Question:

Could you provide insights on how you managed to overhaul a small office’s IT infrastructure, including the transition from a previous MSP to a complete cloud-based solution, while also establishing robust security and disaster recovery protocols, and scaling the system to support a company that tripled in size? Additionally, how did you contribute to achieving SOC 2 certification, and what measures have you implemented to ensure a smooth handover in the event of your departure?

Answer:

When I joined the small office three years ago, the IT infrastructure was in disarray. The transition from the previous Managed Service Provider (MSP) was poorly executed, and within a month, our office servers crashed. This crisis became an opportunity to rebuild and modernize our IT systems.

The first step was to migrate our hosting infrastructure to the cloud. This move not only provided us with scalable resources to accommodate growth but also ensured enhanced uptime and reliability. I meticulously cleaned up our documentation and transferred a plethora of usernames and passwords from a publicly accessible confluence page to a secure password manager.

Security Enhancements and Disaster Recovery

Implementing robust security measures was paramount. I established a disaster recovery policy, complete with processes and regular tests, to prepare for any future contingencies. Backups were properly enabled both internally and hosted, ensuring data integrity and availability.

Network and Monitoring Systems

Rebuilding our internal network was a significant undertaking. I standardized office equipment and set up legitimate system monitoring for our hosting servers. This not only streamlined operations but also provided real-time insights into our system’s health.

Scaling with the Company’s Growth

As the company tripled in size, the IT infrastructure scaled accordingly. I introduced an actual onboarding process for new hires, managing it effectively during this period of rapid expansion.

Achieving SOC 2 Certification

A considerable amount of work went into preparing for a SOC 2 audit. This certification was a testament to our commitment to security, availability, processing integrity, confidentiality, and privacy. It was a rigorous process, but we crossed the line last week, confirming our compliance.

Preparation for Continuity

I have always believed in the importance of preparing for the unforeseen. I’ve documented critical systems, backup procedures, and ensured that global admin passwords are secured in a password manager. Break glass accounts are in place, requiring at least two high-level executives to access, enhancing security further.

Automating for Efficiency

Automation has been key in managing daily tasks efficiently. Scripts are saved in a company GitHub account, with details securely stored in our password manager.

Legacy of Improvement

While I don’t plan to leave anytime soon, I’ve ensured that my successor will inherit a well-documented, secure, and efficient IT environment. This is my legacy: transforming a small office’s IT chaos into a streamlined, secure, and scalable infrastructure, ready for the future.

Conclusion

The journey from a chaotic IT setup to achieving SOC 2 certification has been challenging but rewarding. It’s a testament to the power of resilience, strategic planning, and the willingness to embrace change. For those embarking on a similar path, remember that every step towards improvement is a step towards excellence.