We hear a lot of companies, especially in the technology space, talk about proactivity. Yes, it’s a buzzword, but there is value to be had in the core concept of proactivity.

These days, you don’t want to be reacting to everything that could impact your technology. A purely reactive approach leads to system failure, data breaches, and challenging technology upgrades.

But what does it mean to be proactive when it comes to IT? Are there specific things that every organization should be doing? And by extension are there certain proactive measures that are more suitable for special cases? How can you tell when a technology provider is being effectively proactive instead of just giving lip service?

In this blog, I’ll approach the proactivity question from a few angles:

1. Maintenance
2. Monitoring
3. Backup Management
4. Strategic Planning
5. Security and Compliance
   
   

#1: Proactive Maintenance

This is the most straightforward and measurable aspect of proactive IT management and should be considered the baseline for any kind of service provider. While there will be reactive maintenance tasks, such as urgent security alerts and patches for newly discovered vulnerabilities, below are some key proactive maintenance tasks. Specific approaches to these tasks may vary based on your specific technology, but these principles can be applied to most environments.

• Patch Management

  Critical security patches need to be performed as they are released for PCs, Servers, and other device that have an operating system, which is basically everything these days. Other less critical patches should still be performed on a regular basis, such as weekly.
  
  

• Lifecycle and Version Management

  Another important aspect of maintenance is having a lifecycle and version management plan where old, unsupported devices are replaced or upgraded to a version that is still receiving support from the vendor. This should be done in advance of the published End of Life date.
  
  

• Antivirus/Antimalware/Endpoint Security Management

  Depending on what kind of solution you use to deal with security threats to devices, it is important that these tools also receive maintenance so that they are running the latest versions and are patched for any bugs.
  
  

• Configuration Management

  Technical configuration as well as rights management should be regularly reviewed so that a system is operating in an efficient and secure manner.

Many security threats and system failures can be avoided with basic hygiene when it comes to maintenance of technology. As you can probably tell from the list above, these tasks are mostly about being disciplined and consistent.

#2: Proactive Monitoring

Monitoring is a broader subject and will vary dramatically based on what kind of technology you utilize. It may not surprise you that this is not a one-size-fits-all approach. Below are a few areas where proactive monitoring may be a fit for your organization (we’ll save the backup and security monitoring for a bit later).

• Network Monitoring

  Local and Wide Area Networks (LANs/WANs) are just like highways for cars. Traffic runs at speeds that can vary but is mostly predictable, although every so often traffic can get backed up, potentially even stopping entirely. Network Monitoring can look at network traffic in a similar way to determine failures and bottlenecks that slow or break networks. This can be very important, especially in environments where on-premise servers and other technology are present.
  
  

• System Monitoring

  Key servers, databases, and other “production” devices can be monitored for health and uptime. While it may not make sense to install hardware monitoring solutions on a PC or laptop, having monitoring on an email server or the server running your business management software is often critically important to proactive management.
  
  

• Web Application Monitoring

  If you have any kind of web facing application, you might want to know about how users who hit your web application are interacting with it. For example, how long did it take for a page to load?
  
  

• User Monitoring

  There are a variety of areas where users can be monitored. Some of these have to do with things like whether they are logged in or actively working. Other areas may be more about making sure that accounts aren’t compromised, like monitoring where a user is connecting from.

#3: Proactive Backup Management 

Data is the key to why technology is used in the first place. It is the raw material needed to extract business value from your devices. Unlike a physical server, router, or any other piece of hardware, data is often unique and creative, making it difficult and expensive to replace. So proactive backup management is an important area where your IT management needs to stay ahead of the game. Here are a few key proactive areas for backup management:

• Monitoring

  You need to have eyes on your backups. There are a variety of reasons why backups can fail, from simple hardware issues, to data limitations, to bandwidth problems, and so on.
  
  

• General Management

  Are you really backing up the right data? Could you be backing up too much data causing other technical problems? There should be some check-ins when it comes to what the backup solutions are actually doing, to ensure you’re getting what you need out of it should you have to restore.
  
  

• Testing

  It’s one thing to know that your backup is working to operate as intended. However, you also need to test to make sure that your data comes back as intended if you need to perform a restore. Regular testing is a proactive measure to help guarantee the integrity of your data in the event of an incident.

#4: Strategic Planning 

Not everything about technology is monitoring and system checks and engineering. A major part of technology proactivity is about looking forward and strategic planning. Here are some areas that should be included in your proactive strategic planning:

• Budgeting

  Many of the items discussed earlier in this blog require some investment, especially areas like lifecycle management. You don’t want to be in a position where, for example, Windows 7 is hitting end of life, and your technology budget is insufficient to make the proper changes to keep your system supportable and secure.
  
  

• Business Satisfaction and Productivity Review

  While a system may be performing well from a technical level, it is important to understand that at the end of the day, the technology is supposed to serve a business purpose. Think about where the technology has succeeded and where it could improve. This will help inform future decisions about what you invest in and what needs to change.
  
  

• Standards Review 

  Over time, technology standards and practices change. Strategic Planning sessions can help identify where technology should be adjusted to suit today’s standards. Even good decision-making up-front needs adjustments down the line in order to stay ahead of threats and continue being productive.
  
  

• Maintenance Review

  Over time, maintenance becomes harder or less effective as hardware fails or systems simply don’t operate the way they once did. There comes a point with most systems where the expense and complexity of maintaining them is not worth the effort. Part of your strategic planning should be to consider if your approach to maintenance is achieving working for you or against you.

#5: Security and Compliance 

As technology is leveraged more and more, both in business and in our daily lives, there are risks that need to be addressed. Fortunately, proactive management can help mitigate risks and minimize the chances of falling victim to a security incident or data breach. Here are some areas where you can take a proactive approach to Security and Compliance management:

• Assessment

  While the nature of a security or risk assessment will vary dramatically based on what data you carry, systems you use, size of your business and other factors, it is worthwhile to have a security assessment regularly. This may include vulnerability testing, configuration review, compliance auditing, and many other areas, but the bottom line is that you need to be able to measure how well your systems can address security threats.
  
  

• Security Monitoring

  Depending on compliance standards your organization must meet, as well as your tolerance for reacting to security incidents, you might want to consider a solution for logging and monitoring security events on your system to take a more aggressive approach to your cyber-security.
  
  

• Endpoint Detection and Threat Management

  Higher end solutions such as endpoint detection and threat management for devices can do things like stop ransomware infections from spreading throughout a device or a network by interrupting their attacks or neutralizing the threat.
  
  

• Phishing Testing and Security Awareness Training

  One of the most proactive things you can do to prevent security incidents is educating your staff about common threats they will face on a daily basis. An engaged staff can be one of the best ways to address many of the threats your business will face.

Wrapping Up

If you can manage to create a technology management plan that incorporates most or all of the items addressed in this blog, you should be in a good place when it comes to minimizing the risks associated with technology while maximizing productivity.

While proactive IT will mean something a bit different to every organization, at the end of the day it is important to recognize that you can’t wait for an incident to occur to begin protecting your valued technology assets.

Thanks for taking the time to read this blog. Please reach out with any questions or if you would like to discuss how your organization can be more proactive with your IT needs.