This article is the first in a 3-part series: See it > Solve it > Share it
In October, SkyKick held an event on Intelligent Customer Protection. We spoke with partners all around the world about the the next evolution of cyber security.
We discussed with our panel of partners how the best practices of security management can be summarized as: “See it, Solve it, Share it.” In this blog, we focus on the first pillar of Intelligent Customer Protection: “See it.”
The MSP Opportunity: What do Customers Need?
Cloud security may not be a new concept to the MSP industry, but the demand for security and the challenges in providing it continue to grow. So, the future of MSP profitability relies on running a comprehensive security practice with consistency, efficiency, and reliability to meet customers’ needs.
Studies have shown historic interest by companies around the world in their security posture. 88% of businesses view security as a top priority, and 42% will invest more in cyber security. This means that by the year 2027, this represents a $360 billion channel opportunity.
And if every Microsoft partner in the world split this profit opportunity equally, it would equal $4 million annually.
“Solving” issues and vulnerabilities is what most customers believe MSP’s are here for, but there is so much more. A healthy tenant is a quiet tenant, but customer satisfaction relies on “sharing” the work you’ve done to deliver the value of continual non-events.
The leading MSP’s will sell customers on peace of mind that you are continually monitoring their environment. That you are all-seeing; you’re always seeing potential incidents, seeing vulnerabilities, and seeing opportunities to fortify their security posture.
But how do we “See it” all?
The Challenges of “See it” in Cyber-Security
At SkyKick, we are passionate about engaging with our partners on understanding the modern MSP challenges. You are the heroes of the industry, and for the last decade, you’ve shared the difficulties of continual monitoring of a customer’s environment.
There have emerged a multitude of security services which an MSP must know and access to monitoring the security of a tenant: The MS Partner Portal, Intune, Azure AD (EntraID), PowerShell consoles, M365 Admin Panels, and more…
To access these daily is just one of the challenges with “Seeing it” all. Not only is this time-consuming, but it also often requires the expertise of someone with training in all these areas, making the daily exercise even more tedious and costly for your organization.
Accessing these individual systems for each customer is not only time-consuming, but it also requires someone remembering to do so; to having a flawless SOP in place with no margin of error. These tools are often lacking in push notifications and vary on the ability to set thresholds and customizations for any such notifications available. And standardizing on those criteria of what to watch for can itself be a costly managerial effort to establish and uphold across your team.
Additionally, to proactively monitor these systems with reliability, you need multiple team members with access to these systems, which in and of itself can pose security risks that a customer might find difficult to compensate you for. Either your employees will need to share credentials to some or all of these systems, or you’ll need to create multiple admin accounts, which is against the ‘admin proliferation’ best practice of having under 5 admins. And with many hands in these accounts, the concern about manual errors can often be top of mind for a security-minded customer.
Customers are more savvy than ever about cyber security. While this generates interest for MSP’s, it also means customers can be skeptical about the feasibility of your providing them this VIP treatment of proactively monitoring their tenant.
So either the MSP absorbs a lot of internal cost striving to deliver this proactive security promise, or the customer won’t view your rates as competitive.
Thus, the $4 million opportunity at MSPs’ fingertips is indeed quite the revenue opportunity.
But how do we land those customers at an affordable price, all while managing the internal cost of delivering on our security promises?
“See it” All with Security Manager Reports & Dashboards
“See it” is the foundation of cyber security, allowing you to proactively monitor all of your customers’ cloud environments in a systematized, efficient, and reliable way.
At its core, Security Manager is a single pane of glass to see all of the security-related areas of your customers’ M365 environments and all related security baselines. It provides intelligent insights for your team through 5 interactive dashboards and dozens of out-of-the-box reports.
The 5 dashboards serve the purpose of allowing your team to quickly flip through the status of one or all of your customers at once on a regular basis. All in 1 place, without the need to log in to multiple systems and customers, you can monitor the following:
- Secure Scores – See recent changes within all or each of your customers’ present and historical scores, based on each customer’s potential secure score (varies)
- Alerts & Risky Users – MS Alerts as well as additional specifics of the highest vulnerabilities among end users based on industry best practices
- Access Management – Status of MFA, Conditional Access Policies, and other authentication methods based on M365 licenses and other factors
- Analyze Risk – Trends and new changes, qual and quant, for potential risks such as newly added admins, mail forwarding rules, and recent login activity
- Customer Review – A double-click on a single customer, including MS Alerts, Risky Users, and recommended actions to take (and solution linking to do so).
The above dashboards can all be downloaded in multiple formats, and were designed with feedback from industry leaders on the most efficient way to have a 360-degree view of all of your customers in one place. This provides a standardized way for your team to proactively monitor your customers’ tenants.
Reports are the other major component of “See it.” The dozens of reports available serve many purposes, but one thing they particularly solve for addresses the challenges above: They serve as a failsafe push notification, so as your team focuses on different tasks throughout the day, you know that the system will notify you reliably.
And in addition to the out-of-the-box reports, you always have the ability to customize or create your own, and mark certain reports as favorite so the ones you run manually the most are top-of-view. And each report provides an area for notes, which for default reports, contain a wealth of information, best practices, and other information to keep your team standardized on best practices.
Reports allow you to be automatically sent valuable proactive information such as:
- Under-utilized M365 Licenses – View security vulnerabilities by user based on the settings they’re paying for which have not yet been set up
- M365 license expiration dates – Never let a license expire again, and be reminded of opportunities to have a consultation with your customer
- Security Action by End-User impact – Generate a list of the actions you can perform that end users will or won’t notice
- Custom – In addition to above, you can modify and create your own reports
- Downloadable – HTML, Excel, and PowerPoint allow you to pivot data your way or present to your customer with one-click
- Schedule – Heartbeat automated reports to any number of email addresses, including your ticketing system, so Security Manager can even beat your customer to opening a ticket
Many refer to this as “Security Radar”, because it’s similar to how air traffic control has a screen to monitor all the activity in the sky.
We hope you see the value of “See it”, and how Security Manager has been allowing partners to deliver this experience to their customers.
Our goal together is to deliver Intelligent Customer Protection, and we are continuing to work with partners like you to make sure you have the best tools to deliver top-tier security management to customers.
Watch the full October Event on Intelligent Customer Protection
Resources
- US SBA
- McKinsey & Co
- Canalys Consulting, Jay McBain
- Calculated over 90K MS Cloud Partners