We help IT Professionals succeed at work.

Staff coverage (outsourced)

Do outsourced IT providers have the concept of baseline cover, i.e. they support and cover between 9-5 hours? Say for example a 3rd party host and manage your IT infrastructure? Will their typically be cover in these premises 24/7 for a medium size enterprise? Or will they all clock off at 5pm and then come back in next morning? Are there any major risks in not having 24/7 support?

What if you got hacked for example during the night, shouldn’t these be acted upon in real time – thus if you don’t have any staff until 7am the next morning the whole network could have been compromised?
Comment
Watch Question

EE Topic Advisor, Independant Technology Professional
Commented:
You can ask an outsourced provider for whatever you want. However keep in mind that these requests tend to cost a lot, especially after-hours monitoring. Be sure to spell out the expected response time. Remember this is like insurance. You can spend more in case something happens, but it may never happen at all.

Alteratively if they are monitoring and can make you the first point of contact, perhaps you can determine if the issue requires an immediate response and then call them in.

Author

Commented:
Whats the recommendations then though if all staff clock off at say 7pm and then the IDS starts going mad at 1am, do people just leave it until the next day to address? Or any procedures around "red alert" and in the night hacking attempts? I see the issue ith cost, and realistically who would get up at 1am to investigate a potential issue - and how would the system notify them etc?
These are things you need to discuss with your outsourced provider.  Do they have after hours support?  Do they perform network monitoring? Will they come on site after hours?, etc.  Most outsourced providers will most likely do anything you ask, but it will come at some cost.  Make sure anything you agree upon regarding after hours support and monitoring is written in a contract before signing on board.
Brian BEE Topic Advisor, Independant Technology Professional

Commented:
As for your question about the risk of not having 24/7 support... In most cases that is up to your upper management to decide. Find out the cost of the various options and tell them the risks.

Incidentally most good hack attacks won't be noticable right away. So having after hours monitoring might not be much help.

Your other option is to ask for a budget to install your own monitoring software, get a consultant to set it up and make your internal people the alert recipients on their cell phones.