If you have been involved in the small business market in any way over the past decade, you’ve heard increasingly more about Managed Services and its importance in the marketplace with regard to IT.
Traditionally, network equipment has been treated much like a car that’s out of warranty: You hope it keeps doing its job, and pray that some catastrophe isn’t lurking around the corner that’s going to cost a bucket-load of cash. However, treating your IT environment in this manner can have far more dire consequences.
In answer to the growing question of how to better protect small businesses, the idea of Managed Services began to form. To get a better idea about Managed Services and the changing landscape of IT management, I spoke to Dan Bardin, CEO of Tech II Business Services in Saratoga Springs, NY.
SG: Traditionally, IT has been serviced using a Break/Fix model. In practical terms, what does this mean?
The Break/Fix model is very much a reactive arrangement between the customer and the service provider. In this traditional model, the customer has technology, and when it breaks, they make a phone call and the provider comes and fixes it. Things only get done when the customer initiates the service. “There’s fire coming out of the side of my box; can you come over here and take care of it?”
New technology delivery is generally only prompted by an “event.” An event could be that a system broke down, a workstation stopped functioning, they need to roll out new technology which requires more horsepower, there’s an operating system phase out, and so on.
From a business perspective, if it’s going to cost half as much or more to fix or upgrade the existing system, industry professionals recommend that you replace it. So in the Break/Fix world, an impending event would require that you say, “We need a new server because we want to run new software,” “We’ve got a new application we want to roll out,” or “We have to update these workstations.” They call us. We perform the work, and we’re out. Often in the Break/Fix model, we don’t talk to the customer again until the next event (which is, of course, part of the problem).
SG: What are some of the disadvantages to the Break/Fix Model for the customer?
The main disadvantage of the Break/Fix model is that service delivery is reactive compared to proactive. This means that when we’re called, more often than not, there’s already a production issue. Someone can’t work. I’ll use a small business with 20 users, as an example. There is one server. If that server goes offline, there are 20 people that can’t work. Worse yet, if they aren’t on a managed backup plan, they have the further risk that their backups aren’t even going to work. What is the cost per hour of that outage and the time to recover to the business? Only they can determine that.
In that reactive mode, you aren’t aggressively servicing the equipment to prevent an outage. That’s the primary issue. From a service provider’s standpoint, we’re pulling senior staff – our largest capital outlay – off of other jobs to go put out a fire. In this scenario, even though it’s not our fault, the customer isn’t happy. They’re not happy about the situation, they’re not happy that they had to call us, and they’re not happy that we’re there. The client is in pain.
Additionally, when you’re in a reactive mode, you do not tend to plan and stick with Refresh Schedules. Rather than staying on top of updating your technology, it all comes in one fell swoop. When you have to replace a lot of your systems – rather than being a slower, calculated, thought-out process of upgrading along the way – you get hit with a huge price tag, and probably a production outage. If you don’t have systems that function well, then you are hindering your employees’ performance, and they are your most expensive resource. What I see happening in our industry is that our valued clients- our quality clients- get that. They cannot be messing around with technology, so they need an outfit that’s going to aggressively service them – which is exactly what we do.
SG: Since there are obviously issues with the Break/Fix service model that need to be addressed, what is the alternative?
The alternative to Break/Fix is what we refer to as Managed Services. The primary difference between the two is that you move from a reactive mode into a proactive mode. Tech II has a software suite that we deploy in the customer’s environment and we monitor the health of their systems. We evaluate and give reports as part of the monthly service.
Most issues in our industry are not hardware related – they are software related. Now, more than ever, they are related to threats that the systems face. What we do is we take a proactive, very aggressive stance on preventing outages by policing these systems. We have folks here that work full-time solely on specific areas of threat mitigation, or what was once referred to as Antivirus – renamed, as it’s much more than just antivirus now.
One of the trends you’ll see is that traditional Break/Fix providers are going away because they just cannot keep up with the challenges of the field. It’s not a profitable business model, and it’s the wrong solution for small business. Cryptolocker (a ransomware) is a perfect example of the threats that our customers face, and a testament to the logic of Managed Services.
Cryptolocker, or its ilk, sometimes gets through to these environments because they aren’t updating antivirus or aren’t using other types of threat mitigation, like anti-SPAM. I was looking at some statistics on Tech II’s anti-SPAM software that we provide to our Managed Service customers and I saw an amazing statistic. In one week, we processed nearly 200,000 emails. Over 75% of that mail was stopped by our system! There were many reasons those weren’t delivered. Some wouldn’t harm the system. In fact, a large percentage were just SPAM, but thousands of emails had known viruses – known malicious software – within them. In a Managed Services model, we provide protection before the email gets to the desktop.
Even when you have the very best software that the industry has available in place, new variants of malicious software sometimes get through. When customers are in a Break/Fix mode, we have no control over their backup systems. When we do a restoration, we often find that the threat existed for many days before the customer even knew about it. We may have to go to a successful backup job that was created many days prior and restore the environment. Some of the questions we ask when building a backup strategy include: What is the age of files that must be recovered from backup for normal operations to resume if a computer, system, or network goes down (RPO – Recovery Point Objective)? What is the duration of time within which the business must be restored after a disaster (RTO – Recovery Time Objective)?
SG: For the customer, what are the direct benefits of the Managed Services model?
The short answer is the very slogan we’ve instituted – you’ll see it on all of our shirts, signatures, vehicles, and other marketing: Simplify your technology. We help our clients simplify their technology via the MSP model. We give them confidence that they’re aligned with a partner who’s taking care of their systems so they can focus on their business.
From an IT perspective, one of the direct benefits is what I refer to as coming home to a clean house. It’s something that’s easy to under-appreciate. One of the challenges we faced was finding the happy medium between being too aggressive with reports and information on how we’re taking care of your environment, and not presenting that data at all. Over the last ten years that we’ve been in the MSP business, our reports and our renewal process have evolved significantly. They’ve gone from being way too extensive, to not enough, to what we think is just right.
So how is this a direct benefit? We’re aggressively on top of what our customers need to do and we’re communicating that to them on a regular basis. Ideally, the customer will not incur a production outage, and their employees will have high performing environments, but if they’re not, we’re on top of why and we’re giving them options. We’re their IT department. We’re maintaining updates and patches. We’re watching over things, and we’re giving the required updates to ensure that they understand what needs to be done to keep their environment running smoothly.
Another benefit is budgeting. When you’re in Break/Fix mode, it’s nearly impossible to budget because you’re constantly in crisis. You don’t replace a server until it blows up, and then you’re paying a premium. You’ve got engineers you’re paying emergency service fees. They have to source whatever gear they can get in. You’re paying for expedited shipping. You always pay a premium when you’re in a reactive mode.
A third direct benefit is having confidence that you have someone there to support you. In a Managed Services model, you have SLAs – Service Level Agreements. If you’re in Break/Fix mode, who are you going to call? The college kid that works on your systems – is he available? Is your IT information documented? How do you know your backups are good? Where are your backups? Where is your software for your server? Managed Service Providers have clearly written SLAs and, at a minimum, they educate you as to what you should be doing. Even if you decide not to do it, at least you know what the Best Practice is.
Not only does an MSP take ownership for your backups and actively manage them, verifying that the backup process is, indeed, taking place, but they’re also verifying the integrity of the server image through extraction testing. A large percentage of small businesses have never gone through extraction testing – which tests recovery of the server – because they don’t have the hardware, but Tech II is able to do it in the cloud. We spin up the customer’s server, and let them login and see that it’s there. Regardless of what issues they have going on in their environment, they know their data is retrievable.
SG: What are some of the advantages of the Managed Services model for the service provider?
Managed Services puts us in the best position, first to prevent technical problems, and second, to deal with whatever the customer’s crisis is if issues do occur. You know you have the data, and if you have the data, you can recover from anything. That’s why our mantra is RaaS first (Recovery as a Service), and then everything else after. If a business doesn’t want to heed our recommendations, then we’re not going to play, because we’re increasing our own liability and jeopardizing our own reputation. The third party will hear, “Tech II is doing my IT and they couldn’t recover my server.” They aren’t going to hear how Tech II recommended that they upgrade the system that’s out of warranty, that they needed to get a different backup solution online, and that they needed to get off-site backups ASAP.
Managed Services is a healthier, forecastable model as far as income and workload. There was a time when Break/Fix worked because it was a relatively narrow playing field as far as the number of manufacturers and operating systems. There was no such thing as SPAM. In the Break/Fix model, the variables are unmanageable now. So, by adapting to a model like this, we’re able to control that playing field, setting the best practices, and defining the systems we’ll support. We can become experts at those systems, and we can have confidence in delivery of our services to our customers. They know we’re taking care of them, and even when there is a crisis, we no longer have to “hope” equipment is backed up.
SG: Since Managed Services seems to be the future of the industry, what do you see happening to current Break/Fix customers?
One of two things: For Tech II, 2015 was the stepping away with regard to marketing and selling Break/Fix IT. Other businesses like us are also doing this because of all the challenges that we described above. Customers are having fewer and fewer options for Break/Fix providers. There are smaller providers and there always will be. Smaller businesses will continue to be able to find those folks, but as far as legitimate technology providers that are meeting compliancy standards and are meeting Best Practices from the giants in our industry, there are fewer and fewer of those players because it’s not a model that’s healthy.
They’re either going stay with a Break/Fix provider – someone who is doing the service for what the client perceives is less dollars, but which is really only a perception because their real cost is when they have a crisis and they can’t recover – or they will move to Managed Services. For many businesses, the cost of those crises outweigh the cost of the programs we offer, by far. When a customer has a week or two weeks of outage, they lose their biggest customers and their folks can’t work. Suddenly, that fee for the MSP – it all makes sense. Unfortunately, only at that point will they begin to see the true value of Managed Services.
SG: What are your recommendations to customers that are still operating under the Break/Fix Model?
My recommendation is that they educate themselves on where the industry is at present and why. If you’re going to risk being in a Break/Fix mode, understand what that risk is and at least have a fallback plan. At a minimum, get a backup of your systems. Having the insurance policy in place so you can recover from a disaster is the single most important thing that a Break/Fix customer should do.
Ensure that you are contracting your backups with a reputable company that’s on standby – preferably a local firm. You’ll want to research the options. We recently posted a white paper, Successfully Choosing an IT/MSP Service Provider, to help folks evaluate IT/MSP providers. It can be downloaded by going to our Resource Library (register for free access). Most importantly, verify that they meet any required regulatory compliance, and carry certifications that are appropriate for your environment. Another item we see overlooked is basic confirmation that IT/MSP insurances are in place, with Errors and Omissions being the big one.
Going to a wholesaler for offsite backups is dangerous for small businesses because oftentimes you’re not getting experts that understand how to spin up your environment in the event of a failure. Sure, they can ship you the data on a drive, but you still have to get it back online. A few simple, yet important, DR questions you should be able to answer are: How will you get your data in the event of a failure, what will you do when you get it, and who’s actually going to bring things back online? Furthermore, only trust these plans when they’re formalized, tested and can be consistently proven.
If you decide to adopt Managed Services – great. You’ll do it when it makes sense for you. But at a minimum, you’ll know that at any time you can. You don’t want to be in a position where you don’t have that option because you’ve lost all your equipment and data in a disaster.
For more information on the many services we have available to help your business, visit us online, or give us a call at (518) 587-1565 and simplify your technology.