Some contracts are straightforward. Not many, we grant you, but some are. Employment contracts boil down to we promise to give you things if you promise to perfContracts can be tricky things, can’t they? Sometimes, they seem like they overcomplicate what could be the simplest of agreements. But they are important in making sure everyone knows what they’re getting. They’re also important for defining terms that may mean different things to different people, whether that’s ‘reasonable timeframe’, ‘flexible working’, or ‘IT Support’.
Of course, every organisation is different; there’s no such thing as a one-size-fits-all approach to IT support. But if you’re in the market for a new IT Support contract, you might want to ask yourself the following:
What do you get?
The first thing you need to establish is exactly what you receive as part of the support contract. IT is a wide ranging and complicated subject, which means there may be things your contract doesn’t cover.
Here’s some things to consider:
- Are remote workers covered?
- Do you require a presence on your sites regularly?
- Do you need out of ours or round the clock support?
- Are mobile devices, or PoS devices covered?
What level of service can you expect?
In an ideal world, every issue would be fixed as fast as possible.
A service level agreement does pretty much what it says on the tin: it defines the level of service you and your IT provider have agreed to. This can vary from a round the clock presence of your IT provider’s staff on site in case of emergency, down to an agreement your provider will pick up your ticket within a few working days.
The more intensive your requirement, the higher the cost is likely to be, so discuss with your provider what your organisation would realistically need.
This is also dictated by the type of support. If your entire system is down and no one in your organisation can do any work, that would take higher priority than a single user needing their password reset. It’s worth knowing how your provider will prioritise your issues.
What do you need to do to get the IT support you need?
Having a support contract doesn’t necessarily mean your new provider is at your beck and call; they’ll have internal processes which you’ll need to follow to get the best service possible.
For example, we ask our customers to use specific contact methods to raise tickets because these go straight into the service queue. If customers contact us via the website, the ticket will only be picked up when we check website enquiries, which while regular, is much less frequent than the service queue.
Make sure you know how to raise a ticket, when to expect your account reviews and what these cover, and how to provide feedback on an ongoing basis.
How safe are you?
Your supply chain is only as strong as its weakest link, so if a company provides you IT Support, they take a share of responsibility for your cyber security, even if they aren’t offering you Cyber security services. It sounds obvious, but it’s fundamental that your MSP has sound cyber security credentials. Look for the Cyber Essentials Plus standard as a bare minimum, and if they have ISO 27001 even better. Your MSP will have unparalleled access and control over your network and systems, so they are the highest risk element of your supply chain. You should also expect your MSP to do some sort of security audit on your network, and they’ll ideally offer a plan for further improvement.
If you will be receiving cyber security services, make sure you know exactly what’s covered. MSP’s can’t take all the responsibility for your cyber security, as end users form a big part of your security posture; the best IT provider in the world can’t guard against a user who posts their passwords to Facebook (though they might be able to help with some cyber security training). But if you’re buying a firewall product or service, it’s reasonable to expect some protection from it, and for your provider to take some responsibility should the measures they put in place fail.
How safe is your data?
Your IT provider is going to have access to most, if not all of your sensitive data. Make sure they have robust data protection in place, and always be sure to ask where your data is stored. Some well known cloud storage sites, for example, host all of your data in America, making it subject to slightly different data protection laws than the UK , which could potentially expose your business to unnecessary fines in the event of a data breach.
Where is the risk?
When your IT provider recommends a product or service, it makes sense to us that should that product or service fail, the IT provider should shoulder some of that risk. For example, if we recommend a business continuity solution, and then need to recover your data after a disaster outside of your control, we don’t charge you extra; that’s what you’ve been paying for.
‘Hidden’ costs come in where you think you’re paying for a service, but you’re actually only paying for part of it – backups are one example, but pay careful attention to what’s excluded from the services you’re getting.
It’s once again worth noting that providers are unlikely to bear the responsibility of user error. If your server is down because of a hack that got through your firewall, that’s one thing. If the cleaner unplugged the server so they could run the hoover round, that’s another matter.
Who is the contract with?
We’re not talking about whether your prospective MSP is a shell company for some nefarious corporation (although that should be checked as well), but what they are like to deal with. Are they approachable? Professional? Knowledgeable?
As a new customer you should feel like you’re getting a priority service during initial discussions and the onboarding process. Providing the best service means getting to know how customers operate, and what their objectives are. If your new supplier isn’t trying to get this information, they aren’t going to be in a position to help you as much as they could.
Whether this is your first time receiving IT support or you’re transitioning to a new IT supplier, the process should be as easy as possible. How long will onboarding take, and how will disruption be minimised? Onboarding should always be as seamless as possible, but it should also be thorough. For example, your new supplier should make sure to remove any applications or software that a previous supplier may have used, to ensure there are no backdoors into your system.
Whatever provider you choose to go with, we hope you have a successful relationship with your MSP. But if you aren’t sure who to go with, and are looking for an MSP that ticks all the boxes, contact us here.