Managed services are seen as a cost-effective way to keep pace with rapid technological change and maintain a competitive edge. The best MSPs offer a range of digital and IT skill sets, flexible, scalable service models and proactive maintenance.
Many SMEs rely on managed services for day-to-day operations and business continuity, and allow third party suppliers widespread access to their networks, infrastructure and their customer data. This means it is increasingly important that SMEs are working with service providers who can provide adequate service levels and security.
The UK government identified MSPs as essential digital suppliers that pose a disproportionate risk to the security and resilience of businesses. The National Cyber Security Centre reported MSPs are increasingly the target of sophisticated cyber attacks. By compromising one MSP, criminals can gain access to their network of customers.
Key questions to ask the business:
- Do IT suppliers have the right capabilities to meet business requirements?
- Are IT vendors adequately managed, with the right contractual protections?
- Are you getting the level of service your business deserves from your suppliers?
- Are cyber security and disaster recovery risks from your suppliers adequately managed?
What does this often look like in average SMEs?
In our experience the quality of MSPs is highly variable, meaning SMEs should take steps to ensure they have a service provider that can meet their needs and not hold their business back.
Unfortunately there is often an ‘us and them’ mentality instead of a partnership approach when it comes to suppliers. IT service providers may struggle to explain things in a language everyone can understand and have little proactive engagement with the business and its future plans. The business may not play their part in constructively engaging with the suppliers, holding them to account and giving them feedback on what is and isn’t going well, or informing them of upcoming changes and new requirements in a timely fashion.
Vendors are not always proactively managed, Service Level Agreements (SLAs) and vendor contracts may be in place but not aligned to the current needs of the business.
What does good look like?
It is critical for SMEs to understand their responsibilities when it comes to vendor management. Even on a cloud platform, data, devices, accounts and identities are the responsibility of the business, not the supplier. The managed IT service provider should hold quarterly management review meetings and produce monthly reports for backups, threat management and Service Level Agreement (SLA) ticketing.
The SME needs to review the reports to ensure the MSP is keeping up with their obligations and that those obligations continue to meet the business needs.
IT support is proactive in identifying risks before they become issues. In the most mature SMEs, suppliers have a holistic understanding of the client’s business strategy and growth plan, and use their knowledge of technology to help innovate their business model and disrupt their markets. They are seen as part of the core team delivering complex projects that drive business growth.
Good vendor management sees monthly performance reviews and reports on SLAs, regular contract reviews, benchmarking and financial risk assessments
*https://global.hitachi-solutions.com/blog/benefits-of-managed-services
An SME business that needs strategic leadership can leverage the experience of a fractional IT Director to review the company's capabilities against the digital and IT maturity framework to understand the key gaps. A fractional IT Director can identify when your managed service provider is not meeting the needs of the business and can help with the spec and select process of finding a more suitable one for your evolving needs. It's vital to have a managed service provider that meets the demanding digital transformation needs of a rapidly growing business.
Jason Lock, Infrastructure Architect, FluidIT Consulting