Business IT 101
Business IT 101 is your go-to resource for learning the fundamentals of technology every small and mid-sized business needs. From understanding IT support basics and cybersecurity essentials to preventing downtime and protecting your data, these guides are designed to help business owners make smarter technology decisions.
If you run a small business, you know that staying lean with expenses leaves you with more capital for marketing and growth. IT support and cybersecurity are two areas where many SMBs trim as much “unnecessary” fat as possible, but it often comes at the expense of cybersecurity and business continuity. With 93% of small businesses’ cyber-incidents resulting in a data breach, it’s clear that having experienced and competent IT support is crucial for SMBs, especially when costs to remediate incidents can put them out of business. Risks of Letting Family Manage IT It’s tempting to cut costs by hiring family or friends to support a small business. You could cut costs this way and give an up-and-coming IT person their first job. When you have only a few PCs to support, you might also think the job is easy and doesn’t require the help of a professional. For simple support, your family might be a good resource. Trouble comes when infrastructure is configured with vulnerabilities, or they don’t perform necessary maintenance to stop vulnerabilities. A common theme in cybersecurity is “you don’t know what you don’t know,” and this issue becomes apparent only after a cyber-incident. Let’s take an example. Suppose that you decide to use Amazon Web Services (AWS) for cloud storage. Cloud storage at AWS is known as S3 or S3 buckets, which are similar to the directories you see on your PC. A common issue with S3 buckets is that they are often misconfigured to allow public access to data. The issue is so common that anyone can simply download an S3 scanner to find vulnerable buckets. When an inexperienced person misconfigures an S3 bucket, all your data is exposed to the open internet. You wouldn’t be alone. As recently as December 2024, two large cybercriminal groups, ShinyHunters and Nemesis, stole over 2TB of data, including source code, credentials, and secrets from misconfigured S3 buckets. It should be noted that the recently stolen data could be used in future attacks that these businesses won’t even see coming unless they take mitigating measures immediately. As you can see from this example, the simple act of having family or friends manage your IT could snowball into a larger issue where your small business is managing cyber-attacks targeted at your vulnerabilities. The savings on IT support can turn into six or seven-figure costs in remediation, litigation, and reputation loss. Some other risks you might not realize without a professional: Why Professional IT Support is Now Essential for SMBs Poor cybersecurity isn’t the only risk of DIY IT. Scalability and deploying tools that you can use now and in the future are also important. Let’s say, for example, that you want to deploy a server for file storage. You need a solution that not only supports the speed and space you will use currently, but also a solution that scales. Deploying too many resources is a waste of your IT budget, but too few can be a bottleneck in your productivity. Compliance is another issue. An inexperienced IT person would not know how to design infrastructure to follow compliant requirements. As an example, a small doctor’s office might not need many computers configured, but HIPAA has specific requirements for the way the internal office handles data and the network environment. You must keep office guest Wi-Fi separated from the internal network, employees must never connect to guest Wi-Fi from work computers, and strong encryption must be configured on the Wi-Fi router. Requests for data should be logged, and any protected health information (PHI) must be stored in encrypted form. Just like the consequences of a data breach can be long-term costs, having an inexperienced IT person set up a network without taking compliance and scalability into account can be an expensive mistake. The cost of HIPAA violations varies widely from $141 to $2 million per violation. More serious consequences include criminal penalties. Professional IT support is more important than ever, as any mistakes come with a high price tag. Ensuring infrastructure is configured correctly, deploying infrastructure that scales with your growing business, staying compliant, and managing infrastructure after it’s deployed are some common ways managed service providers can help. To properly manage resources, you need someone with the experience of a professional and people who have seen different issues for quick resolution when you need help. Here are a few other ways IT professionals can help: Managed IT vs DIY: What’s the Real Cost? DIY IT support is arguably the most cost-effective, but the real costs come from mismanagement of your infrastructure. Every company has a unique environment, so you can use our managed IT services calculator to estimate your costs. Costs depend on the number of users, computers, servers, compliance concerns, offices, and the services that you want. IBM reports that the average global cost of a data breach is $4.4 million, so the true costs are in failed IT support. Using managed service providers might seem like an unnecessary expense, but it can benefit you in the long run. Should your organization see massive growth, professionals at an MSP can still support expansion to new offices, hundreds of new employees, and computers, and an increase in data. Do you think your IT is in good shape? Take our free three-minute IT readiness quiz to find out. FAQs
There comes a time for every small business when you become the target of hackers. Most hacking campaigns are a collaboration of cyber-criminals across continents, so they know about vulnerabilities, human nature, and the statistically higher chance that your small business doesn’t have the resources to stop advanced threats. At some point in your business operations, a cyber-criminal will exploit a vulnerability. This vulnerability could be human error, improperly configured cybersecurity infrastructure, bugs in your system, outdated software, or a simple email with a malicious attachment. Whatever the cause, the time it takes you to discover and contain a threat is critical to your business. IBM’s 2025 Cost of a Data Breach report says that the average global cost of a data breach is $4.4 million. These costs include litigation, incident response, changes to cybersecurity infrastructure, loss of reputation, and reparations. It should be noted that litigation could last for years, making it a stressful time for small business owners. Target’s infamous data breach happened in 2013, and a settlement wasn’t reached until 2017. Ideally, you have a disaster recovery plan in place when you experience an incident. An “incident” is anything from malware to an employee disclosing their network credentials. It could involve physical or virtual breaches. The first step in incident response is discovery, which hopefully you have a good monitoring solution to find threats fast. Without monitoring, it could take months before you realize you have a threat on your environment, and it could do irreparable damage to your data integrity and customer privacy. The steps we provide here are a good starting point for small business owners who realize they have a threat on their environment. If you have a disaster recovery plan, you should reference it and follow it, usually starting with notifications for a hierarchy of stakeholders and decision makers. If you don’t have help yet for an incident, here are some steps you can take to limit damage to your small business data. Isolate the Computer or Device from the Environment Have you ever accidentally downloaded a malicious executable, and antivirus software stops you and puts it in a special folder? In essence, your antivirus software is isolating the malware to protect your computer and the environment. You need to do the same with any threat. This step can be difficult if you don’t know how to isolate it, so the best immediate strategy is to disconnect the computer from Wi-Fi, the network, and the internet. Disconnect the Ethernet cable and turn off Wi-Fi. This will stop the threat from spreading to other machines. Unfortunately, it’s possible that the threat has already spread, but the sooner you disconnect the affected device, the better. For example, ransomware will scan the network for important files and encrypt them with an irreversible cipher. If this happens to you, you’ll need to restore data with a backup, which is a good example of the importance of backups in your standard IT procedures. As a last resort, you might need to remove the entire environment from the internet. This step is like using a sledgehammer for a nail, but it might be necessary in an emergency. You’ll stop most malware from “phoning home” to communicate with a hacker-controlled server, but you destroy your productivity if employees need the internet. If you have the training, you could isolate the network segment affected and leave the others to continue productivity. Do this step only if you have no choice and can’t stop the threat on a single device. To summarize: Disable Affected Accounts In many data breaches, an attacker obtains sensitive credentials from employees. Attackers use numerous methods to get these credentials, including malicious emails (e.g., phishing), social engineering, or obtaining passwords from other hacked accounts. If your employees use the same passwords for your network as they do on third-party sites, your network could be vulnerable. Cyber-criminals use legitimate network credentials to install malware or steal data from corporate resources. After you isolate the threat, you might find that a specific user account is compromised. First, disable the account. This will give you time to gather information on the severity of the data breach. Don’t delete the account. It could interfere with collection of evidence, which you will need for law enforcement. If the account is tied to sensitive information like accounting, make sure you change passwords on these platforms but only with a machine that you know isn’t compromised. Any trojans or keyloggers would obtain access to new passwords, so change passwords on a machine you know is clean. To summarize: Determine the Source of the Breach Now that the threat is contained and can’t spread using network user accounts, you must determine the source of the data breach. This is important to avoid having the same issue happen over again. You also need it to determine if you fully eradicate it. For example, if you restore data after a ransomware attack but the ransomware persists on the network, you will just suffer from the same incident. Verizon reports that 60% of data breaches stem from human error. Employees are often your weakest cybersecurity link, so education is important. You must find out if human error was involved or your cybersecurity infrastructure failed. This step might take the help of a professional cybersecurity consultant, but most human error based incidents can be linked to an account. During your research, you should also log all customer accounts affected by the breach. To comply with certain regulatory standards, you might be required to notify users of their data being disclosed to a third party. For example, if user credit card data was disclosed in the breach, you might be required to send an email to these customers. To summarize: Restore Data from Backups Hopefully, at this point in your incident response, you have backups to restore data. The faster you get to this point, the less money you lose in downtime. Your backups should also have enough data in