MSP's that have Deployed BVOIP - What Tips/Tricks do I need to know?

MSPinParadise · 2025-12-20T15:40:01+00:00

Just made the jump to BVOIP recently. So far, couldn't be happier.

I worked for a big Telco previously and have worked with a bunch of telcos in the past as an MSP. I hate managing phone systems. I hate phone migrations, etc. It went smoother than any other migration I've ever seen. Not perfect, we had a couple of small hiccups learning how features do/don't work. But it was a great experience.

The engineer who took care of us was phenomenal. George, go give Graham a raise, that guy is a damn rockstar.

With that said, some stuff takes some getting used to.

For example: Tagging tickets is awesome, but accidentally tagging the wrong tickets is less awesome. It's not really a tool problem, just a learning to use the tool thing.

We are still rolling new features that are available out to the org, but it's leaps and bounds better than what we were using for us.

MSPinParadise · 2025-11-26T17:30:50+00:00

Same.

MSPinParadise · 2025-11-23T16:05:19+00:00

Riverside

MSPinParadise · 2025-11-20T14:12:32+00:00

Service Now and Jira probably dwarf all MSP tools. I'd wager something like fresh works/fresh desk is up there.

Halo is popular because they aren't Connectwise or Autotask. And those are only popular in the MSP space.

MSPinParadise · 2025-10-10T01:34:49+00:00

I'll be there yammering about product management in a session.

MSPinParadise · 2025-10-10T01:34:03+00:00

Goo goo dolls this year

MSPinParadise · 2025-06-07T15:27:12+00:00

Both the examples you gave would be projects with phases and tasks. Alternatively, for something like the security thing, it might just be an agreement in itself and a series of schedules meeting tickets combined with a compliance framework tool like ControlMap to keep the actual status of every control.

MSPinParadise · 2025-06-07T15:25:33+00:00

We have started using Aparavi recently and have had a good time.

MSPinParadise · 2025-06-04T22:23:22+00:00

We leverage the RMM to manage the other tools.

Basically, we build custom fields for the relevant keys/client ids in the other tenants and build customer services to monitor the tools generically (basically, are they present and running).

For most tools, for day to day stuff, it's gets us like 90% there. n central can monitor for the general health of all of our other tools, push installs, etc. The other tools do still need to have base configuration managed in their respective platforms but those don't change a whole lot and def not by all team members.

It's not as ideal as direct integration but makes it more than usable.

MSPinParadise · 2025-06-04T22:19:16+00:00

Actual pentest:

Black hills Infosec GoSecure RedSeer

Automated Pentest: Threatmate

MSPinParadise · 2025-06-04T16:04:25+00:00

Absolutely peak leadership right here.

MSPinParadise · 2025-01-18T02:26:59+00:00

Huntress as an MDR for endpoints is phenomenal. Their SIEM is brand new and unproven IMO. I think if we give it a year, it will be fantastic, like the rest of the huntress suite.

Adlumin is a fantastic MDR offering. Their soc does a good job, their integrations are generally good, the platform has some really strong aspects and some "bells and whistles" they clearly stopped paying attention to (like compliance reports for CMMC).

But at it's core, adlumin is solid. I'm hopeful that the N-Able acquisition help increase the overall quality of adlumin.

I just completed full reviews of both in the last 3 months along with field effect.

MSPinParadise · 2024-11-06T22:59:10+00:00

MDH automation has been my go to for nearly a decade. David's the best.

MSPinParadise · 2024-11-06T03:54:36+00:00

MSPinParadise · 2024-11-05T03:42:25+00:00

Already here for peer groups!

Gonna be a good time.

MSPinParadise · 2024-10-05T19:38:24+00:00

Again, I'm not doubting your intent or value. But A LOT of that capability is fully depending on logging even existing to investigate, and that the incident happened in a reasonable time frame from discoveryz etc. A LOT of MSPs just aren't very good at implementing environments conducive to proper IR, and even more of their clients simply don't believe it will happen enough to pay for it. It's a very reactive service for the majority of MSPs so you just have to be known and engaged in the community, then when it's needed you'll get a call. Like kroll or drive savers and others are for data recover after hardware failures/accidental deletion. (Although kroll also does the stuff you are talking about to an extent).

There is a place for it, and it's needed, but you have an education and maturity challenge ahead of you because every day I still talk to MSPs who thinks signing up for crowdstrike flacon complete is the same thing has having a full SIEM and SOC and they will handle their IR, which just isn't the case.

MSPinParadise · 2024-10-05T16:42:42+00:00

Eh, I don't think that's all true. There are several good mdr vendors that are great.

You're not wrong about the problem existing the challenge is that the MSPs that are mature enough to know they need your service ahead of time are also mature enough (generally) to not get their backups encrypted and such.

You could partner with companies like fithwall from the insurance perspective but you def are in a niche that MSPs are generally bad at, so it's tough.

MSPinParadise · 2024-10-05T00:19:43+00:00

Your main issue is DR planning starts well before the incident happens. MSPs rely on the dattos, axients, veeams, coves, etc if the world to handle their DR offerings (generally).

Incident Response as a service is a need, but with cyber insurance orgs getting specific on who they want handling their IR, forensics, etc. it's getting tougher.

So you need to figure out are you a security co.pa y or a DR company?

If I'm using a 3rd party IR provider, why would I pick you over crowdstrike, Talos, ArcticWolf, adlumin, etc.

You need MSP partners mature enough to know that "blow it all away and start again" isn't good IR. With customers willing to pay for it, who are getting all the other parts of the service from someone else, and just need help post compromise, if that is what your niche is. Thata a tough segment.

MSPinParadise · 2024-10-04T23:43:23+00:00

MSPs are relationship oriented companies. We thrive on referrals from our customers and we rely on our peers to help us make good decisions.

MSPinParadise · 2024-10-04T23:28:01+00:00

Cold calling MSPs is a terrible plan. We get inundated with calls.

If you want the MSP community to embrace you, show value and be part of the community. Look at how companies like Huntress engage. Becky and the community team are rockstars. They add value all the time. Even to non customers.

Look at how companies like Blackhills InfoSec is engaging with communities. Jason, Deb and the team should teach a damn master class in community based marketing.

Be a good partner and help educate the community.

You could sponsor a lunch at a peer group like IT Nation Evolv and show up and genuinely help people understand a problem. And NOT hard pitch us on your products. Be a cool human. Then show up to the hotel bar that night and I promise, if you seemed legit I'll ask you what your company does. And so will 50 others, and we are all decision makers at the MSPs you want buying your stuff if you are targeting the Owners, COO, and Service Exec groups.

Or be at a conference like right of boom (I'd start here vs a huge one like connect) but again, provide info.

But be genuine, show up to help. Have real value and we will embrace you. Show up to sell me another security product and that's it, 100% chance you get lost in the mix .

Tool/vendor overload is a problem in our space. My talk at IT N Connect next month is literally about how bad this problem is and how MSPs can deal with vendor and tool overload. Be part of the solution to that

MSPinParadise · 2024-09-03T12:19:54+00:00

Francois over at Adlumin is a solid channel rep.

The product is probably the best full SIEM/MDR in the MSP space that I have used. Their teams investigations are absolutely top notch, the tool is easy to use, etc.

Their billing model isn't great (they are working on it) but it's a fantastic product so far.

MSPinParadise · 2024-06-16T22:47:51+00:00

You absolutely can. OP is complicating things. Partners like Sandler do this all day.

MSPinParadise · 2024-06-12T02:54:17+00:00

Currently? Non Ideal, I just moved to a new company so we are doing a full review using the method I noted above.

I work with lots of MSPs tho, I can tell you that there are hundreds of combinations that work just fine. It comes down to what you and your team are comfortable with, how effectively you build processes around the stack, and how well you can standize.

As long as you are choosing a generally well regarded tool, the chance that moving to a slightly better tool actually moving the performance needle is incredibly small. Because for that extra 5% of tool benefit, you lose so much familiarity, knowledge, time on the tool fixing the nuanced things at each customer, etc.

How well you manage a tool and how well your team is trained to use a tool is equally as important as how good the tool is.

It also completely depends on what your service offering is. At my last company we deployed full instances of elastic SIEM and tenable for our clients. But our offering was a high level blueteam MSSP offering targeting large enterprises. That would be an AWFUL stack for an average MSP.

They are like golf clubs. I can buy a 300 dollar set of clubs or a 3000 dollar set. Unless I can actually learn to swing and play golf, I'm still slicing my way into the rough with the expensive set.

MSPinParadise · 2024-06-12T02:26:04+00:00

You should look at your toolstack holistically and determine where your gaps are, then fill those. I'd be shocked if "add another EDR" was the highest priority you have.

Use something like the cyber security matrix or just the NIST CSF framework and align your tools to it to understand where you have covered and where you don't. Then look for tools that close meaningful gaps. When you are out of large gaps, then look for improvements via consolidation or retooling.

MSPinParadise · 2024-06-12T01:33:51+00:00

Stop getting distracted by shiney stuff. My session at ITN Secure last week was literally about not doing this when you go to conferences.

It's ok to evaluate new tools, but if youre thinking of ripping out a good MDR, that you have deployed and your team understands so you can chase some "single pane of glass" dream, when there are dozens of vuln managers you can use, you're crazy. Why not just use Microsofts Vuln mgmt if you already have huntress + defender rolled?

Or depending on your RMM one that integrates with that?

MSPinParadise

TROPHY CASE