Most businesses have struggled at least once every few years with scenarios that have wasted time and money, possibly even sabotaging business goals and customer relationships, by hiring the wrong IT vendors. Perhaps your brother’s recommendation panned out to have the wrong experience to support your IT needs. Or, you may have selected a vendor who gave unrealistically low estimates just to get a foot in the door and then presented reasons for additional budget, leaving the operations manager or CIO no choice but to sign the next invoice to save face or explain away why he was over budget. The reasons for selecting a particular IT vendor are numerous and may be based on the wrong assumptions. The results are often due to inadequate planning or lack of attention once the papers are signed.
Sometimes businesses just don’t have the processes in place internally to manage the contract when they decide to hire an IT vendor, leading to a disastrous relationship. Even before assessing an outsourcer’s capabilities, you need to accurately identify your current state and have a pretty good idea of the scope of the IT needs to be outsourced. This kind of due diligence will prevent the risk of poor performance, future disagreements and the cost and disruption of having to renegotiate or terminate the contract.
One of the most frequent scenarios I hear involves the handling of maintenance of the IT system, network, Search Engine Optimization (SEO), or other services. According to an article on CIO.com titled Five Tips to Create a Recession-Proof ERP Vendor Strategy written by Thomas Wailgum, January 14, 2009, Forrester Research VP and principal analyst Ray Wang found that out of more than 400 customers, many spend $500,000 on maintenance but call support only five times annually. Obviously, the usage does not correlate to the cost.
Of course, responsibility for maintenance contracts should fall on both parties. I believe one of the first priorities for selecting the right IT vendor focuses on how well the vendor will handle the relationship. If you are not receiving regular reports and communications about the maintenance of your IT systems, don’t assume that your IT vendor is maintaining your assets and the applications which support your marketing, billing, human resources, and other critical components of your business. Will you receive regular information on security patches, notices on expired security or updates on backups to your system? Don’t assume these services, but these are the expectations you should have for your IT vendor.
If you are seeing your vendor’s IT technician once a month, you can be sure your vendor is not focused on preventive maintenance. Since most small and mid-sized companies have limited in-house IT resources, it is important to have a vendor who is focusing on what could happen to your network, systems, and equipment. Take a look around your office one day soon to see how much dust you can find around your computers. We have invested in a specialized electronics vacuum which we use for regularly scheduled visits to clean IT equipment, resulting in fewer repairs, replacements, and downtime. From something as simple as this to ongoing network maintenance, your IT vendor should provide measures which assist you to protect your business.
Here are a few additional considerations:
Check references thoroughly.
It is critical to know that the vendor has the capacity to carry out the work and that the company is financially stable to fulfill the contract. Ask references why they use this vendor, what are the best and worst aspects of dealing with the staff, and the longevity of the relationship. Always give the vendor’s clients a clear understanding of the specific services you are seeking so that they can provide quality feedback.
Understand IT credibility.
Often business owners have a misconception about IT certifications. For example, in the dental industry, there are specific software certifications for products like SoftDent or Dentrix. Vendors who invest all of their money, energy, and training in such certifications often do not hold certifications such as Microsoft, leaving the client without the assurance of proper configuration for firewalls, password protection, or numerous other IT applications. Be sure to ask vendors if they are a certified Microsoft provider. If you find someone who isn’t certified, there is a reason, and you should consider other vendors.
Ask information on staffing.
What is the number and job function of employees? Knowing that employees who will be on-call are trained in all areas of the services you need assures you of the responsiveness you may need during emergencies. Additionally, look for a vendor who can explain their processes for the 24/7/365 days they include in their brochures to make sure they have adequate staffing.
Determine whether security expertise is a core competency.
No longer do companies define business continuity in terms of days or even hours, but in terms of point-in-time backups and instant recoveries. One of the most frightening times in running a business when data is lost from a hard drive, a network goes down, or there is a breach of data security. The best way to avoid these situations is to be sure that the IT vendor you select has the capabilities to help prevent such issues. Your vendor should require you to have a network diagram as part of your disaster plan along with a frequently updated inventory of serial numbers, laptop serial numbers, PDAs and other equipment. We have had situations where we have wiped a phone in five minutes, along with immediately calling the phone company to lock the account, because we maintained accurate client information.
Even for services such as web site design and SEO be sure you hire a vendor who understands the impact of poor management on your site. If vendors do not keep you up-to-date on hackers and scams, you do not want to hire them. Even how your domain name is purchased and managed can allow you to maximize the benefits of having a site or unfortunately, jeopardize your ability to use this valuable marketing or customer management tool. Find a vendor who knows how to prevent your domain from being stolen by a cyber squatter. In order to control the botnets who search sites for email addresses make sure your pages are encrypted. Ensure that your SEO Company is not practicing black hat tactics; for example, placing text which is invisible to humans but may be seen by the search engine. This could make Google see your site as untrustworthy which would be counterintuitive to the mission.
Attention to training.
IT professionals can easily get complacent about training once they have been in business for several years which can be unforgiving in our ever changing industry. Find a vendor with technicians who are stellar in training clients, and preferably, offer not only individual, but team training courses on a regular basis. We have team auditing on each other frequently for every service we offer. Whatever checks and balances an IT vendor uses, be sure some sort of monitoring is evident.
These are just a few of the many aspects of hiring an IT vendor you should consider. Your due diligence will favor vendors who deliver value, quality, and predictability in the overall relationship.