The dependence of small business on IT systems and the people who run them increases continuously. Whether the accounting systems, corporate\u00a0web site, inventory system, the online shopping cart, marketing automation, email servers, the customer management system, internal database servers, manufacturing automation servers and the like. The list goes on and on. Without those IT systems, business grinds to a halt. And without the people that maintain them, you risk business grinding to a halt if something goes awry. IT systems have loads of risk vectors. Hackers, Malware, viruses, ransomware, hardware and software failures and the like.<\/p>\n
However those don’t create the biggest risk a small business owner has with respect to IT.<\/p>\n
The biggest IT risk a small business owner faces is being unprepared\u00a0for the loss of a (or the) key IT person or key software developer.<\/p>\n
Examples of the key person(s):<\/p>\n
Losing any of these types can be hard on a small business. If your business has several of these people in one person then you are at a HUGE risk if that person walks.<\/p>\n
What can you do to mitigate the impact if that key person is gone?<\/p>\n
Here are 9 steps that can help when that happens.<\/p>\n
Make sure that the existing staff has backups of key system configurations saved in a known location. Firewalls, key routers, switches, IP addresses of networks and servers and other company configuration setup should be saved in a known and agreed to place that the owner knows about and understands how to access. This should be also documented.<\/p>\n
It is wise to use a corporate password locker such as 1Password<\/a> or Lastpass<\/a>. Key system passwords should be stored here with the master password to the locker available to the owner.<\/p>\n Simple block diagrams should be in a known location that diagram key systems, how they are connected, where they are located etc. This will enable the owner to help locate systems in case an issue arises and will help them direct new personnel or vendors when repairs or service is needed.<\/p>\n A list of all 3rd party vendors that are used by the IT \/ Development teams should be kept in a known place. Contact information for the account representative, as well as services provided and key contract or agreement details.<\/p>\n The locations of on-site backups of systems should also be documented. Additionally off-site backup locations and \/ or vendors should be detailed in the 3rd party vendor section.<\/p>\n The owner should know the processes used to get IT and development work done, including how to deploy system updates for key servers, web sites and online apps. If for no other reason than to train the replacement employee.<\/p>\n If your company uses automated monitoring such as\u00a0Icinga<\/a>\u00a0or similar, then the owner or replacement personnel need to be added to the notification list.<\/p>\n A documented set of job descriptions will help in the hiring process after the key person leaves. This will give the owner more detail on what the key person does, and the attributes and skills needed in a replacement employee.<\/p>\n The steps, logins and other necessaries required for making site or system updates to key systems need to accessible and understood so that another\u00a0employees or the owner could execute them or show them to a contractor in a pinch. You may think this is far fetched but if something happens you want to be able to update content and code if needed.<\/p>\n As part of your on-going training and planning it would also benefit the company to conduct a risk and vulnerability assessment so that key risks are known and can be planned for. Additionally, transitions can be planned for as well with\u00a0succession planning as part of leadership\/career development and key employees being\u00a0cross trained regularly. Finally, the owner should audit these areas periodically to validate readiness and expose weaknesses.<\/p>\n The above 9 steps won’t eliminate the pain of losing a key employee but they will enable the business to move along and speed the on-boarding process of the replacement. The wise small business owner will do well to track and keep up with these areas.<\/p>\n <\/p>\n","protected":false},"excerpt":{"rendered":" The dependence of small business on IT systems and the people who run them increases continuously. Whether the accounting systems, corporate\u00a0web site, inventory system, the online shopping cart, marketing automation, email servers, the customer management system, internal database servers, manufacturing automation servers and the like. The list goes on and on. Without those IT systems, … Continue reading The single biggest IT risk in small business and 9 ways to deal with it<\/span> System diagrams<\/h2>\n
Key 3rd party vendor information<\/h2>\n
Backup locations<\/h2>\n
Process and procedures and site\/documents<\/h2>\n
Monitoring Notifications<\/h2>\n
Job Descriptions<\/h2>\n
System\/Content Deployment steps<\/h2>\n
Final Thoughts<\/h2>\n