MSP Community Blog
The ASCII Blog highlights articles featuring MSP members from our community as well as ASCII staff
ASCII Insight: MSPs Share Their Thoughts On What Products You Need To Offer
In our ongoing quest to provide you with the best business advice possible, we’ve partnered with The ASCII Group and their members who are going to share their thoughts on timely topics or best business practices. In this article, the following ASCII member answered our questions about what products managed service providers need to be offering:
- Mike Bloomfield, President Geek, Tekie Geek
- Joshua Liberman, President of Net Sciences, Inc.
- Ben Filippelli, Level5 Management
- Scott Ford, Pronesis Technology Group
- Dawn Sizer, 3rd Element Consulting
- Raffi Jamgotchian, Triada Networks
Q: How can choosing the products you offer be used to differentiate your MSP from your competitors?
Bloomfield: The products offered in your technology stack says a lot about your business, both in maturity and quality. For example, if you are offering consumer-grade antivirus protection rather than enterprise advanced endpoint protection as part of your MSP stack, it clearly shows that you do not take security seriously and potentially that your business is less mature in understanding the needs of your clients. For this reason, you must fill your technology stack with all the correct pieces to showcase that you take your clients seriously and truly care for their success.
Liberman: The mix of products and services your MSP offers is every bit as critical as the way a master chef prepares the ingredients of an outstanding meal. It is broadly true that we all have access to the same “ingredients” but how we choose and prepare them is everything. And remember, we don’t sell ingredients; we sell pies, or cassoulet if you prefer.
Ford: Choosing certain products can differentiate you from your competitors, but it shouldn’t. You can select the products that have the best reliability, score highest in Gartner reports, etc., but if you are telling your clients that you are better than your competitors because you use product A instead of product B, then you are not really differentiating yourself; you are differentiating your products. Besides, what do you have to offer when your competitors start using product A? Instead of relying on products to differentiate yourself, focus on what you bring to the table such as innovation, reputation, or creative solution design. Determine what makes you unique, then market that.
Sizer: Every MSP has access to the same products. Every MSP chooses their stack based on their margins, what the product is capable of, and other factors that influence their opinion. Knowing how the products compare against others is the key. You need to know both the advantages and disadvantages of each thing you sell and how it rates against other products. Make your products part of your USP or unique selling point and you will be head and shoulders above your competition.
Jamgotchian: Sometimes investing in products, particularly ones that do not have a traditional MSP program may give an advantage purely from a perception that you play in the big leagues. Most of the time, the individual programs themselves give very little in terms of differentiation in the market place.
Q: What are the advantages of bundling services?
Bloomfield: There are many benefits to bundling services, from onboarding to sales benefits. Your stack says a lot about your business and you can bundle products that your clients may not even know they need until they see you offer it to them, one example in our stack is a cloud-managed email signature management tool. This is one that almost no clients will come to you for but after hearing what it is and that they have it as part of our offering, they are ecstatic. It also makes sales more consistent and onboarding easier when you have standardized bundles.
Liberman: To draw on the same metaphor, our bundling is our “recipe” and we have to closely control deviations. You can get a salad without dressing but try to get borscht without beets. Nobody can scale their operations and achieve optimized service delivery with an a la carte menu. Do you want to have to line item and defend your choices? Sell pies, not flour, sugar, and berries.
Filippelli: The last thing MSPs want is to have to line item their services with pricing so that a client thinks they need to pick and choose what the offering is to them. The best way around this is to create a full solution, become good at everything you offer, and then bundle it in a per-user or per-device package that is easy for clients to digest and understand. Remember, most of your clients do not care if you use SonicWall or Cisco firewalls or if you use Sentinel One or Sophos antivirus – what they need to know is that you will solve a problem for them, and it often requires multiple product layers to do that best. By bundling the services and products to create a complete stack that you feel comfortable supporting and all of your technicians know and can support, you will end up with easier time billing, profit tracking, and your clients will be better served by it.
Ford: When you line item pricing, it makes it easy for clients to question each nut and bolt, and sometimes they will treat it like a buffet: some of this, none of that. However, as the IT Consultant, you should be carefully curating the services that will make the most impact and make the most sense for your client, and that should be presented as a holistic solution. If you break your leg and the doctor tells you, “No activity for 2 days, we’re going to put you in a cast, and I want you to use crutches for the next three weeks,” do you reply to your doctor with, “Well, I can do the ‘no activity’ part, but I don’t think I’m going to get the crutches, and instead of a cast, can we just use an Ace bandage?” It should be true, and you should help your clients understand, that you are not recommending something just to add more services to the agreement, but because it’s the best solutions set for their business.
Sizer: When you bundle your services together you can brand them. Why sell A brand antivirus, B brand phishing training, C brand SOC, and D brand password management when you can sell YOUR MSP branded security package? It also allows you the flexibility of adjusting your stack without having to modify your offering to your client. They don’t necessarily care which product you have chosen if they get the result you promised. By bundling, you can adjust what individual products you use based on the market or the client’s needs.
Jamgotchian: To piggy back on the last question, this is where you can differentiate. You may figure out a unique stack based on a world view that gives you an advantage. For example, but spending a little more on some security tools we’re able to keep down the affects of malware and its our belief that the endpoint more than the network is the key particularly now as where that endpoint is isn’t usually behind the client’s firewall.
Q: What developing products do you see as your main opportunities in the next 1 to 2 years?
Bloomfield: I expect we will continue to see new security offerings that will make for the most opportunity in years to come. Hackers are not going anywhere and many companies are coming out with state-of-the-art technology to make it easier to protect our client base.
Liberman: Whitelisting of applications for the SMB Market. Advanced MFA that includes options for biometrics so that we can do away with SMS delivered factors. Encryption everywhere, including data on the local network. DOT (DNS encryption over the transit layer), though DOH (DNS over HTTPS may end up winning out here).
Ford: SD-WAN isn’t exactly new, but it hasn’t been widely adopted in the SMB market yet either. Nonetheless, there are plenty of SMBs that have more than one ISP for redundancy. I believe that eventually there will be a shift toward SD-WAN so that businesses can get their money’s worth out of multiple bandwidths instead of only using one at a time (active/active scenarios notwithstanding).
Sizer: I think outsourced SOC’s are going to advance significantly in what can be seen through the network and cloud environments. It wasn’t that long ago most security had to be done with a device in the network, logs sifted after an issue, etc. The costs are already coming down while margins and abilities are increasing.
Jamgotchian: We’re starting to see it now, but the zero-trust network model will go further down and be able to be embraced my small businesses. Also, I’m hoping for more cloud-centric RMM tools. Today we centrally manage and control assets like desktops, laptops, firewalls, network devices and servers. We need better tools to do that in the cloud centric age where more businesses are going to multi-cloud providers.
Q: What product-offering advice do you have for an MSP that is starting out?
Bloomfield: Focus on efficiency and don’t be afraid to spend some money. When starting out we all look for the cheapest and months or years later that usually comes to bite us in the back. Spend money on things that will help the business run efficiently and especially on products that help to keep the money coming in on time, such as billing portals, which make it easier for clients to pay and set up autopay.
Liberman: Decide up-front if you want to be a best of breed shop or a one-stop-shop. Find the right partners for your stack (if the former) or your tunneled and managed traffic (if the latter). And stick to your guns and become an expert with the tools you’ve chosen. Find one critical vendor for every major service (UTM devices, EDR, SOC, etc.).
Ford: Do not chase the cheapest solution. In the beginning, that course of action is tempting because often new MSPs are operating on a shoestring budget. But keep in mind, the cheapest solutions can be the least reliable, the least feature-rich, the least likely to integrate, the list goes on. Do not try to do a lot of things poorly; do a few things well and build your product offerings organically.
Sizer: Choose your vendor partners wisely. You’ll find products to do absolutely everything under the sun out there, and they all come with a cost that drives up yours. Find the ones that interest you the most, talk to your peers, and ask what products they use and why. Then, choose a product and know it inside and out. It saves time and money when you standardize your stack.
Jamgotchian: Standardize your tool stack, but don’t be afraid to evaluate on a cadence that you are comfortable with, iterate, and change. While you are small you can change more easily. But look for major shifts. If the AV solution you get from your RMM tool isn’t cutting it, get rid of it. It’s costing you more money than its saving by integrating into the single pain of glass.
Q: What three solutions should every MSP offer and why?
Bloomfield: Every MSP should offer Advanced Endpoint Protection, Active Breach Monitoring, and Business Continuity. Those three solutions should be the framework of the remainder of your stack with the ultimate goal to minimize risk to your clients on an ongoing basis.
Liberman: Firewall/UTM no matter what with no exceptions ever; the single most broadly effective thing you can do. Sophisticated backup that includes a business continuity and disaster recovery offering; again no exceptions ever because it is not if they’ll get hit, it is when. Effective and secure remote access solutions (work from anywhere if you prefer); because its 2020.
Filippelli: In a crowded MSP space, everyone should have three core items in their solution stack. The first is a BDR solution, secondly is a good security solution (including password management, identity protection, dark web scanning), and last is an experience solution. BDRs are often a business necessity, the statistics on a company without a good backup/recovery plan of ever staying in business is so high it’s impossible to ignore. A good comprehensive security solution often involves a few different items bundled together, from an a/v and web protection product, to password management. Your security solution should have a system and individual layer, for example, a good stateful firewall with IDS/IPS or security suite and then a personal desktop web filter, identity protection, and maybe a good password manager tool. The final solution is an experience solution. An experience solution is something more than ‘email support’, it’s an option for people to see and manage their tickets. It could be a USB button or a ticketing website and gateway to your services. There are several players in this new ‘experience’ market, and this is a good differentiator in your overall offering.
Ford: Monitoring and alerting with RMM tools is pretty much the cornerstone of MSPs. Security is a hot zone and cannot be ignored. The third would be email solutions. Every business uses email and most of them care more about email than anything else, so know it and love it. Those three may seem obvious, but that’s only because, as the question inferred, every MSP should offer at least these.
Sizer: Service & Support, Backup and Disaster Recovery, and Cybersecurity. The value add of any company is in the relationships you build with the client. Offering the support to be able to forge a relationship with the employees and decision makers is key to client retention. BDR is a given, but the product you’re selling needs to be able to recover a client from a lost or deleted file to complete system loss. Anything less than that and you’re not offering a BDR solution and not protecting your client. Cybersecurity is the key product. Whatever product or group or products may be, it needs to be able to train and test the users, protect them from themselves as well as the threats, and have the ability to detect and stop live threat actors over a vast attack landscape.
Jamgotchian: Robust endpoint protection – this is where most of our risk is and where the rubber meets the road; robust anti-phishing protection – this is where most of our attacks are coming from. You may need to use two filters; and robust alerting and visibility into cloud data stores- this is where most of your client’s data will be stored and potentially lost or leaked.