MiBOT SupportMiBOT Support

Free self-assessment — 60 seconds

What's your IT Health Score?

Nine questions on the things that actually take South African businesses offline — backups, patching, MFA, ransomware protection, POPIA readiness, and the one-person-IT problem. Scored out of 100, instantly. No email needed to see your score.

Loading the 60-second check…

What the IT Health Score measures — and why each question matters

The nine questions are the same ones we ask in a paid technical assessment, weighted by how strongly each factor predicts downtime and breach impact for SA SMBs.

1. When did you last test a backup restore?

A backup that has never been restored is a hope, not a plan. The moment you find out whether it works is the worst possible moment — after ransomware or a dead server. Tested restore drills are the single strongest predictor of how well a business survives an incident, which is why this question carries the most weight in the score.

2. How do software updates and security patches get applied?

Most successful attacks exploit vulnerabilities that already had a patch available. An unpatched machine isn't neutral — it's an open window. A documented patch cadence with expedited critical patches closes the window before an attacker climbs through it.

3. Is multi-factor authentication (MFA) turned on for email and key systems?

A stolen password with no MFA is a walk-in. Business email compromise — the fake invoice, the redirected payment — almost always starts with a mailbox that had no second factor. MFA on email, admin accounts and remote access is the cheapest large risk reduction available to an SMB.

4. When IT breaks today, how fast does someone competent respond?

Downtime cost is mostly waiting cost: staff idle while nobody has even looked at the problem. The difference between a written response commitment and "we'll get to it" is measured in salaries. If nobody has committed a response time to you in writing, you don't have one.

5. Do you know what IT will cost you next month?

Unpredictable IT spend is a symptom, not just an accounting nuisance: it means your IT is reactive, billed per failure. Businesses on flat per-user pricing budget IT like rent — and their provider is incentivised to prevent incidents rather than bill for them.

6. What is protecting you from ransomware right now?

Antivirus on its own is a lock on the front door with the windows open. Unmonitored protection fails silently — the alert fires and nobody sees it. Layered, watched protection (AV + anti-ransomware + patching + tested backups) is what actually keeps an SMB off the victim list.

7. Do you know where your customer data lives and who can access it?

POPIA makes you accountable for personal information whether or not you can point to where it is. Beyond compliance, undocumented data is unprotectable data — you can't control access to a spreadsheet you don't know exists. A simple data map with controlled access covers both the regulator and the risk.

8. If your IT person disappeared tomorrow, what happens?

The single point of failure in most SMB IT isn't a server — it's a person. Passwords, network layout, licence logins, "how the VPN was set up": when that walks out the door on a resignation or a sick day, you're locked out of your own business. Documentation and team coverage remove the hostage situation.

9. How does your team handle passwords?

Reused passwords mean a breach at any random website becomes a breach of your business email. Shared logins mean you can't tell who did what, and you can't cut access when someone leaves. A password manager fixes both for a few rand per user — it's the lowest-effort item on this list.

IT Health Score — FAQ

Do I need to give my email address to see my score?

No. Your score and band are shown instantly on the page — no email, no sign-up. The email is only needed if you want the full written report sent to you afterwards, and that's optional.

How is the IT Health Score calculated?

Nine questions, each weighted by how strongly it predicts real-world downtime and breach impact for South African SMBs. Tested backups carry the most weight (15 points), followed by patching, MFA and ransomware protection (12 each), then single-point-of-failure risk, data governance, response time, passwords and cost predictability. The points sum to a score out of 100.

What does a low score actually mean?

It means several of the common failure modes — untested backups, unpatched systems, no MFA, one-person IT knowledge — are live in your environment at the same time. Each one is fixable; the score is a prioritisation tool, not a verdict.

Is this a sales pitch?

The score is honest whether or not you ever talk to us — the questions are the same ones we ask in a paid technical assessment. If you want help, MiBOT's managed IT is a flat R450 per user per month (excl VAT, 12-month agreement) covering unlimited remote support, patch management, network monitoring, antivirus and anti-ransomware with a sub-1-hour response on logged incidents — backup, Microsoft 365 and VoIP are add-ons. But the score costs nothing and commits you to nothing.

Fixing the gaps is cheaper than you think

MiBOT's managed IT covers monitoring, patching, antivirus and anti-ransomware with a sub-1-hour response on logged incidents — R450/user/month excl VAT on a 12-month agreement, with backup, Microsoft 365 and VoIP as add-ons.

Book a callCall