IT Checklist for New Architecture Company

Last updated on March 5, 2024


Register a Domain
Configure domain privacy
Get an SSL/TLS certificate if your DNS registrar doesn’t automatically provide one
Talk with your web designer to configure DNS records to point your domain to your web hosting, or configure a redirect to the page you would like to feature
Configure Emails
Select a provider & configure DNS records
Microsoft 365, Google Workspace, Zoho, etc.
Free alternative (such as a Gmail account) configured with authorization to send and receive on behalf of your company
Configure SPF, DKIM, and DMARC


Technically SPF, DKIM, and DMARC are optional, but they are strongly encouraged to prevent malicious actors from pretending to be you, and many email providers are now requiring these in order to successfully send emails from a subscription or marketing service.


Computer Specifications

OS: Windows 11 Pro, 64-bit
CPU: Current generation Intel i7 / AMD Ryzen 7, or better
GPU: NVIDIA GeForce RTX 3070 / Radeon RX 6850M XT, or better
RAM: 32 GB, or more
SSD: 1 TB, or more


These recommendations are based on using Lumion and Autodesk Revit software. Revit LT, Enscape, and Sketch Up have lesser requirements.
Desktop computers will always be cheaper than a laptop with similar specifications, but without the obvious benefit of mobility.
It is always advisable to ensure your computer is running with the most up-to-date feature and security patches, for both the OS as well as any software installed.


Modeling software: Revit, Revit LT, Chief Architect, Vectorworks, and many more
Rendering: Lumion, Enscape, SketchUp, and many more
Media creation: Adobe, Canva, and many more
Accounting software: QuickBooks, Wave, Excel, and many more


It is, of course, impossible to compare every individual piece of software you may use. If you have questions about implementing a new software solution, I would be happy to discuss it to answer any IT-related questions you have.

Data Management

Data Storage Location

On your computer
In the cloud (Google Drive, Microsoft SharePoint/OneDrive, Dropbox, etc.)
In a software-provider’s cloud (Autodesk Construction Cloud (ACC or BIM360), etc.)

Data Backup

None, lol. (please, please, don’t choose this one)
External hard drive
Cloud (Google Drive, Microsoft SharePoint/OneDrive, Dropbox, etc.)
Backup-specific cloud provider (MSP360, N-able Cove, etc.).

Data Restoration

You test restoring data at regularly scheduled intervals


Cloud providers (Google Drive, Microsoft SharePoint/OneDrive, Dropbox, etc.) usually do not guarantee data integrity. If you are hit with ransomware, they may be unable to assist. They also do not protect from accidental deletion outside of their normal file retention policies, which are usually 30 days.
Cloud backup providers (MSP360, N-able Cove, etc.) usually include data retention and integrity commitments in their terms of service.


Security Baseline

Passwords or passphrases are 12 characters or more.
You use a password manager to generate and store secure passwords.
2-factor authentication (2FA, also known as multi-factor authentication) is enabled on every account that allows it.
You use dedicated admin accounts, without email access, to reduce the chances of admin account compromise.
All admin accounts have 2FA enabled.

Security Next-Steps

Your computers are protected with antivirus with machine-learning and/or behavioral analysis (at a minimum) or—preferably—an EDR (endpoint detection and response) solution with 24/7 monitoring.
Your emails are protected with a spam & attack mitigation solution.
All staff are routinely trained on phishing awareness and cybersecurity risks.
Your cloud solutions (Google Drive, Microsoft SharePoint/OneDrive, Dropbox, etc.) are backed up with another provider, to ensure data integrity.


Text-based 2FA is considered less secure than other options, due to the risks of sim-swapping, but is better than nothing.
Using a TOTP application (Google Authenticator, Aegis, Microsoft Authenticator) is strongly recommended. Certificate-based 2FA tokens (Yubikey, etc.) are considered most secure.
Current industry best practices recommend against having a scheduled password-cycling policy (i.e., a new password every 90 days) because these policies have been shown to decrease password complexity and increase the chances of password reuse. Best-practice now is to require
A) a long password or passphrase, ideally with 20 characters or more, with
B) non-SMS-based 2FA enabled, that
C) only is changed if there is a suspected or known compromise of the password.


Your internet speeds are as fast as possible, with a recommended minimum of 250 Mbps/250 Mbps.
Your computers are physically connected to your network via an Ethernet cable, whenever possible.
If you cannot physically connect your computer, use a wireless router that provides secured Wi-Fi access, with WPA2 or WPA3 password-protected encryption.


Your internet speed, wired or wireless, can be checked at