YOUNGSTOWN, Ohio – Cybersecurity was already a hot topic following widely publicized data breaches in recent years at large corporations, and information technology professionals say the faults exposed by the pandemic are driving that point home.
IT as a whole – with emphasis on remote work and cybersecurity in particular – has been brought to the forefront this year, says Bryan Blakeman, IT sales manager for Peak IT, which is part of Valley Office Solutions, Boardman.
“Business has been very good. I’m personally as busy as I’ve ever been,” he says. “Business was great last year and this year we’re exceeding that by leaps and bounds.”
The inquiries the company has received include reopening, implementing a remote strategy and developing protocols for business continuity and disaster recovery.
“Most of the stuff that we got in March was, ‘How do we implement a remote strategy?’ ” Blakeman says. Then, when returning to the office became a possibility, inquiries shifted to determining the best way of accomplishing that, as well as determining the best way to ensure interoffice data and client data are secure from breaches.
Regardless of what industry clients were in, the arrival of the pandemic forced everyone to consider alternatives to working in the office, all of which require some form of IT support.
“The market’s really good, especially in the manufacturing world because more and more companies are seeing that they definitely have to have an IT strategy,” says Ralph Blanco, CEO and owner of Executive Computer Management Solutions Inc. in Struthers.
While his company is seeing most of its new clients come from the manufacturing sector – 40% of new clients are manufacturers – clients across the board recognize they need to have an IT strategy.
“Business has been fairly steady,” says Mark Richmond, president of Micro Doctor IT. Business so far this year is about the same as last year at the Warren company, despite some projects being “pushed out” because of the pandemic. “Everybody is just being cautious before they head back to work,” he says.
More than half of the company’s business in the early days of the pandemic was addressing work-from-home situations, Richmond says, a trend that’s continued as businesses use funds from the Paycheck Protection Program to prepare for a possible second wave of the coronavirus. He has seen companies adopt Microsoft’s Teams application to host digital meetings.
When the impact of the pandemic hit, ECMSI had “thousands of end users and everyone wanted to work from home,” a transition that took about three weeks, Blanco says.
The main challenge was dealing with workers’ home infrastructure. Clients want to have remote management capability and remote access, with secure and safe virtual private network, or VPN, and proper anti-virus and anti-malware protections, TeamLogic IT owner Marsha Gazy adds.
IDMI.net, a website design and development firm in Poland, has been able to maintain its business throughout the pandemic. Many of the firm’s clients aren’t local, says chief information officer Anthony DePinto. “With the economy what it is, people aren’t going to physical addresses. More people are going to websites to sell products or give people information on their products,” he says.
Several clients have asked about putting out notices regarding closures related to COVID-19 or launching blogs and social media channels, he says. Because of budget concerns, particularly with smaller businesses, owners may struggle to justify putting money into their web presence, but such efforts “should be seen as a reallocation of funds and a different way of marketing at this point,” he says.
The top issue customers are coming to ECMSI to resolve is infrastructure, especially when it comes to data breaches. A company can have the best applications available, but if the infrastructure isn’t solid, it doesn’t matter.
“The biggest problem we have is neglect over time,” Blanco says. Failing to upgrade infrastructure as applications are added has a “glaring effect” on stability and security, he says.
Business is up about 15% from a year ago at Avrem Technologies, says owner and CEO Robert Merva. The Canfield firm encouraged many of its clients years ago to develop contingency and continuity plans, which have come in handy during the pandemic. The increased use of teleworking – a practice many employers are retaining now – has heightened security concerns.
“There needs to be a focus on security. It suddenly became problematic to secure a wider footprint for our clients,” Merva says. The biggest issue he encountered that he hadn’t anticipated was the “poor quality of internet” in many of the work-from-home situations.
Companies are increasingly worried about cyberattacks from cyberware and malware. “That has been on an increase since COVID hit,” TeamLogic IT’s Gazy says.
“Any more, it’s not if you’re going to get breached, it’s when you’re going to get breached,” Blanco says. “Unfortunately, you only hear about Target and other big companies, but there’s way more small businesses that get hacked. They just never make the news.”
A study last year by Accenture found 43% of all cyberattacks hit small businesses. The average cost of a cyberattack, regardless of the size of the business, was $200,000.
Smaller businesses are more susceptible to hacking because they lack the financial resources for protecting their IT systems, and thus are easier to penetrate, he says. As they carry out attacks, hackers don’t know whether they’re hacking a large or small business, only that their target has a vulnerability.
Ransomware attacks are up 56% in the United States since the onset of COVID-19, Peak IT’s Blakeman says. He attributes the increased threat to coronavirus-related layoffs turning “part-time hackers into full-time hackers,” as well as the increased vulnerability caused by remote workers not being in a professional environment.
“People think it can’t happen to them. The most challenging thing we’re facing is making people aware that small- to mid-sized businesses are targeted more than anybody else for those reasons,” he says.
Clients are more amenable to upgrading their security than in the past, he acknowledges. Peak IT is getting calls for commercial-grade laptops, firewalls and VPN configurations, though not every business “is in a position to be able to leverage such resources,” he says
Some clients think all they need is anti-virus software and a firewall, Merva says, but “that’s not necessarily the case anymore.” Rather than adding on safeguards such as an anti-virus program, security “should be integrated in everything from the ground up,” he says.
For clients who have adopted cybersecurity software, Peak IT has implemented training packages to train client companies on warning signs and what to do in the event an attack happens, Blakeman says.
The IT firms agree that handling clients’ outsourced needs is a trend that is here to stay. Most small- and medium-sized companies are “leaning toward outsourcing,” Blanco says.
An internal IT position is a tough one to hire for because in many cases the company doesn’t know what it needs to know, he says, and with a managed service provider, that outside firm typically has more resources than an in-house IT department would.
“It’s a win-win,” he says.
An employer often will calculate the cost based on the IT staff’s wages and benefits but fail to factor in overhead and hidden administrative costs, Merva says.
“I don’t come across any situations anymore where internal IT makes sense,” he says.
Micro Doctor’s Richmond expects outsourcing of IT to grow as a trend, and has been hiring in anticipation. “I see it continuing to happen. There’s a pent-up demand,” he says.
Gazy, who opened the office last November, reports several construction companies are coming to TeamLogic for the office’s managed services, as well as law offices and manufacturers. “It’s really a lot of different verticals. It’s not one specific category,” she says.