Companies of all sizes at some point look to outsource at least part of their technology support primarily to allow their existing staff to focus more on the business’s core competencies rather than day-to-day IT issues. Because daily support issues can be time consuming and require a great deal of time and attention, companies look to third party managed service providers who specialize in technology support issues. While it sometimes makes sense to bring in a third party technical resource for a small project, working with a managed service provider is usually a long term relationship, which means it’s important to do your homework to make to choose the right one for you.

First of all, it’s important to outline out what services you are looking for, and what kind of support you need. There are some firms that offer 24/7 support, while others only offer support during regular business hours. Also, it is important to know whether you will need the firm to send consultants to your site or if you would like them to work by tapping into your systems remotely to help you with your technology concerns. Most managed services providers work in a way where you can contact them through email or over the phone and they will respond in whatever mode is best suited for the job, including remotely accessing your network to support the issue.

More recently, companies have been moving towards cloud and virtual solutions. While these are definitely cost-effective and beneficial to companies to set up, they can still be demanding in terms of regular support and maintenance. It is important to find a consulting firm that is comfortable working with these technologies and can help troubleshoot incidents you may have with cloud computing or VMware servers. In order to verify this expertise, ask for VMware certified professionals, to make sure that the company has people on staff who have proven knowledge and experience working with these sensitive environments.

Lastly, If your firm is in an industry that has strict regulations to comply with, it is important to find an IT consulting firm that has the experience and certifications to be working on sensitive data and information in your industry. For example, if your firm is in the life sciences industry, which is rigorously regulated by the FDA, it is important that the firm you choose for your managed services solutions is familiar with HIPAA standards and regulations for data protection and integrity, and it is crucial that the technology consultants you bring in are GxP certified to validate your systems and hardware based on latest regulations. For firms in the financial industry, it is important that IT support staff is abreast of Sarbanes-Oxley regulations and is certified to be working in such a sensitive environment.

As mentioned in a previous blog post titled  “Domestically Outsourcing IT Services and Support,” the primary reasons to outsource IT services and support are to reduce and control operating costs, improve company focus, gain access to world-class capabilities, and to free up internal resources for other purposes. Thus, it’s apparent that outsourcing IT support, especially for day-to-day support issues that pull away resources from a company’s core function,  can be a good investment for a company. However, it is important to choose the right managed services provider based on your specific needs, including the size and type of your business, what kind of services you’re looking for, and what industry standards you have to comply with. By researching numerous managed services providers, and making sure to choose the one that best fits your needs, you will be able to find a solid partner for the long haul.

Life Sciences IT | Technology Consulting | MUSA | Managed Services | Domestic Outsourcing

Tips on Successfully Outsourcing Technology Support

by Douglas Lantigua, Principal, MUSA Technology Partners

There are four primary reasons why a business or organization should (domestically) outsource any portion of its IT services and technology management:

1. Reduce and control operating costs

2. Improve company focus

3. Gain access to world-class capabilities

4. Free up internal resources for other purposes

Source: Survey of Current and Potential Outsourcing End-Users
The Outsourcing Institute Membership

The reasons to outsource your IT infrastructure are apparent, but what isn’t so clear is how to best handle it. This is an upfront, unbiased outline of how to manage technology outsourcing correctly, and how to avoid falling in a common IT outsourcing trap that many organizations find themselves fall into. If you follow this advice, you can make the most of outsourcing your IT, and reap all the benefits that come with it, without the common pitfalls many organizations face.

Depending on the size of your organization, the role of technology vendor management is likely one person’s partial responsibility, or is left to a multi-tiered management structure to handle. Once the decision to domestically outsource IT services is made, a line is drawn within the organization to separate the internal knowledge and management from the outside vendor. The front line, internal resources are in place to make sure the IT services vendor performs work that is in alignment with company objectives. Internal IT roles shift from the management of departments, people and projects to the management of the external IT services vendor.

Technology outsourcing companies in general have become skilled at creating self-seeking contracts through an evolution of  service delivery, exclusive contracts and assumed expertise. The company that is outsourcing a division may have a few people who have lived through an outsourcing and the intricacies of the contract details, but every year vendors gain additional knowledge and experience on how to write contracts that seem to only benefit themselves.  Most of the larger outsourcers are public companies driven by market forces that demand higher profits and the expansion of services. At the same time, vendors are in a conflicting position to answer to management and stakeholders for higher profits while also trying to align with their client’s goals of lowering costs. The conflict of interest apparent here tends to create long term problems.

The original contract usually turns out to be a building block towards costly contract changes. A large company that has outsourced may review their contract and see what is working and what isn’t every five to ten years. Once the outsourcer controls the entire process and resource pool, it is relatively easy to demand fees that aren’t on par with market rates. In many IT outsourcing engagements, the company outsourcing its work will sell its IT equipment to the service provider for a good amount of money, in return for the short term cash influx. The reasons are mainly to offload all aspects of the IT burden and turn it into a service provided for outside of the firm. However, once the IT services firm holds a monopoly with its' clients environment and ownership of the equipment, the ground is fertile for less than ethical behavior. When the original firm needs a change to the base outsourcing contract, which can happen often over a 5-10 year period, the costs tend skyrocket. 

The moral of the story: Do not sell your infrastructure to an outsourcing company unless the infusion of cash is absolutely necessary in the short term. Maintaining control of the infrastructure is an essential step in protecting the company from contractual obligations. This will break up the monopoly and keep project costs closer to actual market value. Also, by introducing some rivalry in the environment, the large outsourcing company will be kept on its toes when faced with potentially losing business. Without this competition an orgainzation will need to live with the equation where the result is added into the recurring service fee: [(the organization’s ‘walk away’ from the contract fee) / (Monthly service fee)]* [(Level of the organizations business critical need of the project or service on a scale of 1-10) * (10,000)] ^₁

By going with a multi-vendor model, an organization looking to outsource has the ability to freely choose the best of breed service delivery model for each particular subcomponent of its technology outsourcing needs. The firm should place strict terms of engagement to limit the role of a company coming in to do a particular service. This will keep the multiple vendors in harmony in their roles and allow them to work together to deliver a cohesive overall service. Contracts should be made shorter to keep the service quality high for the duration of the contract, and to increase competition between vendors. When outsourcing IT services, there is little difference for an orgainzation between managing one vendor or multiple vendors. If the orgainzation prefers to only interact with one vendor, another general contractor vendor can be brought in to govern the interactions and assist with contract negotiations since they will likely come up more frequently. For many reasons, domestic technology outsourcing is advantageous and here to stay. However, how an organization chooses to outsource will determine its success with it.

¹This formula is a simplified model, but for organizations that currently outsource their IT, this concept will look all too familiar.

For additional insight or help with successfully outsourcing technology services either partially or completely, contact MUSA Technology Partners, a rapidly growing technology consulting firm based in Cambridge, MA, through MUSA's online request form or call us at (800) 401-9123.

MUSA | Managed Services | Domestic Outsourcing | Technology Consulting | Biotechnology Trends | Virtualization

There are several techniques available to provide reliable Disaster Recovery and Business Continuance for companies, but before you can chart a path you must recognize that it is the nature of your business that will dictate your DR/BC requirements. Typically the business will tell you that your application or service can never go offline. That is, until you are presented with the cost of a 100% uptime scenario. Enterprise environments should be armed with a cheat sheet for business units to understand what they are asking for and how much it will impact the budget. If your IT department is in a chargeback model, the argument becomes simpler. Companies whose business requests and requirements become IT problems and budget busters need to be better armed with information.

Most companies do not start planning DR/BC initiatives early enough. It is far easier to implement a plan early (and then build upon that original plan) than it is to implement a new plan after you have hundreds of servers over multiple geographic locations. There are several techniques to determine which applications and services require special attention, and most are dictated by the business. However, since IT provides the core services that enable access to these business essentials, there’s a cascade of dependencies which also need to be accounted for. For example, it really wouldn’t matter if the ERP system was up and running if the end users couldn’t authenticate or locate the ERP system on the network. When mapping out the business-critical applications and services, make sure to design a highly resilient supporting infrastructure that is easy to maintain and keep in alignment with business and DR/BC goals.

Notice I’ve been writing about ‘applications’ and ‘services’ and not servers. This is because businesses care very little about a server, but instead care very much if an application or service is available. The server culture is under constant attack from clustering, virtualization and cloud computing deployments. As long as applications and services are available, the business will not care if half of the servers supporting this functionality crashed. Appliances are a different story. In the last decade, the trend was to deploy appliances to lessen the burden on IT departments for deployments. Today, most vendors are moving toward virtual appliances and you should take advantage of this trend. 

Tier your applications and services in a list broken down into:  

Uninterruptible Goal of 99.999% or better uptime (roughly 5 minutes of downtime per year)
Essential Goal of  99.995% or better uptime (roughly 30 minutes of downtime per year) 
Critical Goal of 99.99% or better uptime (roughly 1 hour of downtime per year)
Important Goal of 99.95% or better uptime (roughly 4 1/2 hours of downtime per year)
Enhanced Goal of 99.9% or better uptime (roughly 9 hours of downtime per year)
Standard Goal of 99% or better uptime (roughly 3 1/2 days of downtime per year)
Other – Can be down for multiple concurrent days

Companies that use a chargeback model should include DR/BC costs against this chart or a modified version of this chart. Calculate the overall cost and amortize for the life cycle of the implementation.

You may find you don’t want all of these levels of uptime and would be better suited to only offer a couple of levels. It is important to differentiate between Disaster Recovery and Business Continuity. You can argue the definitions for years, but to make it simple, I’ll break it down this way: Disaster means that your datacenter or facility is completely offline for an unacceptable amount of time where people/applications/services need to be relocated to continue normal operation of the business. Everything else falls under Continuity. It is far easier to recover from an issue without moving people/applications/services. The Business Continuity is mostly a site-specific action plan with a couple of modest exceptions relating mostly to infrastructure. 

Your typical SunGard type facility works with tape restoration. This can take several days to get fully back on line before people can work and your core business is functioning again. Unless your facility is completely unusable for a period of time, this option is perfect for a pinpoint Disaster like a fire, but fails the local community when multiple businesses are in need of the same facility. 

Only the business can determine the criticality of each deployment. Infrastructure will need to respond by making the core services available at the same service level or better. For example, if infrastructure is responsible for ensuring a database-driven application deployment needs to be available at 99.999% uptime, this requires every dependency to have even better availability. Consider the database, network, servers and connectivity to the system all have 99.999% uptime; if each of these dependencies has a 5-minute outage, the overall deployment has a 99.995% uptime. The business should understand the cost of requiring multiple 9’s right of the decimal point. The cost incline isn’t as steep as it was a couple years ago, but the cost can be significant and multiplied if the business and IT organization doesn’t take a holistic view of DR/BC.

For help developing a disaster recovery and business continuance plan, contact MUSA Technology Partners, experts at DR/BC solutions.

Digg This!

Subscribe to the MUSA Blog RSS Feed

Domestic Outsourcing | Planning | Business Continuance | Disaster Recovery | Technology Consulting | Life Sciences IT