Manage Your Managed Service Provider

InformationWeek SMB - Nov., 2011

InformationWeek Green

Michael A. Davis

Small and midsize businesses looking to grow should focus on their strengths and delegate other tasks to those that can handle them better. IT is no different, which is why managed service providers have grown to be an almost $55 billion business in the last four years, according to research firm Visiongain. Whether you're outsourcing all IT or just the management of a mainframe application, picking the wrong provider can cost more than just money; it can slow growth. Picking the right MSP is critical.

Cost savings is a key reason SMBs outsource IT. Companies spend 80% of their IT budgets keeping the basic infrastructure running; that's dead money that doesn't contribute to growth. Most studies, including those from Dell and Gartner, estimate a 25% to 40% hard savings from outsourcing this work to an MSP, but they don't always take into account additional fees. It may cost $3,000 per month for an MSP to handle your servers and workstations, but if you want to install a new machine, that will be an extra $350. Want to install a wireless access point? That'll cost extra, too.

Most MSPs will audit your environment to learn the network and add you into their platforms. They're also looking for gaps and problems they can offer to fix. In my MSP business, the first year of a managed services agreement often has additional projects that amount to 150% of the agreement value. For some businesses, that amount can exceed the current IT budget!

When you meet with prospective providers, ask them for a breakout of project-based vs. agreement charges, and also ask for a list of additional project costs you can expect. The best MSPs will provide a list of fixed-fee additional services that lets you estimate the costs you'll incur over the next year or two.

MSPs love recurring monthly revenue, and you'll have to sign a one- or two-year contract to get their best pricing. Make sure you understand all the details. Will you need to give 30 or 60 days' notice to get out of it? What if the number of devices in your company goes up or down--how are costs recomputed? Get each clause explained or have an attorney review the contract.

Opt for a short-term contract when working with a new MSP. You can always extend it and get the discount pricing, but until you have vetted its technical team, don't commit.

What Are You Getting?

Just how deep is the technical team's skill set? Many MSPs give you access to low-level and highly skilled engineers as part of the fixed fee. This access may seem like a great resource, but make sure you analyze how deep the team's skills really are. Meet with some of the engineers and ask references how many times senior engineers get involved with problems. Many MSPs use their senior engineers for project work and rarely make them available for emergencies.

Check how the MSP runs its help desk and other 24/7 services. Does it use multiple shifts? Does it have an on-call system? Does it provide an escalation process?

The last point to assess is engineer turnover. Being a junior-level engineer on a help desk isn't glamorous, and many MSPs have a hard time holding on to them. Ask about the tenure of the junior engineers you'll be working with and make sure the MSP doesn't have high turnover.

One benefit of an MSP is the processes it uses to manage your environment. But engineers can cut corners and not follow processes in order to cut the cost of working on your account. To make sure that doesn't happen, find out how the vendor will prove to you that it's meeting performance goals. Will it give you access to the raw ticket data? Provide time sheets and other information on completion times and how long a ticket is open?

Get a monthly report on not just what the vendor did, but also on how well it met the service-level agreement. If the MSP can't easily provide this, walk away as it's most likely an hourly-fee company masquerading as an MSP.

Security is another area to look at carefully. Attackers are going after SMBs more than ever. When looking at MSPs, see if any of their engineers have security certifications. Also check whether they manage security devices such as firewall, content filtering, and spam filtering as part of their service, and whether they offer an outsourced compliance service that includes quarterly vulnerability scans and policy review.

Not all companies need to outsource security to an MSP. It depends on your size and regulatory requirements, but you must keep your data safe and secure if a disaster occurs. If you elect to off-load any data to the MSP as part of a backup and recovery solution, make sure it has the infrastructure to handle a disaster. Smaller MSPs will fudge their capabilities or simply resell another company's services. It's OK if they resell as long as your data is safe.

Bottom Line

Once you think that outsourcing IT to an MSP is going to free you to do more strategic work, ask the final question: Will it?

Some MSPs require that all communication to them go through a single point of contact at your company (which will probably be you), while others will let any employee call the help desk and get service. If you don't want to have to run interference between a secretary with an email issue and the MSP, make sure the outsourcer can work directly with employees.

Some MSPs have the account manager provide planning services as part of the fixed fee. Others have a virtual CIO--a senior engineer with some business sense--for each client. Make sure you meet with that person before you sign the MSP. Clients often assume that person will be a great strategic thinker who knows their business, only to find out the person knows nothing about business or business processes.

SMBs are seeing managed services as a low-risk, economical way to maintain a strong IT position without the expense of building and owning a complete IT infrastructure. But hitching your IT wagon to the wrong MSP can set your company back, and replacing a failed relationship can cost a lot of money and time.

A failed MSP partnership affects IT from the top down. IT managers have lost responsibility and even been fired for hiring the wrong company. Nothing is worse for a business than having employees unable to do their work because the IT company hasn't address their problem yet.