PCG Case Study: Legal Office in Portsmouth, NH
Dave Hodgdon, CEO and founder of PCG, talks with John Maher about the work PCG did for a law firm in Portsmouth, NH. He explains why the firm switched from its managed service provider to PCG, and he looks at the network and security advantages the firm gained from working with PCG.
John: Hey. I’m John, and I’m here today with Dave Hodgdon, CEO and founder of PCG, a managed service and IT provider with headquarters in Portsmouth, New Hampshire. Today we’re doing a case study of a legal office. Welcome, Dave.
Dave Hodgdon: Good morning. How are we doing today, John?
Why the Law Firm Switched From Current MSP to PCG
John: Good, thanks. So Dave, tell me a little bit about this legal office in Portsmouth, and give me a little bit of background.
Dave: Yeah. We’ve been reaching out to this law firm for some time. We knew a couple of the attorneys there. They were currently with an MSP and seemed to be pretty content. But they had put in a call probably about two, three years ago about some areas that they could look for improvements. So we were asked to come in, and based upon our walkthrough and understanding what the law firm looked for, it kind of gave us some information. So, they were… I mean, it’s always hard to make a change, that they were with the same provider for 10-plus years. In their mind, they were getting by with it. They knew the basics.
But it pretty much came out to two or three things that they just weren’t getting. They just were not getting the response times, they were not getting the guidance, and they felt a little bit concerned about some of the security issues that had been going on. Especially where a legal firm, you’re dealing with sensitive information, financial closings, and they just wanted to dot their I’s and cross their Ts, and make sure they were looking good. So, we were able to meet with them and talk about the guidance that we could give them, how our response time worked. You know, there was some work to be done.
Network and Risk Assessments
John: Right, right. Yeah, so tell me a little bit about the strategy that you implemented, and what some of the first tasks were that you took on.
Dave: Similar to building a house, the first thing is from an architectural standpoint. Same thing from a network standpoint. It’s really what does the infrastructure, what does the foundation, what does everything look like? You know, the plumbing, the electrical. So in networking, John, we call that the information. Kind of the switches. Think of that as your electrical panel. We wanted to know the firewall, the security coming out of the network.
We heard concerns that they didn’t have good coverage for the wireless. They had a lot of client meetings and work being done at their office, and they just didn’t have the right wifi. So we were able to do that network audit, to kind of see where they stood from a hardware perspective, where it stood in our stack of products that we provide. You know, how was it performing.
And the second thing we did, we also wanted to run the risk assessment of really where they were standing in the security world. So we ran our 17-point checklist. It’s an ability to get them a score, John, and we were able to come up with a game plan.
John: Okay. Tell me a little bit more about the network assessment, and what’s involved in that?
What’s Involved With a Network Assessment?
Dave: Sure. We feel you need to have one of your senior engineers go out there, really just take a good walkthrough, understand the environment. Take a look at the gear. Take a look at the setup. Take a look at the server, how it’s been set up. You know, because if we’re going to take over a network, we need to make sure it’s something that’s an acceptable use for us, or does it need some work.
So, our job there was just to verify all of the equipment. You know, verify we had access to the passwords. What line of business applications they used. What vendors we had to be in touch with. How they are handling their backup and recovery. Also how they’re handling their remote workforce and remote users. Again, a law firm, you’re dealing with sensitive data. How are they working remotely? Was it secure?
Tactics Implemented After the Network Assessment
John: And then talk a little bit about some of the tactics that were involved, and what came out of that network assessment, and the strategy calls and the meetings and things like that, in getting them up to speed.
Customized IT Service Plan
Dave: Every business is a little bit unique, so you want to have the right service plan that kind of matches what they’re expecting, plus what’s in our offerings. So, the first thing was to come up with a plan that we were both satisfied with. I think that’s the number one thing, to have that relationship. After we ran our risk assessment, we were able to uncover and determine a game plan for what we had to do with that.
Improving Wireless Accessibility
Dave: We determined a big thing when they were talking about the wireless. We were curious why the access points were down in the basement, which didn’t make sense at all. So, being a three story old building, we were able to determine the access points should be on the first and second floor, and we were able to put wiring runs in the right access points there.
Setting up the Help Desk
Dave: We were able to show them how to actually access the help desk, John, to get the access they needed during the day and after hours. So, having that help desk and training was important.
Security Training
Dave: We worked on doing a security training of what we callĀ a lunch and learn, kind of a brown bag lunch training for their group. They loved that training. We do that once a year with them. We also gave them other references of law firms that we work with. So, you know. Like anything, they want to check to make sure that we’re viable, we understand the legal world, and we’re dependable and we’re able to deliver what we say we are.
Roadmap and Budgets for IT Improvements
Dave: So, we gave them a budget for… They definitely had some items that had to be addressed, so we gave them budgets for an aging server, how to have the right backup plan based upon what they want for recovery. They had a firewall that was dated. Their access points were dating, and some of their PCs were aging. So, there was definitely some project work to be done. And I don’t know whether or not they just weren’t being attended to, but you’ve got to constantly, with IT, John, constantly be addressing it each year, having that roadmap and plan, and it seems like things were kind of neglected there a little bit. It’s important to constantly have a little bit of investment each year, so you don’t have that one large investment. And after two months we did our first IT strategy review with them, to tell them how it came about, and what issues to address next.
John: Right. Like you said, planning ahead for any of those things that… If you need to buy new computers or things like that, planning ahead makes all the difference, rather than having it all happen at once, and all of the sudden everyone needs a new computer or something like that.
Dave: Correct.
Outcomes of Working With PCG
John: So, tell me a little bit about the outcome of the project. Obviously you’ve been working with them, you said for a few years now. Where do things stand now?
Dave: We are constantly reaching out quarterly with what we call our quarterly business review with them. They’ve told our client success manager that they are happy that they made the move. They’re ecstatic with our services, their dedicated engineer, our help support. It feels good that they made the right decision to make the change. They’re just not dealing with… And they know now if something’s not right, they don’t just deal with it. We always tell our clients, “If something doesn’t feel right, let us know, and let’s find a plan to fix it.”
John: Right.
Blueprints for Success and Security Expertise
Dave: They really appreciate our blueprints for success. So, like any time you make a change… It’s difficult to move your house. It’s difficult to do certain things. So we showed them the blueprint of how we do our onboarding, how we get information from the other provider, how we do our setups, how we do our PC setups. And then the big thing they appreciated, which they really wanted to know, was our security expertise.
So, we were able to onboard them. They had what we call the point of contact at the office. The office managers, that’s who we had to deal with. We also noticed that they had some of their 365 not set up right. The Microsoft 365, John, is a very big name. There’s many plans you could use. But the main thing is they were using… It was for email in their office, but they didn’t have multi-factor authentication turned on, and they weren’t sending encrypted email, so we were able to set those two items up to secure their network.
After running the risk assessment, we definitely saw some gaps, and we made the recommended steps there to address those, and we kind of came up with a security plan from security awareness training. Putting the multifactor on their email, coming up with a mobile device plan, coming up with a password policy, and being able to secure their firewall and really lock down their backup. They can come from that.
They had a couple of their attorneys that liked to work remotely. One was in New Jersey, one was in Florida. We were able to help them remotely, and make sure they were using the teams and getting access to the VPN, so that was good. One thing they really enjoyed was having their dedicated engineer that they had the relationship with, their quarterly visits. So, we’re happy today that they’re a great client. They appreciate what we do. They’re extremely professional on the request and if there’s any issues. So, you couldn’t ask for a better partner.
Contact PCG for to Help With Your Law Firm’s IT Needs
John: All right. Well, that really seems like a great project that you’ve been working on with this law firm in Portsmouth, New Hampshire, so thanks again for speaking with me today, Dave. Appreciate it.
Dave: My pleasure.
John: And for more information, call 603-431-4121.