How SMBs can DIY their IT implementation and support

Many small and medium-sized businesses (SMBs) might struggle to afford third-party relationships - like those with channel partners - or have a specific need or capacity for models that see someone closely manage their technology for them.

Instead, they might want to do it themselves, creating a DIY-style initiative that builds a system with parts from many different platforms, tools, or cloud services.

Could such an approach be dangerous? Essentially, bringing with it risks to security, among other issues for internal operations such as compliance, delivery, and productivity. Or, is it entirely possible? And, if it can be achieved, how would this be done?

Eleanor Watson is a member of the IEEE, the world’s largest technical professional organization dedicated to advancing technology for the benefit of humanity. As an AI ethics engineer, she works principally as a machine intelligence researcher.

Watson is in agreement that for SMBs with limited budgets, the use of channel partners “might not be feasible”. She believes the DIY approach is sound and can work for SMBs but only “when treated as a disciplined strategy, rather than cost-cutting”.

“As a first step, businesses should map business-essential functions (finance, HR, sales, compliance) and assign clear ownership for each system’s uptime and data security,” she explains.

“Invest in architecture first: build a clean, modular stack using open standards (SSO, OAuth2, API-first systems), and document relentlessly. Begin with a manageable scope – self-hosted basics or low-code automation – while maintaining flexibility to integrate external providers later.”

That’s not to say there won’t be any challenges with such an implementation, as Watson is happy to concede. “Achieving interoperability without fragility is the primary challenge,” she warns. “Vendor APIs evolve; dependencies break. Without dedicated integration expertise, SMBs must maintain test environments and version control for configurations.”

Cybersecurity resilience is “equally demanding”, she adds, stating: “A single ransomware incident or supply-chain compromise can cripple an unsegmented network. Apply zero-trust principles – robust identity management, privilege separation, encrypted backups – as foundational defaults, not afterthoughts.”

Risks vs rewards

The most common types of IT channel partners are the likes of value-added resellers (VARs), systems integrators (SIs), managed service providers (MSPs), managed security service providers (MSSPs), and consultants. Vendors they use often include AWS, Google, IBM, and Microsoft, and a channel partner usually provides online training and certification to an SMB.

Ian Anderson, senior director of partner sales at Park Place Technologies, understands the “temptation” of DIY but concurs with Watson, believing the risks must be clearly identified and understood first if SMBs push ahead with this approach.

He cites how a good partner might “understand the business, environment, and resources in a way a DIY approach never can,” but does admit: “The reality is most channel partners have gaps in their service range. They can’t be experts in everything. This is why the smartest SMBs look for partners who are, in turn, supported by specialist service providers to fill those gaps – whether professional or managed services.”

However, for those who still wish to go it alone, Watson has more advice to follow. “Meaningful savings come from open-source platforms, consumption-priced cloud services, and internal automation replacing external consultancy,” she explains. “AI copilots for documentation, compliance drafting, or troubleshooting can substantially reduce administrative overheads.”

Watson also points to the issue of believing you are making savings when actually you might cost yourself more in the long run, adding: “The real economic advantage is agility: direct system control enables rapid iteration without vendor lock-in. However, cheap setups requiring costly rescue operations are common – beware of these false economies.”

Smart work vs hard work

The risk of a DIY approach is greater for mid-sized organizations compared to those smaller businesses, according to Matt Fox, chief operating officer at technology consultancy TXP.

“If mid-sized organizations are to avoid a piecemeal approach to IT modernization, they require a joined-up approach to technology and people,” he says.

“Mid-sized organizations can work smarter, not harder, by working with an external IT provider that has the skills and resources required to fully address their IT needs.”

Fox adds: “However, channel providers need to go beyond simply augmenting team numbers or selling products to provide a transformational service. A successful relationship with a channel partner will involve at least some element of knowledge transfer as experts share their expertise with their partner’s team.

“This ‘teacher-learner’ relationship brings value beyond a simple transaction to working with the channel, and it ought to be the gold standard when working with partners for IT implementation.”

In the real world, there are no clear rules on when to DIY, when to begin with a channel partner, or when to move from doing it yourself to getting third-party help and guidance.

But Siyar Isik, CEO of Eskritor, an AI-powered writing assistant tool, believes DIY is possible when the right guardrails are in place. “Not every small business has to lean on channel partners for IT,” he admits.

“Some can manage on their own, but only if they stay realistic about what is possible.”

Isik’s first advice would be “to start simple” with tools like Google Workspace or Microsoft 365, which have been built with small teams in mind.

“They come with great support communities and plenty of clear documentation. That takes a lot of pressure off the team,” he says.

While it is possible to reduce overheads by cutting costs and avoiding long contracts, there are clear areas where it would be dangerous to compromise, according to Isik.

“Data protection, backups, patching, and continuity planning need to be airtight,” he insists.

“Skipping those is like skipping insurance. A DIY approach can work, but only if a business goes in with clear eyes about its limits and refuses to cut corners on the areas that matter most.”

Weighing up the time outlay

Watson is also concerned about other pitfalls. “Most DIY IT failures stem from underestimating complexity debt,” she explains.

“Integration across accounting, customer relationship management (CRM), and inventory systems can spiral without professional oversight. Security hardening, patch management, and compliance consume more time than expected. Staff turnover erases undocumented expertise, orphaning systems.”

And although the use of Agentic AI tools in an SMB setting might offer simplified management, these can also “amplify errors when unsupervised”, Watson warns.

“Autonomous misconfiguration – AI making confident but destructive changes without full context – is an emerging risk,” she highlights. “Governance remains essential regardless of tooling intelligence.”

There are also real benefits, however, according to Watson. These include full control over architecture, data, and priorities, plus faster iteration and innovation cycles. Deep understanding of your digital infrastructure and reduced dependency on opaque vendor ecosystems are two more.

“Properly managed, DIY IT builds organisational technological literacy – a durable competitive asset,” she adds.

At BI Worldwide, a partner with 300+ Fortune 500 clients, there is clearly an appetite for help from customers who do not wish to go down the DIY path or can’t do so. Deborah Watson, its client and solutions strategy director, suggests asking what a good partner might “bring to the table” before choosing one.

She explains: “This means asking the right questions: is your partner part of a programme that rewards them for investing in training, support, and customer success? If not, you may not be getting the full benefit of what a channel relationship can offer.

“SMBs should ask whether their chosen partner is part of such a programme – it can be a strong indicator of the quality and reliability of the support they’ll receive. Understanding whether their partner is supported in this way can help assess the long-term viability of a DIY approach versus a channel-supported model.”

Planning for growth

For Colin Crow, managing director at digital transformation specialist Nexer Enterprise Applications, the big risk with DIY is “you only know what you know”.

“You might be fortunate enough to have a small team of tech talent in-house, but that doesn’t necessarily mean they are experts in the specifics of the new system you’re implementing or on how to manage the change across the organization,” he says.

“With a partner, you can get the best of both worlds: control over your vision, with expertise on tap to keep you on track.”

However, Zayed Ahmed – who started as a call center agent before founding outsourcing company ASL BPO – believes the go-it-alone route has plenty of positives. They believe it’s just about understanding where the pitfalls are on your journey that might then mean you need greater levels of outsourced help.

“I see very few who succeed with a pure DIY approach,” he says. “They often start there, setting up basic tools like email platforms, cloud storage, or password managers. It feels manageable at the beginning and helps keep costs down.

“But as soon as compliance or security comes into the picture, things change quickly. Most internal teams cannot keep up with constant updates in regulations or the latest cyber threats. Missed patches, poor backup routines, or weak access controls can cost far more than what was saved upfront."

That is why Ahmed suggests SMBs heed this piece of advice: “The question should not be ‘DIY or partner?’ but ‘what mix works best for your stage of growth?’”