What We Learned Auditing 50 LA Business Networks

Ever get that nagging feeling about your company’s technology? You know something’s not quite right, but you can’t put your finger on it. Maybe the Wi-Fi drops during important video calls. Perhaps you’ve heard whispers from your team about things “running slow.” Or maybe you just lie awake at night wondering if your customer data is truly safe from the latest cyber threat.

You’re not alone. In fact, you’re in the vast majority.

We recently did something we’ve never done before at ITTC. We offered a free, no-obligation network and security audit to Los Angeles based businesses. The goal was simple: to give owners a clear, honest picture of their IT infrastructure. No sales pitch, just a straightforward assessment.

Fifty businesses across LA—from law firms in Century City to manufacturing shops in the Valley, from creative agencies on the Westside to non-profits downtown—took us up on the offer.

What we found was… enlightening. And a little frightening, if we’re being totally honest.

While every business was unique, the same handful of issues kept popping up again and again. These weren’t minor quirks; they were fundamental gaps creating real risk, wasting money, and holding back growth.

So, we’re sharing the top five findings with you. Think of this as a cheat sheet. If you see your own business in any of these points, you’ll know exactly what to do next.

Finding #1: The “Set It and Forget It” Firewall (And Why It’s a Huge Problem)

Imagine buying a state-of-the-art security system for your office, arming it once in 2018, and then never updating it, changing the codes, or even checking if the batteries are dead. You’d never do that, right?

But that’s exactly how most businesses treat their firewall, which is the first line of defense between your network and the internet.

In over 60% of the networks we audited, the firewall’s firmware—its internal operating system—was severely out of date. In one case, a thriving marketing firm in Playa Vista was running on firmware that was over five years old. That’s like trying to fight a modern cyberwar with a sword and shield.

Why does this matter? Firewall manufacturers constantly release updates to patch newly discovered security vulnerabilities. If you’re not updating, you’re leaving the door wide open. We’re not just talking about viruses; we’re talking about sophisticated ransomware that can encrypt all your files, or attackers silently sneaking in to steal data.

The fix isn’t complicated. It requires a proactive approach. This means ensuring your firewall’s firmware is set to update automatically or having your IT provider manage it as part of a regular maintenance schedule. It’s one of the simplest and most effective things you can do to dramatically improve your security posture.

Finding #2: The Password Paradox: “Everyone Knows the WiFi Password”

Here’s a scenario that might sound familiar. You hired your first employee years ago. You gave them the Wi-Fi password. Then the next person came, and someone just told them the password. Fast forward to today, and you have a team of 25 people, plus former employees, interns, and even the friend of an employee who visited that one time… and they all know the password.

We saw this everywhere. A single, static, never-changing password protecting the wireless network that connects every device in the office.

This creates a massive vulnerability. When an employee leaves, how do you disconnect their devices? You can’t. They still have the key to the kingdom. It also means there’s no individual accountability. If someone downloads a huge file and slows the network to a crawl, or worse, visits a malicious site, how do you trace it back to the specific device? You’re left guessing.

The modern solution is simple and secure: individual logins. With a properly configured business network, each employee gets their own unique username and password to access the Wi-Fi. When they leave, you disable their login, and that’s it. They’re instantly off the network. Plus, you can see exactly which user is connected to which device. It adds a layer of security and control that every business, regardless of size, should have.

Finding #3: The “Digital Junk Drawer” of User Accounts

Your kitchen probably has a junk drawer. It’s where old batteries, random keys, and takeout menus go to die. Now, imagine your business has a digital version of that drawer. Scary, right?

In our audits, we consistently found what we call “ghost” or “zombie” user accounts. These are active login credentials for employees who haven’t worked at the company for years. We found one architecture firm with active accounts for over a dozen former employees, some of whom had left over three years prior.

Why is this such a big deal? According to a 2023 report by IBM, the global average cost of a data breach reached $4.45 million, a 15% increase over the last three years. These old accounts are a prime target for attackers. Former employees aren’t the threat; the threat is that these inactive accounts are rarely monitored. A hacker can use them as a backdoor into your systems, and because no one is using them day-to-day, their malicious activity can go unnoticed for months.

A clean, well-managed user directory isn’t just an organizational preference; it’s a critical security requirement. Offboarding an employee must include the immediate disabling of all their access: email, network files, applications, and especially their user account.

Finding #4: The Critical Lack of a Modern Backup Strategy

This one truly keeps us up at night. We sat down with the owner of a fantastic family-owned manufacturing business in the Inland Empire. They were proud of their growth and their team. When we asked about their backup system, the owner smiled and pointed to a small external hard drive plugged into the server in the corner. “Jim in accounting takes it home every Friday,” he said.

This is better than nothing, but it’s a dangerously fragile strategy in 2024.

What if the office is broken into and the server is stolen on a Thursday? What if a fire or flood—or even a simple plumbing leak—destroys that server and the backup drive sitting right next to it? What if ransomware encrypts that drive along with everything else?

A modern backup strategy is built on the 3-2-1 Rule:

• 3 copies of your data (your live data and two backups)

• 2 different types of media (e.g., one on a local device, one in the cloud)

• 1 copy kept off-site (like a cloud backup)

The most successful businesses we audited took this a step further. They didn’t just have backups; they had verified, tested, and immutable backups. This means someone is actually checking that the backups work (verification), ensuring they can be restored quickly (testing), and using a system where the backups can’t be altered or encrypted by ransomware (immutable).

Your business’s data is its lifeblood. Protecting it with a strategy from 2005 is a risk you simply cannot afford to take.

Finding #5: The Invisible Money Pit: Inefficient Hardware

This final finding is less about security and more about pure, wasted money. So many of the businesses we visited were sitting on a hidden fortune in wasted electricity and lost productivity due to aging hardware.

We walked into offices where decade-old servers were humming away in closets, sucking up enough power to light up a small neighborhood. These machines often perform just one minor task, but because they were set up long ago, they’ve just been left running, year after year.

The financial drain is two-fold:

1. Energy Costs: Older hardware is incredibly inefficient. Modern servers and networking equipment are designed to use far less power. In a California business where energy costs are a real concern, this adds up fast.

2. Productivity Costs: Older computers take longer to boot up, longer to open files, and longer to run applications. If you calculate the number of employees multiplied by the number of minutes wasted per day waiting on slow technology, the result is a staggering amount of lost, billable time over a year.

The solution here is a thoughtful hardware refresh cycle and leveraging the cloud where it makes sense. Moving that one old application from a physical server in a closet to a modern cloud service can eliminate that hardware cost entirely. Upgrading computers on a planned schedule keeps your team efficient and happy.

So, What’s the Common Thread?

Looking at these five findings, the underlying theme is a lack of a proactive, strategic approach to IT.

Most business owners are experts in their field, not in technology. They’re focused on serving clients, managing employees, and growing their business. IT becomes an afterthought—something you deal with only when it breaks.

But as our audit clearly shows, waiting for something to break is the most expensive strategy of all. It leads to security breaches, catastrophic downtime, and endless cycles of wasteful spending on emergency fixes.

The businesses that stood out as the most secure and efficient in our audit weren’t necessarily the biggest or the richest. They were the ones that viewed technology not as a cost, but as a strategic asset. They had a partner, either internally or externally, who asked the right questions and implemented proactive policies: scheduled updates, strict security controls, modern backup protocols, and a clear plan for their hardware.

They had peace of mind.

At ITTC, that’s our entire goal. We want to be that strategic partner for Los Angeles businesses, to take the worry of technology off your plate so you can get back to what you do best.

If you’ve read through these five points and felt a twinge of recognition, it’s time for a change. You don’t have to become a tech expert overnight. You just need the right guide.

If you’re a business owner in LA and want to take the stress out of IT, give us a call at (844) 804-4882 or visit it-tc.com — we’re always happy to talk tech over coffee or Zoom.