A lot of small companies make IT decisions based on price. That's fine as long as they are looking at the actual costs rather than just the price tag. The actual cost can be far higher. In previous issues of Small Business Solutions we have shown the high cost of consumables and the running costs of, say, a printer. Even more expensive, though, is the cost of supporting any sort of IT installation. Most costly of all can be the policy adopted by many smaller traders: that of not supporting their kit at all.

A surprising number of businesses don't bother with technical support, regarding it as an optional add-in. Figures from ProData reflect this: in its survey of companies of 1-50 employees, conducted toward the end of 2001, it found that just under half had neither internal support staff nor did they use outside service companies. Contrast this with information from McGladrey & Pullen that says that a company unable to get at its data for 10 days will never recover fully, and 43% of them will go under, and you begin to see just how dangerous a weak link this can be. A Mori survey for SafeOnline has gone further and suggests that 75% of small companies are inadequately covered for the risks posed by data loss. "Data loss" may sound harmless, but consider we're talking customer details, pending orders and accounts, which businesses are legally obliged to keep for six years, and losing it can be very serious indeed.

"Just because a company is a small business doesn't mean they should automatically take a radically different approach to IT than a much larger business," says David Hughes, partner in technology risk at Andersen Consulting. "The same fundamental challenges and issues apply whatever your business size, including IT strategy, support for your technology infrastructure, security and continuity of operations."

The difficulty is many small businesses, particularly extremely small ones, go pale when they hear phrases like "IT strategy": they're too busy concentrating on keeping the thing running to formulate anything as formal as a strategy.

However, assuming a company wants to stay in business, it is wise to have some sort of policy on technical support and development. It can be tempting to train an internal staff member to support and configure a network of PCs, but the costs mount up swiftly. The initial training (visit learningtree.co.uk, ariseducation.com or any other reputable training site to check prices) is likely to set your business back £1,500 plus VAT for giving someone a qualification as a computer engineer, and the same again to prepare them for a networking certificate. To work out the real cost, you need to work out how much productive time you'll lose while that person is out of the office on a five-day, full-time course, and then how much you'll lose through their becoming a system support person instead of focusing on your core business. A more realistic option involves paying a third party for some sort of maintenance contract if systems are any age at all. If they're newer, then throwing money at third-party maintenance can be a bad idea.

Mark Stevens, business development manager for small business at insurer Eagle Star, is aware of a number of insurers offering cover for business interruption and repairs of computer systems but considers them unnecessary in most cases. "If you back up properly and you have a warranty from the manufacturer, you probably don't need them and they cost a lot." (See help panel, above.) Perhaps surprisingly, he includes extended warranties as being better value.Difficulties can arise with warranties, however, when you have altered a system in some way: perhaps added a software application which is using up all of your memory, or a complex screen saver to a system with only a small graphical capability. It's easy to alter a system's configuration so that it is no longer up to the task for which it may not have been purchased originally but for which you want to use it now.

"Too often businesses put in a network without thinking about the basic additional costs, such as whether the bandwidth will allow for future expansion and what the upkeep will cost in staff time," says Paul Malcolm, UK manager of networking equipment specialist 3Com. "Increasing simplicity in products is reducing overall costs in terms of training and maintenance. But without a proper strategy in place to monitor the full picture, a business will find the costs too much and feel that IT is not offering them what they had expected."

Managing expectations and not trying to force a system to do something beyond its capacity is important, then, and is an idea that can usefully spark a business into preparing some sort of IT strategy to prevent all but the minimum of support issues. This would be a document all the staff could read and understand, and which would need to be enforced - starting with a prohibition on people bringing their own software into a business. (This becomes a particular problem every Christmas when people have been given electronic organisers and want to put the software to synchronise with their diaries on the office system.) A related area is an internet policy and the right to monitor staff's use of the net, to prevent the download of virus-infected files.

Chris Watts, senior crime investigator at IT forensics and data recovery specialist Vogon, offers a number of other suggested IT policy areas that should help prevent unnecessary disasters. "Ensure employee contracts state dismissal for IT abuse," he says, which sounds harsh but, bearing in mind the figures on company failure quoted above, might well appear sensible. He also points to knowledge-sharing so that no individual has too much power, and protecting sensitive documents by restricting access to certain people.

Another useful preventative measure is simply keeping your systems up to date with the latest versions of software. Neil Laver, product manager for Windows XP at Microsoft, says that the newest version of a system always takes better advantage of the computer's innards than its predecessor and that instances of major system problems on the first release are no longer prevalent. "We haven't had any major 'gotchas' with Windows XP," he says.

Overall it has to remain a worry that so many small businesses take the good working order of their IT so much for granted. Consider the old favourite: the comparison between a computer and a car. Nobody would expect a car to run indefinitely without replacement components, oil changes and general tuning-up as a minimum, and yet the same people who pride themselves on their company vehicles allow their computers to be run into the ground by untrained users with no service agreements in place to help when things go wrong.