How to Make Your In-House Team a SuperPower with an MSP
Managed service providers, or MSPs for short, continue to gain in popularity and provide value for businesses across the globe. “The top 100 MSPs generated more than $1 billion in annual recurring revenues … [and] recurring revenues grew more than 27 percent from 2009 to 2010,” according to MSPmentor, a managed services blog. This market growth is largely tied to companies facing increased compliance demands, staffing and skill challenges, growing volumes of data, and increases in the number and complexity of security attacks.
MSPs are service providers that remotely manage and monitor portions of a client’s information technology (IT) infrastructure such as firewalls or network infrastructure. A company can hand over the maintenance of their devices or appliances without compromising their people or policies. Engaging an MSP is a fairly affordable and easy way for a company to operate more efficiently. Outsourcing lost some popularity after the 1990s because many companies felt they lost control and outsourced too much of the business operations, but today selective sourcing is a growing trend. Businesses can engage an MSP as a partner who can work as an extension of their in-house team. The MSP manages parts of their technology environment, while the necessary business functions and policies are still managed in-house.
Many IT business leaders want to focus their time and energy on the core parts of their business that drive profitability. Alternative sourcing via an MSP enables them to do so while ensuring that their day-to-day IT infrastructure management and monitoring are handled expertly and proactively.
An MSP can offer technology management of a company’s IT infrastructure or some parts of it. It can provide expertise on the latest technologies, in terms of upgrades, compliance and end-of-life information; 24/365 coverage; fixed-price contracts; unlimited support calls; portal and email accessibility for status updates; and regular data reports.
How Managed Services Can Help
There are many ways an IT organization can use an MSP. Security is hands down the favorite among the MSP functions. Monitoring, managing and securing the massive amount of information coming in and out of an organization can be overwhelming. MSPs are adept at managing and protecting data by using cutting-edge technology solutions and following industry best practice processes such as information technology information library (ITIL) and international organization for standardization (ISO) standards. Additionally, an MSP offers certified, experienced staff accustomed to addressing the same kind of challenges over and over again, which enables them to solve problems more quickly. A valuable by-product of the intensive monitoring by MSPs is detailed analytical data—typically in the form of monthly reports. For example, the analytics can help track whether there is a need for training on a certain product or which applications require updating.
Using an MSP also enables IT organizations to hire a partner to work as an extension of their team without increasing their headcount or having to invest in training full-time IT employees to learn and understand new technologies such as security information event management (SIEM) which requires significant time, money and resources. In addition, multiple locations or geographies pose challenges for IT organizations, as does keeping current with core technologies or necessary software updates to ensure, for example, that a firewall is secured. Furthermore, many IT organizations struggle to maintain and achieve service level agreements (SLAs) with the business. MSPs can ensure these are met or even exceeded while ensuring upgrades and maintenance do not fall behind.
Overall, using an MSP saves costs for training and certifying of in-house staff. Some businesses operationalize the cost of an MSP, so that the monthly fee is a predictable operating cost, versus a capital investment in personnel and equipment. According to the Computing Technology Industry Association’s “Trends in Managed Services” study, 46 percent of organizations using managed services have cut their annual IT expenditures by 25 percent or more as a result of their shift to managed services.
How to Find the Right MSP
If you are considering working with an MSP, there are a few things to keep in mind. It goes without saying that affordability is important; however, a client should look at the overall value, as higher service levels can translate into greater system availability, higher productivity and sales. In addition, it’s also helpful to:
- Research the provider. Understand the vendor’s strengths and weaknesses, and select a provider that’s a good culture fit. When establishing a long-term relationship, find a comfort level with a partner that offers good communication, so that they act as an extension of the in-house team.
- Think about location. The physical location (e.g., onshore versus offshore) of the MSP can be a factor for some organizations. It’s important to understand that there are challenges with offshore providers, especially if the business hasn’t worked with one before. Offshore relationships can take longer to set up and might have legal or compliance regulations or restrictions as well as increased risks—political or otherwise—based on the location of the provider.
- Consider the capabilities of the MSP. Look at the provider’s overall capabilities. For instance, what are their on-site consulting capabilities? What types of tools and processes do they have in place to ensure quick diagnoses and remedies? What is the full value the partnership can bring now and in the future?
- Define policy ownership. Consider the policy ownership model the provider uses. Can your business maintain ownership and decision-making responsibilities for policies, or does the MSP dictate? Typically, it is helpful if the MSP leaves the ownership of policy and changes to the client, and acts as an extension of the in-house team, implementing and maintaining the operational environment on a day-today basis. To ensure agreement and understanding of who can authorize changes in advance is an important process for incident and change management.
How the Process Works
Before an MSP begins to take on certain day-to-day operations of a client’s environment, it assesses and reviews their client’s current IT infrastructure. The purpose of this review is to scope the engagement and produce a statement of work. It’s important for the client to thoroughly review the statement of work, understand everyone’s responsibilities, how changes will be managed, the service level agreement and penalty provisions. The MSP will then design, build and implement their IT infrastructure to fit the client’s IT infrastructure, providing a base for providing managed services to meet physical, front-end system security and back-end system security.
Typically, an MSP has three different levels of service:
Level 1: This level is considered the basic package. An MSP agent typically logs the call and handles faulty hardware replacement and some initial troubleshooting.
Level 2: In addition to the basic level support, level two will help the client with more detailed troubleshooting.
Level 3: This is the most advanced level of support performing the following functions:
- Complex troubleshooting
- Change management
- Software updates (version, hot fix); testing and software release approval
- On-site consulting services (upgrades, integration, rule base clean-up, security vulnerability scans, and risk information security assessments.)
The Goal of Service Level Agreements
An SLA is an agreement between the provider and the client, and is one of the components used to govern whether the requirements of the contract are being met. The main goal of this agreement is to ensure that the business documents the level of service to be provided, and defines the roles of both parties in relation to the service requirements. It outlines how service will be measured and any penalty provisions.
Most providers have standard SLAs that they present to their clients for consideration. They will typically review these with the client based on their requirements and can adjust the terms as necessary. When the MSP and client complete the agreed-upon document, both parties will sign it. From this point, the service then moves to the transition stage, where the planning team will begin to transition the service to production.
Evaluating Your Current MSP
Once a business has been using an MSP for awhile, it is important to stay on top of the service, specifically to ensure that contract terms are being met and to ensure value for money. It helps to review your provider and contract every six months by asking yourself and your team the following 10 questions:
1. Is the service worth the cost over the life of the contract?
2. Are the MSP reports regular enough, and do they provide value?
3. Has incident management improved, or has it gotten worse?
4. Is the overall return on investment (ROI) being realized?
5. Are the service level agreements being met?
6. Is the MSP making day-to-day operations easier?
7. Has it been helpful to operationalize the costs versus making a capital investment?
8. Has the overall system performance improved?
9. How current is the environment under the MSP?
10. Is the MSP easy to work with?
The Value of an MSP
Companies are increasingly using an MSP as part of their overall sourcing strategy. Company leaders will continue to want to spend their time on areas of the business that drive profitability, handing off parts of their technology environments to specialized experts. It’s important to remember to take the time to find the right fit. Be sure to engage in regular reviews to make sure that the provider is delivering on its promises.
MSPs continue to offer value and peace of mind, especially in the areas of security and compliance management. They can also deliver detailed systems information along with analysis that provides meaningful business insight into IT operations. An IT organization can better serve the business when it has a clear understanding of the value and benefits of managed services.