💻

IT Management

IT infrastructures for a new startup (outside of the actual production infrastructure for a SaaS company, for example) used to be a major cost point, but thanks to SaaS and cloud computing, IT is much more flexible and cost-efficient today. However, there are still quite a few IT-related points that have to be managed to avoid unnecessary costs and risks.

Devices: Bring your own vs. company-owned

Most traditional companies provide hardware to their employees because the devices are centrally managed by the IT department. Many startups however choose to let employees bring their own laptop and phone as a way to save money and increase flexibility.

Cost sharing

While many employees nowadays are happy to bring their own devices to work, the question of how to divide costs is still relevant — particularly if an employee needs a particular setup that goes well beyond a personal laptop that you would usually own.

Many companies therefore use hardware stipends to subsidize employees’ work infrastructure. For example, in some companies employees can expense half the cost of their laptop and the whole cost of additional peripherals such as a screen, keyboard and mouse for the home office, potentially even a part of the cost for a fast Internet connection. This is often a fair way to reflect the utility that both the company and the employee get out of a piece of equipment.

PC or Mac

Since most software typically used by startups nowadays tends to be browser-based, the question whether employees should use PCs or Macs has become largely irrelevant. Most startups therefore leave it up to their employees to choose their favorite platform.

While standardization on just one platform might be desirable, in practice there are still good reasons for many company to support both. Finance professionals for example often appreciate the more mature tools in the Windows world. PCs can also be more cost-effective for certain types of specific add-on hardware and industrial applications.

Support

Employees should get a clear sense of what kind of IT support they can expect from the company. There is nothing worse than being on a tight deadline with a laptop failing and nobody who can help you.

Some support considerations:

  • Replacement hardware in case a device fails
  • Training and daily support for specialized software
  • Processes to onboard and offboard employees

Smaller startups might be able to cover most support needs with internal resources. However, it’s typically a good idea to get dedicated resources (such as a freelance IT supporter) once a company grows beyond 15-20 people. While engineers might be able to help with technical issues, it’s normally not the best use of their time.

Security

Cloud computing and bring-your-own-device policies have many advantages, but they have also opened up a new category of security risks.

With a few best practices, startups can make sure that they can stay secure:

  1. Use 2 factor authentication (2FA) everywhere. Almost all cloud services now offer 2FA, and startups should use them whenever possible. It reduces the risk of getting hacked dramatically.
  2. Make employees aware of phishing and other security issues (such as unencrypted WiFi connections) with periodical training.
  3. Ensure that employees frequently update the software on their devices.
  4. Audit access rights for external parties at least on a monthly basis. It’s easy to share cloud-based documents and project spaces with external parties, and even easier to forget that external people might have still access once it’s no longer needed.
  5. Minimize the local footprint on employee devices. Even in a world of cloud-based services, a lot of company-owned data will end up on employee laptops. Make sure to use services to minimize this footprint (e.g. cloud-based documents or development environments) where possible.
  6. Define the offboarding process for employees who leave the company. Shared devices will still contain a lot of files that belong to the company, so make sure that the company reserves the right in advance to audit employee devices just before they terminate their employment.
  7. If the company runs its own office network, make sure you install a firewall that is sufficiently advanced.

Backups

While cloud-based systems generally provide a higher degree of reliability than traditional environments, there are still plenty of ways in which a startup can lose data or suffer significant outages. In some cases, data loss can have catastrophic consequences.

Possible threats include:

  • Ransomware hacks and similar adversarial activities from outside parties
  • Infrastructure outages at a cloud provider
  • Human error from own staff

It is therefore essential to have a backup strategy for both the operational systems of a startup as well as the relevant data assets.

Operational systems (such as the production hosting environment for a SaaS startup) should have a redundant instance in a different region and availability zone of the cloud provider as the main instance. There have been plenty of cases historically where cloud providers experienced multi-day outages in some of their infrastructure. Depending on the SLAs that a startup has in place with its customers, this can be a very expensive problem. The costs for a redundant environment with reduced capacity as a “hot backup” are normally manageable, but can save a lot in outage costs.

For critical data assets such as production databases, source code, machine learning training data etc., it’s important to keep multiple redundant copies:

  1. A hot or warm backup in a different region of the cloud provider. Hot backups are available immediately, warm backups can be brought online within minutes.
  2. An additional off-cloud backup that gets pulled in a certain periodicity, either to a different cloud provider or to local storage media at the company’s office.
  3. Off-site cold backup copies of this data set that get stored in a safe place outside of the company’s or cloud provider’s premises. For example, some companies pull a weekly or monthly backup and store them in a safe deposit box at a bank.