By Angel R. Rojas, Jr., DataCorps Technology Solutions, Inc. and ASCII Group member
In this, very competitive business landscape for MSPs it is easy to focus on getting new clients and ignore what is already present, our existing client base. With the rise of ransomware attacks and many other cyber concerns, including cloud security, taking an introspective look to growing revenue may be the very best thing a business-savvy MSP can do. After all, it is much less expensive to keep a client than it is to gain a new one. By taking a consultative approach to hardening your clientele’s cyber-posture, 10-15% revenue growth is not outside the realm of possibilities.
Here are four keys to harden your clientele:
- Decide on your baseline. Take a hard look at the threat landscape and decide what your must-haves will be. These are non-negotiable products and services that will enable your team to standardize on a set of tools to support and become deeply expert in. You might look at items such as:
- No break-fix – this leaves you with a recurring revenue focus that is more predictable to staff and leads to better customer service.
- Standard network – knowing how to properly configure one type of firewall, switch, and access point will lead to better security and service through a deeper knowledge and consistent setups. It also leads to fewer SKUs to stock, lower inventory, and the ability to provide hot spares at low cost.
- End-user training – many cyber experts argue this is the most important protection businesses can put in place. Why make it optional?
- Multifactor Authentication – adopt a policy to, “MFA all the things!” There’s no excuse not to, these days.
- Network segmentation – this is another great area to dig your heels with. If we look at the past few major breaches, network segmentation would have helped slow the spread of ransomware, limit the attack surface, and contain incidents. Insist on it!
- Identify clients below the baseline and plan to lift each of them up to your standards. In the beginning, this will involve educating them. Even though cyber security seems to be in the news daily, most business owners I’ve run into have the impression that they’re not big enough to be affected. We know that ransomware or a cyberattack can affect any business at any time. If your plan does not include educating your client base, you will face a steeper uphill battle. Understand that, for the average client, this means spending money with no perceived return. This is akin to insurance where we do not value the product we are buying until we must use it. Do not give up, be persistent, patient, and engaging!
- Meet with each client, educate them on the risks (uses the news), and present your plan to remediate. This plan may be multi-month, multi-phase, multi-year, or any other type of breakdown that is appropriate for the situation. The key here is to put it in front of each client, communicate it clearly and often, and break it into bite-sized pieces that are easier to digest and budget. This will be an iterative process as most businesses are not prepared to tackle the entirety of your baseline at once. Make it a collaborative process and you’ll earn their admiration if you do not have it already.
- Do not be afraid to ‘cut the loss’. This baseline is a non-negotiable, as we discussed in the first key. Any clients who fall below the baseline are putting you and themselves at risk but, when something happens, they will hold you responsible. I wrote an article delving deeper into this.
By examining your clients and educating them on the value of fortifying their cyber posture, you can add more to your top line while potentially saving your clients from a tremendously disruptive cyber incident.
About The Author
Angel R. Rojas, Jr. is President & CEO of DataCorps Technology Solutions, Inc and has been a member of The ASCII Group since 2017.