IT Matters: IT budgeting for the new year

December 08, 2016
By Trey Hawkins

We’re just under one month until the new year and everyone seems to be in budget planning mode. IT spending is a key part of the budget equation, so it’s prime time for some tips for your 2017 IT budget planning.

Operating system review
Your 2017 IT budget will most likely include refreshing many of your company’s computers. With new machines now shipping with Windows 10, you’re faced with either migrating all of your computers to Windows 10, or downgrading new computers to Windows 7 or 8.1.

Unless you have good reason to, we wouldn’t recommend downgrading. In addition to elongated support and biometric authentication (including facial, iris and fingerprint recognition), Windows 10 also includes full-disk encryption, which means that if your computer is stolen, the data inside cannot be accessed.

App strategy
Next, it’s important to conduct a review of the apps your business is using, and decide on the ones you want to use in the coming year. Do the current set of apps meet your business needs? Are you beholden to any specific app, or are there other viable options to evaluate?

Server strategy
Once you decide on the apps you would like to use in 2017, it’s necessary to determine the best place to run those apps. If you have physical servers, is it time to refresh them? Are the apps you want to use in 2017 public cloud-ready? Instead of making the investment in new servers, should you leverage the cloud? In terms of server strategy, I recommend a review of each server to see what it’s doing so that you can decide if it’s still the best plan for your company. It’s also important to consider other server-related issues including security, compliance and maintenance.

Security strategy
Adjusting your IT security strategy to match your risks from external threats is of utmost importance, and something you should do every year. The bad guys keep coming up with new ways to hack and attack, so updating your security should be a top priority. Here are four areas of cybersecurity to review so that you can budget for any needed improvements:

• Multifactor authentication. In addition to web access, Outlook, virtual desktop infrastructure (VDI), virtual private networks (VPNs) and other ways with which your team connects online and to each other, this includes securing any form of remote access to your network.
• Better backups. Your security strategy should include these two solutions to protect your company from being held hostage: more frequent restore points throughout the day; and off-site replication of your backups. If you didn’t back up all day and you get hit with ransomware at the close of business, you’ve lost that day.
• Business continuity. An important part of being secure is being prepared. At minimum, budgeting for a full-blown test of your business interruption strategy is a good idea. It’s better to know now what will happen during a power outage or other disaster than during the actual event.
• Business risk assessment. If you haven’t done a third-party risk assessment in 2016, budget it for 2017. A risk assessment will look at your business operations to determine which areas are vulnerable.

Network strategy
Since your network is the backbone of your business, it needs to function at its very best so that everything else can, too. Consider the following:

Will your business grow?
If so, will your network be able to handle more desktops, more traffic or more people working from home? Will your firewalls, anti-malware and antivirus software be able to keep up? If you’re growing, you’ll need to invest in your network.

Will you have enough bandwidth?
Shoot for an abundance of bandwidth, if possible.

Could you do better with a different (or additional) carrier?
It’s important to review your current carrier contracts and to attain competitive pricing and plans to see if your carrier is still the best choice.

Will your platforms be sufficient?
Review the different ways your company interfaces with people online. Make sure the 2017 budget covers your ability to manage all interactions securely and efficiently, including internal controls like web content filtering.

About the author: Trey Hawkins is the CTO at Leapfrog, an Atlanta-based IT company that provides expert-level managed IT services to more than 120 business and nonprofits worldwide.