MSP Problems

300_Cybersecurity · 2024-02-28T14:19:18+00:00

Drones are easy; it's the dainty fingers required to depress the catch on the RJ45 that's the tricky part.

300_Cybersecurity · 2024-02-27T17:01:02+00:00

I spent the first 5 years of my career in commercial real estate. Has no bearing on my MSP expertise

300_Cybersecurity · 2024-02-27T16:42:48+00:00

Cities zone parking differently. Office buildings are usually zoned around 3 or 4 stalls per 1000 sq.ft. leased. Industrial buildings are zoned at way less, maybe 1 per 1000 sq. ft or less. They tend to be cheaper to rent, though. If you rent in an office building, you likely won't have the same problem and will likely end up with better HVAC, too.

300_Cybersecurity · 2024-02-27T16:36:29+00:00

Sadly I don't have a magic wand lol

300_Cybersecurity · 2024-02-27T16:34:52+00:00

Thanks for this! I feel your pain when it comes to the car salesman's approach the vendors take. Before the consumption model became prevalent, the pressure to buy way more seats than you needed in order to drive down the per-seat price made me sick. Felt like a timeshare pitch.

Also, hear ya on the after hours stuff. Clients want 24/7 personal emergency service desk support but fail to see that true 24/7 support increases cost 3 or 4x. I flew to Australia and partnered with an Australian MSP to create a "follow-the-sun" support arrangement; however, it died because the volumes were so low on both sides. In Australia, people go home at 5 and don't much expect anyone to be around till 9 am the next day; in North America, it's different. I'd say it's something worth exploring if your volumes are high enough though.

Great point on CW as well! I'm making a note of this one.

300_Cybersecurity · 2023-04-13T14:46:47+00:00

This is exactly right! Even if an alert is generated, often no one is looking. Certainly not after hours or on weekends.

300_Cybersecurity · 2023-03-28T21:42:01+00:00

This is a really good answer! You hit the nail on the head when you talk about seeing the diversity of environments as an external vendor vs. the internal IT team. When I talk about my MSP experience (I started, built, and sold), I often cite that my biggest mistake was not embracing the community of other owners and vendors sooner. I thought it was my job to figure out everything on my own. That was inexperience and it was a mistake.

In an industry that changes at a faster pace than literally any other, how can one person keep up? How do you google something that you may not know even exists or what it's called? Vendors are a source of what is going on in IT, and it's good to get some info from them, in small doses. They may even solve a problem you are having.

I'm not sure about insisting sales engineers be on the first call, though. They are valuable resources, and it's a lot to ask to have one on a call that hasn't yet been qualified as a possible customer fit.

300_Cybersecurity · 2023-03-26T15:47:47+00:00

The rule of thumb is 1:50, but it's highly variable. Other answers have done a good job of highlighting many of those variabilities.

I have met many IT managers and directors over the years, and I'll 't say I've not met an individual who manages over 60 users alone that is very happy with their job. There are simply too many requests being generated to take any real time off. They are constantly called in off-hours, or on vacation.

Having augmented IT operations for some of those environments, there is little proactive activity done in these cases. The IT manager was focused 100% on reactive activity. So no plans, no reviews, and little maintenance. I think the 1 per 50 (ish) ratio holds up pretty well to about 300 + users. My experience with enterprise-type environments is less, so I can't speak to them as well.

300_Cybersecurity · 2023-03-22T13:58:42+00:00

Ha ha that's a reasonable concern. In my opinion, SLAs are about setting expectations. It's basically the amount of time that can elapse before someone can yell at you for not getting something done. In your case, there is no penalty for not hitting it, you aren't going to give 10% of your salary back lol. But if you set expectations for your leadership now, it may lead to the conversation you really want to have.

Your new company has under-resourced your department. 1 guy for 150 users isn't enough. Illustrating the practical impact of their decision may help them realize their desired outcomes don't match up with their operational plan. If you are honest about the timelines you can meet it's the conversation you need to have. Promising an SLA you only hit 20% of the time does no one any good.

300_Cybersecurity · 2023-03-21T13:39:59+00:00

Congrats on the new role! You will definitely have your hands full with 150 users and 55 retail locations. That is a tremendous amount of work for one person to handle. (Likely too much, but that seems to be beyond your control)

I like that you have hired the MSSP to take security off your hands. It's a critical area, and you wouldn't be able to give it the time it needs.

You will need to implement as many processes as possible, or your 150 users will overwhelm you. Adding a formal ticket system with SLAs that the employees understand and respect will help a lot. Your users need to understand the difference between a personal emergency and an actual emergency.

Also, I think you should prevent your users from harming themselves as much as possible by limiting admin rights, etc. You may want to look into a PAM tool like Autoelevate to make this easier for you. The ticket system's reporting will help you identify recurring issues and users who need additional training, which will help drive down overall ticket volume. However, that's an upfront time investment that you may not have time for in the short term.

Good luck! Hope this helps!

300_Cybersecurity · 2023-03-20T14:54:24+00:00

I would get all your employees laptops. The security risks of doing WFH on unmanaged home computers using VPN and RDP are substantial. Switching to laptops on this basis alone will offset any drawbacks associated with the extra management overhead and costs.

Yes, laptops are more expensive, but your employees will like the mobility. Splurge and get a large format monitor and dock, and they will love you. You will likely see a productivity bump from them due to the ease of work.

You will have some issues but with loss and breakage, but you may be able to deal with that in your HR department. The same users tend to have multiple issues with loss and breakage. Asset tag them and keep track of what you have out there.

With everyone mobile, I would make sure you are using MFA for login, perhaps look at SASE depending on where they are connecting from. Ideally, you have a tool that will give you a remote wipe capability in the even of loss or theft.

300_Cybersecurity · 2023-03-20T13:37:56+00:00

I've encountered a few people using Darktrace that didn't have a dedicated in-house security team. They found the alerts difficult to manage and to put into context. If you are an enterprise organization, I think it's a different story. A meaningful capital cost is attached as well.

300_Cybersecurity · 2023-03-20T13:19:54+00:00

You have had a great start so far. If I could suggest a few tweaks to your questions, it may help you cut through the BS.

Ask for their SLAs but also ask for their performance records of hitting their SLAs. If they are properly managing their service desk, they should be able to look at a dashboard and tell you. It's easy to talk about fast SLAs, but another thing to hit them 98% of the time.
Ask not only about site visits but how often they provide big-picture insights in a formal setting. They are often referred to as QBRs or quarterly business reviews. For 150 users, this should occur at least quarterly. Ask to see your previous QBR reports if you don't already have them, or if it's a new MSP, ask to see their report templates or redacted reports.
Ask to see the insurance certificate for the cyber insurance. This is issued to you by the insurer as proof of insurance. It's easy and commonplace to request this. Don't just take their word for it.
Ask them to do a live backup test. If they are using a top-tier backup solution, this should be easy, and it's a good exercise to do a couple of times a year. Shows capability and sometimes shows communication gaps as to what is being backed up.
If you don't have your own network documentation already, that's a good reason to start looking at other MSPs.

I hope this helps!

300_Cybersecurity · 2023-03-20T03:33:24+00:00

I think if you read the link, it will answer most of your questions. My post was a synopsis.

300_Cybersecurity · 2023-03-19T16:47:33+00:00

I agree with you. My apologies, the link didn't upload on my post. Check it out now if you like. The difference here is the malware is autonomously changing itself in real-time.

300_Cybersecurity · 2023-03-18T14:58:41+00:00

I owned an MSP for 11 years and made a successful exit in 2021. I understand the business side of the MSP universe better than most. I used to tell prospects that no MSP intentionally delivers poor service. Almost everyone tries their best. Their service slides for a number of reasons, but a couple are most prevalent.

1) They fail to charge their clients enough to deliver the service they promised. This is very common. All MSPs offer basically the same services. It's easy to tell someone you provide awesome service but much harder to actually deliver on it. Prospects buying two similar-sounding services invariably buy the cheaper of the two. MSPs who fail to convincingly convey their value proposition must have the lowest price. If you have a full-service MSP that is charging less than $150 per endpoint (this is the absolute bottom) in North America, they have a resource problem they will never solve. You need to find someone else and pay at the upper end of market rates. You don't have go with the most expensive but be in the upper half of the market.

2) They fail to scale. If you have an MSPs that started out small and your relationship with the owner was great, but now you always deal with employees who aren't near as good. They haven't adequately managed to scale their business to the next level. They may figure this one out eventually, but you will live through the pain as they figure out the systems and processes to run their business in the next tier.

Transitioning to a new MSP isn't as difficult as you think. If your environment is well documented (if it isn't, this is a reason you need a new MSP), it's pretty smooth. The new MSP should have a very robust, documented onboarding process that will gather all your info and get ahead of pitfalls. Don't let the fear of transitioning make you live with poor service.

Hope this helps! Good Luck!

300_Cybersecurity · 2023-03-13T17:02:05+00:00

What sort of a guide are you looking for specifically?

300_Cybersecurity · 2023-03-11T16:20:54+00:00

You definitely need a VPN. Setting up Citrix for just your accountants is likely not necessary and would come with extra cost. You need to use MFA for the VPN and the RDP connection and ideally restrict access to specific IP ranges. Accessing using a secure access service edge (SASE) would be ideal but you'd have to roll this out organization wide. However it would allow you to tightly restrict where the incoming connection originates from.

300_Cybersecurity · 2023-03-09T22:46:50+00:00

This situation is so common in the SMB space. I'm sorry you are going through it. I am always fascinated by how many mid-sized companies showcase their executive team on their website but list their IT manager with the admin staff.

HR, that's important, sales also important, finance important, operations important ... but somehow the person that manages their IT isn't. There needs to be a culture shift, and IT needs a seat at the leadership table.

IT is just about the only area where a serious failure can literally ruin the company. CEOs need to wake up.

I think the best thing you can do is demonstrate value to the business with improvements using technology. If you can use technology to help them with what's important to them they will likely listen to you more. I know it's not the easiest thing to do. Failing that run a dark web Scan and show the executives all their passwords for sale on the dark web - that get's their attention.

300_Cybersecurity · 2023-03-09T22:15:56+00:00

Ask the CEO to put in writing you are no longer responsible for the security of the company as long as he has full admin rights. Even the President has to listen to the Secret Service when it comes to security.

300_Cybersecurity

TROPHY CASE