We're an ISO27001:2013 Certified Supplier

Linux Outsourcing

When you delegate the support of your IT infrastructure to another department or company, you are handing over the keys to at least part of your business. Those who have keys to your house have built up trust with you, probably over a long period of time. Those who have the keys to your IT infrastructure need to earn that trust, too.

But how do you choose who to work with? Here are some questions that might help you decide.

Why Them?

Most of the support companies out there can fix computer systems: if they couldn’t, they wouldn’t last long. So how do you choose between them? You could start by simply asking them:

Why should I choose to do business with you over any other option open to me?

Those other options include:

  • doing nothing
  • managing the IT yourself
  • using this company
  • using one of their competitors.

If they cannot be crystal clear about why you should choose to do business with them, you can’t be clear either.

How Do They Handle Security?

There are many areas of security, so here’s some questions to ask that will at least give you some idea of how seriously security is taken:

  • How do you manage access to your customers’ servers?

  • How do you store passwords to your customers’ systems?

  • How do you protect your customers’ passwords?

  • What is the process for keeping systems up to date with respect to security updates?

  • What techniques do you use to maintain an audit trail of work done?

  • Are you accredited under ISO27001:2013, the current version of the Information Security Standard?

A good support contract will include the timely installation of security updates as they become available, and will also include operating system upgrades as new versions are released.

It’s important that your servers are kept up to date and secure, and this should be an integral part of the service, not a paid-for extra.

Some more questions you should be asking a supplier:

What’s Their Focus?

When a company lists what it specialises in, be wary. “Specialise” and “lists”, particularly long ones, don’t sit well together.

If your business has chosen to run Linux servers, you want a support company that is serious about Linux. You don’t expect your GP to be an expert on orthopaedic surgery; equally, you shouldn’t expect an IT generalist to be able to provide the very best Linux support.

For most businesses, the availability of IT services is critical. All IT companies will (presumably) fix things when they break, but that is not the same as keeping services available. You could ask:

  • How quickly do you fix problems?
  • Describe how you prevent problems occurring.
  • How many support incidents are included per month?
  • If they say they monitor servers, ask:
    • Can I have access to that monitoring?
    • Which parameters are monitored on a typical server?

If you do have a problem, it must be easy to speak to someone who can actually help. Your time is too valuable to spend listening to dubious on-hold music.

How Will They Help Reduce My Costs?

IT is not an end in itself, but rather a means to an end. Your IT support company should understand why your IT systems are in place and what they are there to achieve. If there is a better or cheaper way of achieving the same result, even if it involves fewer supported servers, they should tell you. Why would an IT support company tell you how to save money with them? Because they should be a partner, not simply an expense item.

What Qualifications Do Their Staff Have?

Historically, there has sometimes been a gap in the IT industry between the technical qualifications held and the technical competence demonstrated. With that in mind, some Linux qualifications have been designed to be more rigorous. The key qualifications in the Linux world (in no particular order) are:

  • Red Hat Certified Engineer (RHCE): the exam requires the candidate to configure a (Red Hat) Linux system in various ways. This is a not a multiple-choice written test: it’s a hands-on practical one.
    Verdict: a very high standard.
  • Debian Developer (DD): not achieved by passing an exam, but by a peermanaged process of managing and maintaining Debian packages, and a deep understanding of the Debian philosophy.
    Verdict: again, a very high standard.
  • Linux Professional Institute (LPI): distribution-agnostic written exams administered by the non-profit Canadian Linux Professional Institute. There are many levels of certification.
    Verdict: a useful guide, but not as thorough as the RHCE and DD.

Be aware that most qualifications lapse after a certain time, so be sure to enquire about current qualifications.

May I Visit Your Offices?

Most IT support companies won’t have an issue with this, and it is a valuable exercise. As discussed above (“How Do They Handle Security?”), you’re potentially handing over the keys to at least part of your business, so visiting their offices would seem to be a reasonable step in the process of due diligence.

If their company website lists the IT support team, there’s no harm in Googling them to see what kind of people they are.

So, when you visit, what are you looking for? Here’s a short list to get you started:

  • Are they professional in their treatment of you and towards each other?
  • How are they handling security with a stranger (you) in their midst?
  • What’s the office culture? What’s on the desks and the walls? Would you want to work there?
  • Are the answers given to your earlier questions reflected in what you see in the offices?
  • Are the staff smart, professional, and human? Asking a lot of an IT person, but this is your business at stake.

What Does The Contract Include?

Oddly, some IT support companies don’t use a written contract. We believe a serious, professional IT support organisation will insist that both parties sign a contract. We’re not lawyers, but we think the contract should include:

  • Any minimum term and the required notice period. Neither should be excessive: you should be staying with them because you want to, not because you have to.
  • The days and hours of cover.
  • A confidentiality clause. They are likely to have full access to all your data, so this is essential.
  • A Service Level Agreement, which defines the response you are entitled to for a given severity of problem (but be aware that “response” is not the same as “resolution”).
  • Clarity. You should be able to read the contract and understand it without having a law degree.

What additional costs are not covered by the contract? Check for security updates, operating system upgrades, user requests, additions/changes/deletions to the services supported, and any limits on the number of incidents.

You shouldn’t expect to have to put the contract to test in a court, but having a contract ensures that both sides have a clear understanding of what will be provided at what cost.

Speak To Their Clients

Any respectable IT company will willingly provide references, and many people are more candid on the phone than in writing – so call a few. As well as their overall opinion, ask them what they wish they had known when they took out their support contract.

Ask them about the service level, the professionalism, the partnership. How quickly is the phone answered? How quickly are problems resolved? What is their server availability like? Would they recommend their support company to others?

Do You Like Them?

That may be unscientific, but you’re unlikely to have a successful business relationship with people you don’t like.


We have been using Tiger Computing for more than 10 years and they have provided us a server with 100% up time and off site backups. Their technical support has been second to none. I highly recommended them to anyone who needs trouble free IT.

Home Quote

Get Help with Linux Support

Get expert help from the UK’s leading Linux experts today.

Get Linux Support