organisation but, thinking about IT, what is it that
you’re investing in IT, it should
way down the list of things they would each time. Think of different scenarios; you’re putting up with, or accepting
like to do with their time. But let’s fire and flood are the obvious ones, second best on? How well are your be working well for you.
assume you’ve been really organised but consider a loss of power, loss of key suppliers performing? How well is
and developed a companywide access to your building, loss of a key your IT department functioning? How
plan for how you will respond to member of your staff, a major supplier fast is the system? How easy is it to
an interruption to your day-to-day going bust… and make sure your access data? How long are you waiting
operations. For starters, well done, plan remains fit for purpose in each for issues to be resolved, and are
you’re already one step ahead of most scenario. users kept up to date with progress?
of your competitors! But, if that plan How frequently is the system not
was written 18 months ago and has Our experience is that every available when you need it to be?
since been sat gathering dust on the time we’ve tested our plan, How complicated is it for you to work
shelf of your server room, chances are we’ve highlighted changes remotely? Are you making do with
it’s not quite up to the job. to make, even if that’s just work-arounds? What frustrates you
about IT?
Organisations change all the time. realising that a contact list has
People come and go; suppliers become out-of-date.
get reviewed; new technology is
implemented; key customers change.
A business continuity plan is no
different – it should change at the
same pace as your business. It’s also
no good unless the whole team knows
how and when to implement it.

12 13
10
The essential IT health check

Do you have any single

points of failure?

IT is actually one part of your business

for which it can be fairly easy and cost
A third-party IT partner can help to
reduce the absolute reliance on a
About ramsac
effective to eliminate single points single in-house IT manager. ramsac provides customised IT services including network
of failure. Whether it’s the danger of management and 24 hour support, project design and
If you do have single points of failure,
having all IT knowledge residing in one implementation.
you should at least be aware of them
place or dependence on a particular
and know that you have a recovery We work with businesses, schools and charities who tell us
bit of kit that would bring your
plan which can be implemented in an that our proactive ‘can-do’ culture, our strategic approach
organisation to a standstill if it failed,
acceptable time-frame for your own and the quality of our people makes the biggest difference
you should plan to eliminate all single
particular needs. to them.
points of failure.

Modern servers should have built-in Asking these 10 questions at With ramsac as a part of your team, you can be assured
resilience for their core working parts; least once a year, should help that IT is covered, enabling you to get on and do what it is
data and email should be hosted to safeguard your IT against you do best.
in such a way that you can still gain the most common threats.
access if the main office is offline;
If you need assistance or
phone lines should be easily diverted
require more robust support
to mobiles if needed; your building
should be served by more than one then please get in touch.
internet service provider; and you can ramsac Limited
take out insurance to provide you with Godalming Business Centre
access to temporary serviced offices Woolsack Way
for just a few pounds a week. Godalming
Surrey
GU7 1XW
England

www.ramsac.com
General: +44 (0)1483 412 040
Support: +44 (0)1483 412 042

14 15