Frequently Asked Questions

Our typical client is an SMB with a head office in the greater Montreal area. Many of our clients also have other offices throughout Canada and the US. A good proportion of them have hybrid office models and some work entirely from home.

Our clients take the security of their data and the productivity of their people very seriously. They want to ensure that their IT enables them to meet their business goals and does not hold them back.

Our clients are from different industries. 60% are professional service firms and the other 40% are in distribution or manufacturing.

Our clients are in the Microsoft ecosystem. They mostly use Windows, Office 365, Azure. The majority have a mix of cloud and on-premise infrastructure. The others have a purely cloud infrastructure.

Most clients have no full-time IT people. Some have a small IT team that are focused on their line of business applications.

Clients usually find us when they outgrow their IT provider, or they lose an internal resource and decide they do not want to manage IT people anymore.

As an MSP we become the IT department for SMBs that have no internal IT team or a small one. Our role is to ensure that the IT infrastructure supports the goals and vision of the business while not holding it back in any way. We focus on data security and employee productivity.

In a nutshell: The first thing we do is modernize, standardize, and secure the IT infrastructure. We then manage and monitor the infrastructure while our security team keeps it secure. We offer quick remote and onsite support to all the users. Finally, we build a 3-year IT plan with a detailed budget and risk analysis that we review annually.

Here is summary of the services we include:

• Modernize, standardize, and secure the IT infrastructure as well as the user experience
• Manage and monitor the on-premise or cloud IT infrastructure
• Manage and monitor security
• Support users remotely or onsite
• Manage new user deployments
• IT strategy (3-year IT plan with budget and risk analysis)
• IT projects (analysis, execution, and project management)
• Hardware, software, and cloud services procurement

19 years! S3 was founded by Marc, Vince, and myself in June 2003 after we all graduated in computer engineering together. Our vision was to become an outsourced IT department for SMBs which is still what we are today. We were, therefore, a Managed Service Provider before the term was used.

We are still the three sole owners of S3 and work hard at it every day.

In our opinion ransomware is the #1 cyber threat to all our clients. We are focused on protecting our clients from these attacks. We follow ransomware news very closely and constantly adjust our standards based on the changing hacking tactics. Our security team’s main objective is ensuring that none of our clients are victims of a successful attack. Here are the steps we take to protect our clients

1. Bullet proof backups

The absolute first thing we do is deploy secure backups. Our backup standard is built on the assumption that the network will be breached, and the attacker will obtain full admin privileges. The backups must be able to withstand this. Our standards have been tested by multiple specialized security firms who were unable to access them.

2. Minimize your exposure

We minimise your exposure by making sure that only services that are absolutely necessary are exposed to the Internet. We will then limit these services exposure by only making them accessible to certain countries. We work with our clients to determine what this list is and will modify it as needs change.

3. Protect the infrastructure with advanced security tools

We deploy a set of advanced security tools that will not only protect you but will also alert our security team if something is not behaving normally.

4. Close the open buffet

Many networks are designed as a fortress or citadel. Once they are breached you can access everything, it’s basically an open buffet. We close this open buffet by segregating systems so that even if an attacker was able to get on a single system it’s very difficult to move to another. The more difficult it is the more chances are the attacker will make a mistake and set off an alarm allowing us time to respond to neutralise the attack.

5. Monitoring and response

We monitor alerts generated by our set of advanced security tools and investigate any abnormality. Our security will respond to any identified threat to neutralize the attack.

6. Train your users

We will train your users to adopt safer computing habits and to report abnormalities to our security team.

7. Adapt

We constantly adapt our approach as the threats and security tools evolve. We will also adapt based on the experiences of our peers. We meet with other companies like ours in different markets across North America to share best practices every quarter.

Emails are one way or another part of most cyber-attacks because they work. Attackers will use a well-crafted email to steal a user’s password by tricking them into entering it into a fake site or will impersonate the CEO to try get a fraudulent wire transfer authorized. Protecting your email is essential.

The first thing we do is stop email threats from getting to your users. We achieve this by deploying a leading cloud email security platform. It will stop all emails that contain malicious files as well as ensure that all links in the email are safe. Additionally, emails that are designed to impersonate someone from your company either by using the same name as a colleague or a similar domain (example: s3ttech.ca instead of s3tech.ca) will be blocked.

The second things we do is to educate your users on safer computing habits. We also expose them to the latest tactics used by attackers with phishing simulation emails to keep their reflexes sharp.
Finally, we deploy our set of advanced security tools on your users’ computers and devices which will alert us if anything goes wrong. This way if ever an email threat does make it through our defences to a user, our security team will immediately investigate and remediate the situation.

We have developed a backup security standard to keep backups safe from attackers who will look to compromise them in a ransomware attack. We built our standard with the assumption that the network will be breached and that the attackers will obtain admin rights. Therefore, we completely segregate the backups from the network and put in place their own authentication. Our offsite backups also have ransomware protection built-in which allows for recovery if ever they were to be deleted. Our backup standard withstood penetration testing by multiple specialized security firms. We adapt our backup security standards constantly as the attackers change their tactics.

Yes, you absolutely should. Unfortunately, even though we are very confident in our abilities to protect you against cyber attacks, nothing can be 100% secure. Insurance is an important part of your response plan.

The security standards that we deploy will make sure that you will be insurable, and we will help you answer all the questions the insurers will have, and they will have a lot. We can also help validate that the proposed coverage makes sense for your business.

Our goal is to offer a personalized service to all users. We do this by assigning a team to each client which includes:

Account Manager: is the main point of contact. He is responsible for ensuring the proper delivery of all services.

Technical Advisor: works with the account manager to translate business needs into solutions which align with the client objectives. The TA has excellent technical knowledge and is a good communicator. The TA is the technical point of contact.

Remote Support Team: our support team is divided in smaller teams of 5 to 7 technicians each that remotely support all users by phone or by email. This way users always interact with the same group of people who know them and their environment.

Onsite Support Technician: the technician that goes onsite when needed or requested.

Yes we do! Over the years we have built up our staff overseas which enables us to offer true 24/7/365 coverage for our clients. We now have over 15 people working in Europe and in Asia.

Users calling outside of helpdesk hours (7am to 7pm Monday to Friday) will be invited to leave a message for an emergency. They will get a call back within 15 to 30 minutes.

We offer direct, quick, and personalized helpdesk as well as onsite support to users.

We assign a team of 5 to 7 helpdesk technicians to a client. This way users always speak to the same group of technicians who know their environment. Our technicians will answer all calls from users directly from 7am to 7pm Monday to Friday. Over 80% of calls are answered within 2 minutes. We also have a 24/7 emergency support where users will receive a callback from a technician within 30 minutes.

Users can also email our support via an email address configured on their domain, for example: support@yourdomain.ca. Users can also book a support appointment online with a technician for less urgent issues.

We also offer onsite support. It ranges from going onsite when it’s needed to resolve an issue to going onsite a couple times a month, to a couple times a week, and even full time in some cases. We are very flexible with this and adjust to our clients changing needs pretty much on the fly.

We constantly improve our service from feedback we get from users. We have a survey included with every intervention making it easy for users to give us their valuable feedback. Our service managers will plan a call with any user that had a negative experience. The goal is to first apologize, and then to understand what happened so we can ensure it does not reoccur. We also conduct an annual survey to all users to track the progression of user satisfaction.

We regularly review user incidents to identify and fix recurring issues.

We are not perfect, and unfortunately, we do make mistakes. But we are absolutely committed to constantly improve our service and give the best experience for all our users!