Andre Preoteasa still remembers the business owner who missed a project deadline because his old computer was too slow. As the businessman’s IT consultant, Preoteasa had earlier recommended switching to new, faster machines. But the advice had fallen on deaf ears. “He cried in front of me. There was nothing I could tell him. He didn’t upgrade,” Preoteasa says.

Now IT director at Castle Brands, a New York City fine spirits importer, Preoteasa relates the story to explain how IT mistakes can hurt a small business. It’s a good lesson for bad times: when money is tight and customers are precious, IT can make or break a business.

The bad economy is only underscoring what savvy business owners already know about IT, says Michael Kraner, CEO of Primary Support, a 10-person IT consulting firm in New York City. Whatever business you’re in, you’re in the technology business, Kraner says. If you can’t collect on overdue bills because your computer crashed and you didn’t back it up adequately, you’re hurting yourself financially, and that’s not a good situation to be in, especially in tough times. “If you don’t protect your network, you’re going to have problems,” he says.

Chronicling IT mistakes

According to Preoteasa and Kraner, here are some of the biggest IT mistakes small businesses make and what they can do to solve them:

  • Keeping old equipment -- Old computers break down more often so they cost more to maintain. Plus they can’t run today’s graphics-intense programs as quickly as newer machines. Not to mention how upset employees get when it takes 30 minutes to open Microsoft Outlook and a couple other programs, Preoteasa says. New machines are so cheap, “I can’t see why a company can’t spend $450 on a desktop and $200 for an IT company to set it up and you’re good to go,” he says.
  • Spending too much or too little on e-mail -- Go with cheap, Web-based e-mail and you could quickly outgrow it. But buy an expensive e-mail server that an IT vendor has to maintain and you could pay for more than what you need. For companies starting from scratch, Preoteasa recommends finding an online e-mail vendor that supports Microsoft Exchange. “You get the same benefits of an expensive e-mail server but it’s not located on premise and the online company manages it day to day,” he says.
  • Losing data -- Whether it’s a denial of service attack on your server or an employee accidentally deleting important files, losing data is one of the most damaging things that can happen to a business. The best way to mitigate lost data is with a well-tested plan for backing up information. Smart companies do regular backups to disk, tape, or online and have some type of back up off site too in case their offices are hit by a hurricane or flood. They also provide different levels of back up for different types of employees: the CEO’s desktop might be backed up every day but other machines only once a week, Kraner says.
  • Failing to create a disaster recovery plan -- Whether it’s a storm, bandwidth glitch, or server crash, any time a company’s computer system goes down it’s a disaster. To be prepared, companies need an emergency recovery plan that spells out exactly what to do to recover, including things like which functions need to be brought up first. “A lot of companies take technology for granted until there’s a problem. That’s a pitfall. You have to be proactive,” Kraner says.
  • Failing to take adequate security measures -- It’s not enough to install a firewall and anti-virus program and think your network is secure. Attackers are getting smarter, and companies’ responses to them need to be smarter and broader too, Kraner says. In addition to firewalls, companies should use other monitoring tools like intrusion prevention systems (IPS) to detect and block a variety of attacks from outside and inside a company’s network. Whatever the devices or programs, make sure they’re updated as soon as new patches or upgrades come out, he says.
  • Not keeping tabs on in-house IT staff -- Companies with a small IT department might not have the resources to make sure staff is doing what they should be. For that reason, Kraner suggests hiring an outside party to do periodic IT audits to make sure proper polices and procedures are in place and staff is following them.
  • Hiring the cheapest outside IT firm -- Don’t hire IT firms on price alone because you’ll get what you pay for, Preoteasa says. “My previous company made a lot of money fixing problems caused by other IT consultants.” Another mistake: using a reputable IT firm but selecting their cheapest package “and then not getting what you want because you don’t want to spend more,” he says.
  • Failing to monitor data practices of external vendors -- You may do everything right when it comes to your company network, but does your bookkeeper or tax preparer? If they don’t properly back up client data and someone breaks into their system and steals their Quickbooks files, you’ll pay the price, Kraner says. He counsels clients to quiz their key vendors to make sure they have adequate backup and security systems in place.

What worked a few years ago isn’t good enough for today. You don’t have to be the first on the block with every new tech toy, but you do need to keep up with the times, Preoteasa says. Five years ago logging on to your company’s network remotely was an expensive, cumbersome process; today it’s easy and free. A couple years ago, setting up a new computer took a couple hours; today it’s a couple minutes. Keeping equipment up to date helps productivity and morale “Slow computers don’t please anybody except the accountant,” he says.

Sidebar: More Cautionary Tales

Want to learn more from other companies’ IT mistakes? Here are a few websites that spell out what can go wrong: