In this article, we present an overview of the reasons for and benefits of partially outsourced IT.
SMBs typically start their businesses with a handful of people. The need for IT is limited to simple tasks like emails and a web presence with minimal security. The focus quickly shifts away from the system to more pressing matters. Winning new business or acquiring new talent become more important after the initial tech setup. However, the technology needs of a healthy SME grow constantly due to changes such as customer demand or the growing number of staff. When this happens, SMEs face the decision of whether they want to build an internal IT team or outsource support alongside potentially even outsourcing hardware procurement and software licensing. But there is a third concept that brings together the best of both worlds – co-management. It involves tasks that are handled in house and others that are managed by an external party. The allocation of responsibilities comes down to the relationship between the participating teams and the desired outcome for the business.
“SMEs don’t focus much on IT when starting their business. It is only once their needs begin to grow, due to flourishing business, that SMEs consider internal, external or co-managed IT.”
Continue the read if you want to learn about the most common reasons why SMEs partially outsource their IT and how co-managed IT poses an alternative to internal IT only. It is backed by research conducted by Datto, Dynatrace, SonicWall, and the Learning &Work Institute.
What are the Reasons?
The following list is by no means complete. It outlines the main reasons why SMEs and bigger organisations chose to work with Technology Success Providers (TSPs).
#1 Increased IT Complexity
54% of SMEs have started to outsource their IT because of the increased IT complexity. They simply don’t have the skills or time to deal with the advanced requirements. This can be supported by a survey of more than 1100 SMBs conducted by Datto. Factors that increase complexity include: web and consumer technologies, support for remote workers, shorter time to market and the balance between DevOps and Security, industry-specific and political governance.
Cloud computing allows for shorter development and deployment cycles. Furthermore, it is accessible from virtually anywhere and typically extremely scalable. APIs allow cross-platform integrations which are great when legacy projects collide, or different companies come together to work on the same service or product.
The flip side is the additional layer of complexity due to multiple platforms, hybrid setups between private and public servers, and differences in time and location. Not only can the implementation of a new system or infrastructure be intricate, but the following management of the live environment can be time-consuming and costly. Dynatrace has found that 46% of surveyed CIOs see their IT teams as more thinly stretched than ever. In other words, fewer people are managing more systems with increased complexity.
#2 Skill Shortage
40% fewer young people are taking IT subjects at GCSE since 2015 according to the Learning & Work Institute. On the other hand, many industries are in desperate need of AI, cloud, and robotics skills. The skill gap has already reached a perceptible level during the pandemic as the number of IT job advertisements have been through the roof. The UK government categorises digital skills as vital to economic recovery. Furthermore, 95% of SMEs confirmed that IT helps their businesses succeed in Datto’s survey.
A vast majority of young people expect to learn new digital skills on the job. However, only about half of employers are able to provide those development opportunities, according to the Learning & Work Institute. This puts businesses in a desperate position. In the short term, projects will be delayed. In the long run, a lack of skilful IT engineers means that companies will not be able to grow as planned as there will not be enough resources to carry out projects or look after business-critical systems.
Small and medium-sized organisations
The average salary of a qualified first-line support technician in the UK is £25k pa, with salaries ranging from £21k to £32.5k depending on location and industry. This cost does not cover the operational overhead nor does it include holiday replacements or other benefits (training, medical, insurance). On top of that, a first-line support technician is normally not qualified to manage implementation projects nor single-handedly operate the whole security and network infrastructure.
As an example, breaking the cost down to an organisation with 10 other employees equals a £208 overhead for IT support per employee and per month which would not even cover licensing for any software.
As the organisation grows, the cost per employee goes down. However, the workload goes up. Usually, the workload is volatile which involves periods that require additional help or involve costly overtime. Furthermore, the complexity of the supported system increases as described previously.
As mentioned previously, the increased complexity of IT infrastructures requires specific skills to build, manage and maintain the desired solutions. ‘talent.com’ found that the average salary of a Microsoft Azure Architect in the UK is £75k pa, ranging from £65k to £90k. Arguably, if this talent is only required for one project, hiring a contractor is a good trade-off – if there were enough resources to chose from.
In conclusion, the lack of talent already delays projects or hinders their initiation. According to Wellingtone, only 29% of agile projects in 2020 were, mostly or always, completed on time. The impact is devastating as 47% of late agile projects result in budget overruns or unhappy customers.
SonicWall reported 4.8 Trillion (yes, Trillion with a Tr) intrusion attempts in 2020, a 20% increase compared to 2019. The same study shows a 62% increase in ransomware attacks (304.6M in total) and a very alarming 66% increase in IoT attacks (56.9M). These are just the numbers collected through their own global sensors.
It is fair to say that work-from-home (WFH) and bring-your-own-device (BYOD) have opened the floodgates for a seamlessly infinite stream of malicious software through emails but also text messages and attacks through home networking equipment.
Keeping up with the newest security standards requires time and skills. More often than not, internal IT personnel juggle project delivery, internal support and building out the company’s security portfolio to combat the latest threats to its network at the same time.
#5 Quality of Service
According to Dynatrace, 93% of CIOs see IT’s ability to maximise its value for the business as hindered. There is a disconnect between customer demands, internal project teams, service delivery and internal support. In combination with the skill shortage and an ever-growing security threat landscape, it also becomes more difficult to identify the severity of an issue that would allow minimising the overall business impact.
The consequences can be dreadful and could range from budget cuts for future projects over to employees leaving, all the way to lost revenue because of the lack of product development and unhappy clients.
IT Co-Management: Use Cases
The following list is not complete either but rather provides the main use cases for co-managed IT.
#1 Co-Managed Projects
An alternative to changing contractors is a single vendor agreement. It offers preferential pricing, a consistent exchange of information, and familiarity with the partner a business is working with.
Projects have three main criteria: budget, time, and quality. It requires a specific methodology to plan an IT project, carry it out and document every step of the way. They include commercial, technological, and employee-centric milestones.
When you chose to partner with a Technology Success Provider, make sure to check that their project team has the skills and certifications like ITIL and Prince2 on top of the platform-dependent training. Ask for references and drill down into the details as this shows how thoroughly work has been carried out before.
#2 Managed Security as a Service
TSPs focus on security. They do lots of other things like support, hardware provisioning, tech reviews and recommendations. But at heart, security is the number one priority. Look at it this way: a flight attendant brings you your meals and drinks, makes sure that you have headphones and a blanket, but the attendant’s job is to ensure your safety if something goes wrong. This is what they are trained for and measured on – not on how well they serve the meals, or how comfortable you are, but on whether they get you out of the plane on time after an accident.
Here is a list of security services to look for when evaluating TSPs:
• Updating Operating Systems and Third-Party Apps (Patch Management)
• Anti-Virus and Endpoint Detection and Response
• Identity and Password Management
• Email Security including Spam Filters, Phishing Prevention and Backups
• Backup and Disaster Recovery (Cloud and On-Prem)
• Managed Networking (Router, Firewall, Switches, Access Points)
When you chose a TSP, ask for previous security incidents and why they happened. Ask what tools the TSP is using to ensure resilience, and for the training that they provide. You should not settle for any TSP without a clean record. The benefits of managed security as a service are advanced security and cyber resilience, cheaper business technology insurance, predictable cost and peace of mind.
#3 Third-Line Support as a Service
An in-house IT team typically covers the basics including day-to-day support, basic network operations and smaller projects. However, some difficulties are bigger than others. When you regularly need additional support for bigger or more complex issues, it is time to evaluate outsourced third-line support.
The scope of work varies depending on your needs. Typically a very specialised individual, a third line technician can take full responsibility for server maintenance, the office network, or specific software or application among other things. No matter what you decide, make sure that your TSP is certified to handle the designated task. Ask for references and drill down into the details as they can show how thoroughly work has been carried out before.
Datto is an American cybersecurity and data backup company. They work exclusively with MSPs, TSPs, and MSSPs to provide enterprise-grade technology to SMEs. Dynatrace is an Austrian software intelligence platform based on artificial intelligence. SonicWall develops, builds, and sells a range of Internet appliances primarily directed at content control and network security. Lastly, the Learning & Work Institute advocates for and promotes adult learning.
IQ in IT is a Technology Success Provider and supports you as your outsourced IT department. If you have any questions or would like a deep dive on any of the topics discussed, don’t hesitate to get in touch.