In a world of rapidly evolving technology solutions, IT environments in organizations are becoming more complex and playing a larger role in every aspect of daily business operations. No longer can organizations afford to use vendors as only an IT provider and not an integral part of an organization's IT support team. To avoid costly inefficiencies, businesses need to utilize advanced technical support services to manage growingly complex IT environments, augment the return on IT investments, and defend against increasingly sophisticated and targeted security threats.

However, just as one product or technology varies from another, services also vary in size, scope, and depth of expertise. Organizations must thoroughly investigate which support service is best for their business and how a support offering will benefit their overall IT environment.

Defining Mission-Critical Threats

When considering whether to engage a vendor in support services, organizations should compare the benefits of the offering to the consequences of not having the service, particularly upon those business operations deemed "Mission Critical."  The support services in an IT environment that are known to minimize system risks, ensure the availability of complex systems, and that are essential to the survival of an organization, are known as mission-critical systems. Their vital impact on an organization's ability to accomplish its essential tasks or overall mission makes them critical.

Many IT challenges strain mission-critical services in today's sophisticated IT environment. One difficulty comes in making sure all programs, applications, and solutions are working together properly. Organizations that implement multiple technologies and rely on a combination of hardware and software to deliver critical business solutions cannot afford unplanned downtime. Most organizations in the financial, manufacturing, telecommunications, healthcare, and government sectors need to successfully manage a proliferation of platforms and devices with minimal disruption.

Numerous, evolving and sophisticated security threats can also strain or even cripple an IT environment, halting mission-critical operations. Without safeguards advanced enough to match the complexity of attacks, hackers can easily access confidential or proprietary information about a company or its customers.  Viruses and spyware can drastically slow or disable machines vital for business undertakings.  The threats constantly change and can come in the form of e-mail, instant messenger, or everyday browsing.  Failure to seek out advanced security support measures puts an organization's reputation and business in danger. 

Another layer of complexity comes into play when organizations need to comply with government and industry regulations. If an IT environment fails to adequately archive, protect private data or prepare for electronic discovery, the business may land itself in both business and legal trouble.

The results of not overcoming these IT challenges can be devastating. Companies that recover quickly from operational disasters averaged a 5 percent increase in share price. Those that struggle to regain operations from disasters affecting their systems saw a 20 percent decrease in share price.[1]

To ensure success, organizations are obligated to guarantee their IT environments remain secure, available, high-performing, and compliant at all times. Mission-critical support services are designed to help organizations create and maintain an environment in which interactions, information, and infrastructure are protected, efficient, compliant, and resilient. With advanced multi-vendor expertise, flexible support plans, and innovative support technologies, mission-critical support programs are an important component of a balanced and effective IT risk management program.

A successful advanced support service will offer a unique blend of both proactive and reactive services, including a designated account manager, onsite visits, and accelerated response and time to resolution.   

Before Vendor Management: Choosing a Vendor

Before an organization can maximize the benefits of an advanced support service, it must first cautiously select the best vendor for its needs to provide this support. Businesses should choose a vendor that provides predictive, prescriptive, and proactive support services, which are critical for preventing and mitigating issues within the IT environment. Best in class vendors offer the following proactive support services to ensure the complete security and availability of the data within their IT environment, as well as to ensure the protection of technology investments.

• Configuration assessment: Proper software configuration can dramatically impact the overall operational stability of an organization. Configuration assessment is a proactive service for documenting and analyzing an IT environment, a benefit which can be useful in identifying problem areas before a critical issue arises. To conduct such an assessment, an assigned engineer works closely with the IT staff to monitor and capture data and blend it with information collected from software tools and customer interviews conducted onsite. After analyzing this information, the engineer will prepare a comprehensive configuration report with detailed recommendations for improving stability. An annual configuration assessment is recommended to pinpoint configuration errors, provide a high-level "point-in-time" picture of the environment, and to mitigate data loss and service disruptions. Ultimately, the goal is to promote ongoing stability.

• Network assessment: In today's distributed computing environments, the network has become a critical component in the overall architecture. Operational stability requires a network to be configured and operated at optimum levels. A network assessment uses network-sampling techniques to send and monitor predefined packets of data along the same path traveled by an application, and measures the end-to-end performance of a network. The assessment can help identify causes and pinpoint potential network problems that may impact the performance and overall operation of software or business operations. A network assessment analyzes an organization's network links on different servers to help ensure the most from their vendor's technology.

• Disaster recovery testing service: Disaster recovery plans are imperative in today's IT environment and essential for business continuity. Failing to recover critical data quickly can have serious revenue and business repercussions. A disaster recovery testing service offers a review of the organization's disaster recovery plan and onsite technical support during the testing period. With most mission-critical support offerings, organizations can request an onsite engineer for a predetermined number of days to help test the disaster recovery strategy. More importantly, this will help prepare for a more timely and successful recovery of operations in the event of an actual disaster. With this type of service, an organization can expect the onsite engineer to initiate an effective disaster recovery strategy with proactive advice; validate the recovery plan by running a disaster recovery exercise; and ensure business continuity by implementing detailed recommendations for enhancement.

Better Vendor Management for Better Support

Complying with several best practices can help ensure an optimal experience while working with any vendor's support organization.

Foremost, communication is essential. Consult with the vendor frequently and leverage their knowledge and expertise to gain a better understanding of the process and technology needed to mitigate IT risks and maintain a secure IT environment. Expect a vendor to realize it may not be able to exclusively provide the entire IT package needed. So ask the vendor to use its strong relationships with other IT providers to make the support experience seamless, efficient, and comprehensive.

Develop an ongoing relationship with the support account manager by scheduling onsite meetings to enhance his or her knowledge of the IT environment and to develop a customized plan for proactive support. By working with a designated account manager, they will become more familiar with the IT infrastructure, policies, culture and limitations. This way they can work quickly to resolve issues and develop corrective action plans to prevent or anticipate possible issues that will need an immediate response.

Also, consider implementing proper controls and policies to ensure certified configurations. It's extremely important to work with vendors to help them understand how all the pieces within your IT infrastructure fit together so they can advise and ensure proper design, implementation and integration of a mission-critical support service.

Last, demand rapid response and time to resolution for high-severity incidents. Since most organizations cannot afford unplanned downtime, it is critical that the support team accelerate their response to quickly resolve issues within their customer's IT environment. By developing a relationship with the account manager, the support issue should receive priority handling and the IT staff should obtain direct access to the most seasoned support engineers.

The Financial Impact

Mitigating the risks to productivity, revenues, and reputation posed by today's complex IT environment may require additional financial resources. However, the costs for advanced support services are small compared to the interruption to mission-critical business operations. Choosing vendors that team with your staff and properly maintaining a relationship with them will ultimately benefit the bottom line and prevent catastrophic losses in the areas of investment, compliance, stability, and security.  

Steffen Low is with Symantec Corporation.

[1] Source:  Oxford Executive Research Study cited in Five Steps to IT Risk Management Best Practices, by Greg Hughes, Risk Management Magazine, July 2006