On a fixed price IT service? It could be costing you big

Changing your IT services approach could slash your bill in half and potentially save you much more in the fallout from would-be cyber attacks, one local expert says.

While signing up for a seemingly comprehensive range of services for a fixed price might seem like a good way to control IT expenses, BluePackets managing director Andrew Donehue says certain upgrades to your system security would reduce the need for services, making a fee-for-service model more economic.

“Pricing on both fixed and by-service arrangements can vary greatly. We’ve used a fee-for-service model since our inception, but we’ve seen fixed pricing around $150 to $200 per user per month for the same level of service we provide,” he explains.

“If you need services not included in those structures – for example, help meeting your insurance requirements or strategic help, you could end up paying for a lot of extras.”

Fixed price schemes were better some years ago when systems were more complex because workplaces tended to host employee workstations and servers – a system that tended to need a lot of ‘massaging’.

In addition, users were less digitally savvy.

“Now servers have largely been removed from offices, people are mostly relying on Microsoft 365 or the Google suite, and the tech is more reliable,” Andrew says.

“Help is also easier to find and is out there in a format you can search. You don’t even need to know how to search for it – systems are smart enough to answer most of the day-to-day technical questions.

“The generations working with these systems are increasingly the generations who grew up with computers and the internet, too. They grew up resolving IT problems. We find that if an organisation has even one or two people in-house who are tech savvy, those people can resolve 90 per cent of the little issues that pop up daily.”

Many clients who move over to BluePackets from competitors are coming off fixed price schemes, and Andrew says the substantial savings take them by surprise.

“Once we’ve improved their security, often they don’t call us for months at a time,” he says.

“Yes, we’re doing that ongoing service with security management and keeping an eye on things, but we find there are almost no ‘reactive services’. The costs are driven by the client and tend to come when they’re adding staff. Otherwise, it’s business as usual, and they can save half or even two-thirds of the cost that way.

“They also get the benefit of extreme flexibility, and because their request isn’t simply going into a pool of requests where it might get deprioritised for more pressing matters, they can rely on their issues being fixed promptly.”

Andrew says the biggest influencing factor for keeping costs down is improving security, and a good place to start is ensuring the ‘Essential Eight’ are covered.

While there’s no silver bullet for protection against all cyber threats, these eight mitigation strategies are considered to form a baseline that will make it harder for cybercriminals to attack. They include simple steps such as multi-factor authentication, restriction on administrative privileges, application control and regular backups.

“The worst you can do is do nothing. You’re better off investing upfront in your security and then taking small steps to maintain it regularly rather than leaving it be for a long time and having to take giant vertical leaps,” Andrew says.

“Yes, there’s an initial outlay to upgrade your system. But consider that if you have a security event, it’s not just the costs involved in fixing it but also downtime when employees can’t work for a period and reputational damage to your business. There might also be insurance damage and funding risks. It can really add up.

“Think of investment in your system in terms of human time, which is costly. Staff salaries are expensive. You’re better off investing in a good computer system. It’s not just an expense; it’s a tool of efficiency, and it’s cheap compared to the price of the person operating it.”

For more information, contact BluePackets.

REGION MEDIA PARTNER CONTENT