
Publishing has always been a deadline business. What's changed is the technology that sits behind it. Editorial teams now operate across CMS platforms, digital asset libraries, newsletter tools, subscription systems and collaboration software: often simultaneously, often from different locations. When any part of that stack fails, the consequences land immediately: a story doesn't publish, a newsletter doesn't go, a subscriber can't access their content.
Most publishing IT problems accumulate quietly: a platform that's slightly slower than it used to be, a workflow that requires more manual workarounds than it should, a security setup that nobody has reviewed since it was first configured. This article looks at why those problems are so common in publishing, what tends to cause them, and what genuinely good IT support looks like when it's working properly.
We’ll cover:
- How do publishing companies typically manage their IT?
- Why is IT more complex for publishers than most businesses?
- What are the most common IT problems in publishing companies?
- How does poor IT affect editorial output and commercial performance?
- What should IT support for a publishing company actually include?
- How do you know when it's time to change IT provider?
Let’s start with how publishing companies manage their IT.
How do publishing companies typically manage their IT?
Most publishers, particularly those with fewer than 100 people, fall into one of three camps. Some rely on a part-time IT consultant who handles issues as they come up. Others depend on whoever in the office is most comfortable with technology, which usually means a developer or a technically-minded member of the editorial team who has IT added quietly to their existing role. A smaller number work with a managed service provider, with varying degrees of success.
What's striking is how few publishing operations have a formal IT strategy. According to the DCMS Cyber Security Breaches Survey 2024, only 33% of UK businesses have a formal cyber security policy, and that number drops significantly for smaller organisations. For an industry that handles subscriber data, pre-publication content and commercially sensitive editorial decisions daily, that gap matters.
Publishing is an industry where the content comes first, and operational infrastructure tends to get addressed reactively, when something breaks rather than before it does. The challenge is that reactive IT in a deadline-driven environment is a particularly costly combination.
Why is IT more complex for publishers than most businesses?
The short answer: the technology stack is unusually broad, the workflows are time-sensitive, and the data involved is genuinely sensitive in ways that aren't always obvious.
Most businesses run a handful of core platforms. A typical publishing operation runs significantly more: a CMS, a DAM, a newsletter platform, a subscription management system, a paywall, analytics dashboards, social scheduling tools, an advertising management platform, and the collaboration tools that connect everyone working across them. Each integration between platforms is a potential failure point. Each platform has its own security posture, update cycle and access management requirements.
Then there's the editorial technology layer. CMS platforms like WordPress, Drupal or proprietary systems have specific infrastructure requirements: database performance, CDN configuration, caching, that generic IT providers rarely understand in depth. A provider who has never managed a high-traffic WordPress installation under editorial load will take longer to diagnose performance problems that a specialist would identify immediately.
The data dimension adds another layer. Publishers hold subscribers' personal data under UK GDPR obligations. They handle pre-publication content: embargoed stories, unreleased features, and commercially sensitive editorial decisions that have real value if they leak. And they increasingly run e-commerce and subscription infrastructure that carries payment and financial data. Each of these creates distinct IT and security requirements that a generalist provider may not fully account for.
What are the most common IT problems in publishing companies?
Across publishing operations of different sizes and types, a handful of problems come up consistently.
CMS performance degradation
The CMS is the engine of a publishing operation, and when it slows down, everything slows down. The causes are usually a combination of under-resourced hosting infrastructure, plugin bloat, unoptimised media assets, and a database that hasn't been maintained.
Fragmented digital asset management
Photography, video, illustration, branded assets and archive material scattered across a CMS media library, shared drives and cloud storage. Nobody quite sure which version is current. Licensing metadata living somewhere unreliable. Journalists losing time on deadline looking for files they know exist but can't locate. This is one of the most consistent sources of daily editorial friction, and one of the most straightforward to fix with the right data management infrastructure.
Security vulnerabilities in public-facing infrastructure
Publishing websites are public-facing by definition, which makes them a broader attack surface than most business systems. Outdated CMS software, unpatched plugins and misconfigured access controls are the most common entry points. According to the DCMS 2024 survey, 50% of UK businesses experienced a cyber breach or attack in the last 12 months: for publishers running high-traffic websites, the exposure is real and specific.
Access management that hasn't kept pace with team changes
Editorial teams change constantly. Freelancers onboard for projects and offboard when they end. Staff leave. Contributors come and go. Managing who has access to which systems: and ensuring access is removed promptly when it's no longer needed, is operationally complex when it's handled manually across multiple platforms. IT onboarding and offboarding done properly is one of the most effective security controls available and one of the most frequently neglected.
Remote and hybrid working arrangements that were never properly configured
Many publishing teams shifted to hybrid working quickly and never went back to review whether their remote access setup was actually secure. VPN configurations that were stood up in a hurry, personal devices accessing editorial systems without endpoint management, file sharing arrangements that don't reflect the sensitivity of the content being shared. These are quiet vulnerabilities that sit unaddressed until something goes wrong.
How does poor IT affect editorial output and commercial performance?
The impact of IT problems in publishing tends to be felt in two places: editorial productivity and commercial reliability.
On the editorial side, the effects are cumulative
A CMS that loads slowly adds minutes to every task. A DAM where assets are hard to find costs journalists time on deadline. A collaboration platform that drops connections mid-edit introduces friction into every piece of work. None of these are dramatic failures, but they compound across an entire editorial team, every day, in ways that are hard to quantify but easy to feel.
On the commercial side, the consequences are more visible
A newsletter that doesn't deploy costs subscriber engagement and, for advertising-supported publications, revenue. A subscription platform that goes down costs sign-ups and renewals. A website outage during a high-traffic moment: a breaking news story, a viral feature, costs both advertising revenue and audience trust. The cost of IT downtime is rarely just a technical problem.
There's also the less visible but equally real cost of security incidents. A pre-publication leak: an embargoed story published before the agreed time, a confidential editorial decision that reaches a competitor, damages client relationships and editorial credibility in ways that are difficult to recover from. A data breach affecting subscriber data carries regulatory obligations under UK GDPR, including mandatory notification to the ICO within 72 hours where the breach poses a risk to individuals.
What should IT support for a publishing company actually include?
This is the right question to ask of any current or prospective IT provider: and the answers reveal quickly whether they understand the sector.
CMS expertise
An IT provider supporting a publishing operation needs to understand how CMS platforms actually work: not just that WordPress exists, but how hosting infrastructure, database performance, caching, CDN configuration and plugin management interact to determine editorial performance. This is specialised knowledge that generalist providers often don't have.
Proactive monitoring across the full stack
Publishing pipelines fail at inconvenient times. Newsletters deploy at midnight. Scheduled articles publish on weekends. A support model that only responds to problems reported during business hours is structurally mismatched with how publishing operations actually work. 24/7 proactive monitoring that catches failures before they become reader-facing problems is the right model for publishing IT.
Security built around the specific risks of the sector
That means endpoint management for hybrid teams, access controls for freelancer workflows, WAF protection for public-facing web infrastructure, and a cybersecurity posture informed by awareness training that reflects the specific threats facing publishing teams: phishing attempts dressed as editorial pitches or press releases are a real and specific risk.
SaaS management across the full platform estate
Publishers run a lot of tools. Managing licensing, access, integrations and updates across that estate: rather than leaving individual platforms to be managed independently by whoever uses them, is a meaningful operational improvement. Managed SaaS as a discipline keeps the full stack coherent rather than fragmented.
An IT strategy that connects to business goals
The best IT support for a publishing company isn't just reactive maintenance: it's a provider that understands where the business is going and helps ensure the technology infrastructure keeps pace. Whether that's scaling hosting infrastructure ahead of a traffic-driving initiative, planning the migration from a legacy CMS, or building out the security posture needed to win enterprise subscription clients, IT strategy and advisory is the layer that makes IT genuinely useful rather than just operational.
How do you know when it's time to change IT provider?
The signals tend to be gradual rather than sudden: which is partly why people put up with them for longer than they should.
The same problems keep coming back
A recurring CMS performance issue that gets fixed but returns. A newsletter deployment that fails unpredictably. A security vulnerability that gets patched but isn't part of a wider review. Recurring problems are a sign of reactive support treating symptoms rather than causes.
Your provider doesn't know your tools
If you're regularly explaining to your IT provider how your CMS works, or why your newsletter platform matters, the relationship isn't well matched. Sector knowledge isn't a nice-to-have: it's the difference between a provider who can diagnose a problem quickly and one who has to work it out from first principles every time.
IT isn't part of your planning conversations
A new CMS migration, a subscription platform launch, a move to a new office, a significant increase in editorial headcount: all of these have IT implications. If your provider isn't part of those conversations, they're not functioning as a strategic partner.
You've had a security scare
A phishing attempt that nearly succeeded, a CMS that was briefly defaced, and a freelancer account that wasn't deactivated promptly when a project ended. These are warning signs that the security layer needs proper attention. Threat detection and response for creative businesses is something Lyon has direct experience delivering, as the Creative Agency case study illustrates.
Response times don't reflect the urgency of your work
A ticket number and a 48-hour response window are the wrong model for a business where things need to be fixed before the next edition goes out. If that's the experience your team is having, it's worth understanding what the alternative looks like.
Getting IT right in publishing doesn't mean thinking about it all the time
In fact, a well-supported publishing operation barely thinks about IT: it just works. If that's not the experience your team is having, it's usually worth understanding why.
At Lyon Tech, we work with publishing and PR businesses across London on IT that keeps editorial and commercial operations running reliably. Get in touch with the team to start the conversation.


.jpg)
