4 min read
What is the Barrier to Entry to Being an IT Company in Arizona?
Megan Schutz October 19, 2023
Ever wondered what it takes to become an IT company in Arizona? If you are a smart business owner in the market for IT services, you hopefully have done your research on reputable companies. And perhaps in the process of finding both good and bad options, you’ve wondered: what qualifies a business to be an “IT company” anyway? Are certifications required? Is continuing education required? These are all great questions and important to consider before you put your IT security in the hands of an unknown third party. In this blog, we’ll discover the barriers to becoming an IT company in Arizona and why it is so important to vet your IT company.
What is the barrier to entry to being an IT company in Arizona?
Consider that for a dentist to operate; they must go to dental school, acquire a DDS degree, comply with HIPAA standards, and much more. Similarly, a law firm must employ lawyers that graduated from a qualified law school and who passed the State Bar Exam, and operate within the boundaries of the law and ethical standards required of lawyers. For many industries, operating above board includes ethics, advanced education, peer review, continued education, privacy laws, and so much more. None of this exists in the world of IT.
Now, don’t read that wrong: to be a successful and effective IT company, it takes advanced knowledge, continuing education, an understanding of different industry standards and regulations, and vigilance to the ever-changing cybersecurity landscape. The critical point we are trying to get at is that none of this is required to operate as an IT company. Anyone can call themselves an IT company, but it does not mean they’re a good one. Next, we’ll talk about how to vet your prospective IT company to ensure they’re the real deal.
Why should you vet your IT company?
Unfortunately, there are not any specific qualifications that must be met to call yourself an “IT company” in Arizona. That puts the due diligence work back on the client. When you’re looking to hire a managed IT services provider, there are certain qualifications to look for and specific characteristics you’ll want to avoid.
Let’s first look at what you don’t typically want in an IT company:
In general, avoid companies with no real, legal business, as this typically points to a lack of legitimacy and necessary insurance. If you find a company with one or more of these characteristics, we strongly recommend you either continue your search or spend additional time investigating whether they’re right for you.
- Businesses without a physical location.
- No physical location means no multi-year commitment or financial scrutiny from a commercial landlord, which are assurances that a business is established and financially reliable.
- While it is possible to run a successful IT company without a physical location, you need to ask additional questions. This is critical to get right if you’re in an industry that stores or uses sensitive information.
- You’ll need to scrutinize how their employees at home are securely connecting to their clients. For example, does the IT company own the computers and firewalls at each technicians’ house? How is sensitive information on the screen secured from other members of the household? How are physically sensitive items handled, such as setting up equipment in advance or destroying a hard drive with sensitive information on it?
- Short-term businesses.
- Look for a history of doing business successfully. Check Google reviews, including when they happened. If there are none, run.
- If you have ten or more employees and they have two or fewer.
- Growing businesses need a reliable company with a team of people supporting them. Avoid hobby IT companies if IT is critical to your business.
- Lack of insurance or underinsured.
- Ask for proof of liability insurance. Considering how much damage one incident can cause, we recommend a minimum of $2 million of cyber and extortion insurance.
- Amateur bookkeeping practices.
- Avoid financially immature IT companies. Examples: Are invoices from Microsoft Word? Is the invoicing and payment process automated or sent by the owner at 3 AM weeks late?
- Unreliable in returning phone calls or the owner is texting you from a cell phone.
- Lack of maturity in communication is common in hobby IT companies. If you’re seeing a lack of professionalism in the sales process, imagine how bad it gets when you’re a client.
- Does not collect sales tax correctly.
- We’ve seen Phoenix IT companies charge the wrong percentages on invoices. Our best guess is they’re pocketing it.
- If you’re buying pre-packaged software such as Microsoft 365, security software, it should be taxed. IT companies that do not know this is a red flag.
Now, let’s review the qualifications you should look for in an IT company:
- Established business, including a physical location, legal business in good standing with the Arizona Corporation Commission, and proof of insurance.
- Proactive approach to IT security.
- Quick and professional response times, including an immediate response when required.
- If you’re subject to HIPAA, ask for proof they understand your industry and what the government requires of them and you. For example, they should hold the HIPAA Seal of Compliance from Compliancy Group.
- If your business deals in confidential information, you must do your due diligence on the IT company holding your keys to the castle. Ask your IT company for proof that their security controls are annually audited by an independent third party. Examples include SOC 2 Type II or MSPVerify. Please note that the date of the last audit is critical. An audit from 3 years ago does not tell you how they’re doing business now. Require proof that an audit was performed in the last 12 months.
Work With a Qualified IT Company
At PK Tech, we have been doing it the right way for more than ten years. Our client base consists largely of companies in the professional service and healthcare industries. Our offerings include major IT project management and support, ongoing IT support and maintenance agreements, cloud solutions, cybersecurity support, and IT consulting that shows clients how technology can make their businesses more efficient and successful. To schedule a discovery call with one of our IT techs, contact us here.
2 min read
5 Signs It’s Time to Outsource Your IT
When should your business bring in an outside IT Company? It is the million-dollar question. You might think we are biased, and we are. But, we...
What is SEC Regulation S-P and How Is It Changing?
The SEC is adopting significant cybersecurity amendments to Regulation S-P.