Skip to content

What Is a vCIO, and Do You Need One?

As time goes on, the need to keep up with technological advances increases. Those that work within a small or medium-sized business (SMB) may be feeling the struggle to stay ahead of their competitors, causing them to look for a way to ease that tension as financially feasible and securely as possible.

Many bigger companies have a Chief Information Officer (CIO) and/or a large IT Department to help keep up with trends and to make sure their infrastructure is kept safe and stable. However, that may be difficult for an SMB to obtain. 

That’s when a vCIO can be handy.  A vCIO is a virtual CIO that is usually hired through a third party company to allow for lower costs and will focus on and give that company the time they need. There is usually the option of hiring hourly or hiring with a flat fee, giving the company more time to focus on the day -to-day operations.

You can decide what facets of your technology needs the vCIO should focus on, or the vCIO (and their service delivery team) can encompass all of your IT needs.  vCIO’s are beneficial to many SMB’s, but a company should do their research and ask the right questions to make sure they will be receiving the best for the staff and business as a whole.

So, what exactly do the duties of a vCIO entail?

 
1) They get together with the company to see what direction their business is going and/or wants to go.

-What are the goals the company currently has?

This will give the vCIO an idea if the leaders of the company are all on the same page. If they are not in consensus, then he/she will help as a guide to determine the best route to get there.

-What money-saving options are available to go about achieving those goals?

The vCIO will also keep in mind that the goal is not necessarily to provide the cheapest option, but the option that will bring the most benefit to the company as a whole. 

-Let’s get everyone on the same page.

This will not only be in terms of goals, but also in making sure the company is able to navigate the systems that will allow them to do their job the most efficient way.

 
2) The vCIO will consider the whole of the infrastructure in alignment with the how the questions were answered above according to that specific company.

What may the company be wasting time and money on?

The vCIO will consider whether certain systems or applications are being utilized or if there may be a better way to incorporate  processes into another system or if it may just be unnecessary to what the business needs and does.

-Are there ways to make it better or are other systems worth considering?

Sometimes the technology in place is not bad, it just isn’t being utilized in the best way. A vCIO should take the time to analyze the technology in place to make sure that the company is getting the maximum potential out of the technology in which they have already invested. However, there are times when new technology needs to be introduced to help meet specific needs. In these cases, the vCIo should act as a pilot to steer the company toward the best solution for the company.

-Is the network accessible to the company or could there be more to utilize?

As mentioned above, the vCIO will look into whether the system is being used to its highest potential while being user friendly to the staff.

-What are the risks they are facing or could potentially face?

Each business (and individual) has its own level of risk that they are willing to face. We call this “risk tolerance.” A vCIO should not only measure the threats that a company may be vulnerable to, but be able to convey the risk level involved with each threat in a way that makes sense to the business owner. The vCIO should work together with the business owner to develop a plan to match up the policies with the level of risk that is acceptable to the business.

 

Want to learn more about how to keep your small business safe?

Read our article, “Small Business Network Security Checklist”

 
3) The most important aspect of being a vCIO: Security.

-How secure is the system?

A vCIO will look into the vulnerability of all technology systems and consider the options that will reduce the risk of a cyber-security breach. There are many tools in place to allow for testing vulnerabilities, and a good vCIO will make use of these tools to provide the right level of security to the company’s systems.

-Does the company have any protection in place?

He/she will look into how the infrastructure is being kept secure. Is there any virus protection, firewalls or backups in place for potential data breaches or data loss? If there aren’t any, or if it is lacking, the vCIO will consider the best options to bring protection to the systems they have.

-How can they make it better?

The threat landscape is always evolving and changing, so a vCIO should always be bringing ideas for  improvement to the business owners.

-What can the staff learn to better protect themselves?

One of the most common attacks on businesses today involves email scamming, phishing, viruses in links/attachments, etc. There are many solutions available to help your end-users become more aware of the threats that are out there. From “fake” email phishing campaigns to self-paced end-user virtual training courses, to Lunch & Learns, a vCIO should be able to give your company a solution to improve the weakest point in any network – the end-user. 

A vCIO will get together with their clients on a schedule that works for them. They can adapt to what’s needed either more or less. Their goal is to see the company utilize what they have, further their knowledge, and help them achieve their goals to make their company as cohesive and successful as possible.