Virtual Panel: IT Best Practices

Our panel addresses managed IT missteps, acquisitions, hiring and retention, and cybersecurity.

Clockwise above from top left: Juleen Bixler, Julie Branc, Melissa Confalone, Patrick Layton, Anthony Sci, John Schweizer, Greg VanDeWalker

Whenever thought leaders discuss diversification, managed IT comes up as an area of opportunity that offers a lot of promise, albeit with a lot of risk. Just ask those dealers who have entered the space, then pulled out after realizing they were in over their heads. Some rebooted, started over and achieved success. To better understand the risks and rewards, we gathered a distinguished group of panelists with distinct knowledge of the IT services space. They responded to questions about the most common mistakes dealers make when launching a managed IT business, how to pinpoint a relevant acquisition target, hiring and retention, and whether cybersecurity is a must-have managed IT offering. Additional responses to questions related to traits common to dealers who successfully offer managed IT and new areas of opportunity in managed IT can be found online at www.thecannatareport.com.

Our panelists include Juleen Bixler, senior director of operations, Fraser Advanced Information Systems; Julie Branc, vice president, product portfolio and customer experience, All Covered, IT Services Division of Konica Minolta; Melissa Confalone, vice president of sales, Fraser Advanced Information Systems; Patrick Layton, vice president, managed IT services, Impact Networking; Anthony Sci, president and CEO, Keypoint Intelligence; John Schweizer, vice president of channel sales, ConnectWise; Greg VanDeWalker, senior vice president, IT channel and services, GreatAmerica Financial Services and Collabrance LLC.

CR: What are the most common mistakes dealers make when launching a managed IT business?

Branc: Not having capable technical resources. The support of a managed IT services program requires working knowledge of multicloud deployments, such as public cloud, private cloud, and hybrid implementations, as well as working knowledge of remote worker requirements and integrated platforms such as Microsoft 365 and Google Workspaces and traditional on-premise network infrastructure (A+/Net+ minimum recommended certification). This is especially challenging with the lack of IT talent in the market, so partnering with an MSP to offer managed IT services is often the best route.

I’d also add not having the right resources to sell the services. The managed IT services sales cycle is different than most. It is a holistic “value-based” driven sale. Having a subject matter expert (SME) and sales role combined requires a specific skill set, as well as a higher-level of knowledge about technology’s role in operating a business. Sales enablement and development also need to be defined and managed by the dealer on a continual basis. This includes sales training, technical competency mapping, and a marketing strategy to attract new clients.

Confalone: Launching a managed IT business is not the same as having a copier/print business. Assuming you can use the same models to run both companies will lead to issues. There are so many managed IT tools on the market, so you must do your research and find the tools that will help you provide the best services to your clients at a price that meets your bottom line and their needs. You need to ensure you have clear documentation of processes and procedures in place and hire experienced staff in managed IT services. Finally, you can’t trust that your current copier account executives will automatically begin selling managed IT without a lot of well-thought-out training and a plan of attack in place on who your target customer is.

Layton: The biggest mistake is trying to do too much at once and wanting to sell the clients before having a real program. You need your core partnerships in place and your RMM (remote monitoring management). You need to know your business value proposition and how it aligns with the way you’re delivering the service. It’s not having solid standard operating procedures for some of the basics, like how you’re going to monitor somebody’s network, how you’re going to onboard them, how you’re going to validate what you’re doing for them, and what your billing model looks like. Is it fixed or are you billing for monitoring and then billing for time and materials?

On the sales side, it’s defining your ideal client profile and how you are attacking them. If it’s a super small business, maybe you’re going to be everything to them, but you also have a lot of education to get them to understand that technology has value and is not just an expense. When you get into the medium-business space, you’re probably not going to be everything to them. They probably have some form of IT. So, how do you co-manage IT, how do you draw the boundaries, and how do you make sure that you’re providing the service you’re supposed to but not doing what you’re not getting paid for?

Sci: I believe dealers think that it will automatically solve their recurring revenue issues. It is a long process, first deciding whether you should do it in-house or outsource. Outsourcing is a choice that mitigates some of the investment risks for a dealership.

Schweizer: The most common mistakes are investment, commitment, and destination. A dealer needs to treat this like its own business entity with its own financial statement and its own goals. Start with the destination in mind. We would suggest taking an approach that the MSP business will create X-amount of MRR, therefore adding accretive value to my business of Y. The dealer needs to invest. Think of it in terms of adding an additional copier line. It is that type of investment. Finally, commitment— from the top down, you need to plan, encourage, celebrate success, and adjust as you make your journey. Our product-agnostic group, IT Nation Evolve, was built to help make MSPs better. They can help with the roadmap.

VanDeWalker: When you launch anything new, it needs to be treated as a start-up business. Starting a managed IT business requires organized effort and the right resources to be successful. Some important components include:

• Business Plan
• Budget
• Resources
• Buy/Build/Partner Evaluation
• Leadership
• Vision

I see many copier dealers who fail at IT because they took a “let’s try it” approach instead of implementing a true strategic roadmap.

CR: For dealers interested in growing their managed IT operations through acquisition, what criteria should they use to evaluate a potential acquisition target?

Bixler: When looking at acquisitions, you want to ensure that the company you’d be acquiring has a similar business plan as yours and that your technology stacks and services offered are compatible. Review the company’s current client base to ensure they are the type and size of client that will fit into your current offering. Make sure you have qualified staff who can handle the additional client support that will come along with the acquisition and provide opportunities for training and development for your employees to take the extra work.

Confalone: If you are a copier dealer looking to acquire a managed IT services business, look for opportunities to grow within their customer base with services you already sell, such as copiers, printers, and managed print.

Layton: If you’re a true managed service provider trying to buy a small MSP, it’s very hard to make that profitable and make it work. You have culture clash, you have value proposition clash, you probably have contractual differences. It’s a different mind focus on how the program works. And then, what are the core values around that? It’s tough to do acquisitions. For dealers that are starting out, that’s a rough road. I would strongly encourage people to invest in starting small and growing a team that understands your business versus trying to buy one and incorporate it, because you don’t know the space that you’re getting into and now you’re buying a company that’s used to operating the way they operate. You’re going to try to have influence, and that’s tough.

Sci: Culture and acquiring the people are the key to a successful acquisition. Usually, IT companies do not have a lot of clients, so the ownership team’s intellectual property is very important.

Schweizer: There are a host of measures similar to what you are accustomed to in the traditional business. You look at revenue/endpoint and client, gross profit, EBITDA (earnings before interest, taxes, depreciation, and amortization), and the customary measures. Places to pay close attention are cultural fit and contract type, and that revenues and profits are not highly dependent on just a few clients. Last word on this topic: Do not buy a fixer-upper. You probably don’t have the expertise to fix it.

VanDeWalker: Copier dealers who are new to IT and just starting down this path should only buy a high- performing, high OML company [Editor’s Note: This stands for Operational Maturity Level, a term coined by Service Leadership]. More copier-dealer owners are looking to buy knowledge and avoid acquiring a poor performing, low OML IT company, as they acknowledge they don’t have the expertise needed to mature effectively. They will pay more because multiples are at peak levels now, but it is the best way to ensure success as opposed to buying a fixer-upper. That’s not to say I haven’t seen copier companies with solid IT practices in place successfully buying and growing fixer-uppers.

CR: Retaining IT talent is a huge problem for many dealers. Other than compensation, what are the primary reasons IT personnel are so difficult to retain?

Bixler: Engineers in the MSP arena are clearly in demand. They have a very broad yet deep knowledge of IT, making them incredibly marketable on the employment market. Engineers are not service technicians, and dealers need to ensure that the career path, job description, and compensation do not mirror that. IT staff want to do more than “close tickets.” They want to be valued members of an innovative team that allows for collaboration and new ideas. They want opportunities to continuously grow in their role, gain new certifications and skills and be upwardly mobile in your company. Without those things, they will quickly be poached by other companies who can offer what they are looking for.

Layton: The current global landscape is a big part of it. You have baby boomers retiring, you have the great recession. Companies that don’t do a good job of having other things besides salary tend to lose people. Our focus is on employee retention, and we still lose people over, “Hey, I just got this offer that’s better than you’re paying me.” And you want to match it, but what I’ve been seeing is the skill sets don’t match the pay because people are desperate so they’re willing to pay more. I don’t think it’s a good way to operate, to be held hostage by employees. The pendulum is going to shift at some point. People that have the “grass is greener” mentality and leave for those small little bumps, maybe they haven’t been around the block enough times. It’s a hard thing to combat. In some cases, they get an opportunity and if it’s the right thing for them, and I encourage them to go. I want people that are passionate about what we’re doing. We have 10 full-time recruiters, and we still struggle to maintain adequate staffing.

Sci: Plain and simple, there are more jobs than people. They have a choice of where they want to work. Also, IT is a broad term, so they might like one area better then another.

Schweizer: This is a tough one, there is such a shortage of qualified personnel—the higher skilled, the greater the shortage, and they write their own ticket on compensation in current times. One thought I would share is partner. Find a Master MSSP of scale that you can lean on for technical support. While these Master MSSP’s face the same hiring challenges, their career trajectory and ability to learn is greater and thus more attractive to the available talent. To keep and attract talent, I fall back to commitment and celebration. Is the leadership of the company showing their commitment to build a thriving IT business where the personnel can grow and by all means be celebrated? Acquiring an MSP client is like placing 30 or more copiers in the field. You celebrate that, don’t you?

VanDeWalker: IT professionals want to know they can grow and learn. You need to have a clear development path to help a tech continually learn new things to expand their skill set. Once they feel their opportunity to grow and develop at your company has peaked, they will begin to look elsewhere. Be sure to have an open dialogue with your employees about their career opportunities within your organization. PathShare HR Services, a division of GreatAmerica, promotes Stay Interviews with current employees to encourage them to reveal what is important to them and why they stay. Finally, some IT talent seeks work in a specialized niche of IT such as cybersecurity. Their career focus is getting into a company or a specific role that allows them to work in that niche all day, every day.

CR: Cybersecurity receives a lot of coverage as a managed IT offering. What are the biggest concerns you’ve heard from dealers about offering cybersecurity, and why or why not is this a must-have for any dealer offering managed IT?

Branc: Security is really still an immature industry. Companies are still reluctant to make the investment in security for their business and really need to be convinced, many maintaining the “if it’s not broken, don’t fix it” mentality. Dealers experience this pushback on spending for cybersecurity until an organization gets hit with a ransomware incident, then they are ready to make the investment.

There is also the issue of risk liability. Security is a great revenue opportunity, but you need to mitigate risk in the contract, and that impacts how customers do business with you. You need to do business, but can’t accept liability. Some customers ask for unlimited liability, and dealers need to know how to manage risks around contracts with these clients.

Confalone: One of the most common reasons a business will contact a managed IT services provider is a cybersecurity issue. Companies with in-house IT departments utilize a managed IT services provider for cybersecurity. The cybersecurity landscape is constantly changing and evolving, and in-house IT departments may not have the time or resources to stay as updated as a managed IT services group on those changes. Also, a rock-solid cybersecurity policy is critical to every business. The biggest concerns naturally lie in the liability issue. No cybersecurity stack is 100% impenetrable, and knowing what responsibility lies with you as the provider when a client has a cybersecurity incident is critical. You also want to be sure that you’re working with clients that take cybersecurity seriously and hold a cyber liability insurance policy.

Layton: This is a subject that’s near and dear to me because we just spun off another company called DOT Security, which is a managed cybersecurity practice. The reason we did that was my managed IT team had a security-first approach. If I did an assessment for your business, and I came back and said, “Hey, this is what it looks like. And it’s $10,000 a month.” And you said, “Well, Patrick, I love all of that, but I need you to get to $8,000 a month. Why don’t we get rid of this thing and get rid of that spam filter so we can get close to the price.” I would argue if I did that, your price is actually going to go up, not down, because I’m going to touch your network more. That’s where it started. The way we separate the two, the managed IT or MSP [group] supports, modifies, and monitors for operational issues. DOT Security provides tools and services to protect and defend, as well as consulting services. It’s not the same skillset. I would argue with companies that say, “Hey, system admin, now you’re my security guy.” That’s a huge mistake because it’s a different skill set. They’re related, but it’s very different. Operationally, in the world today, we’re already at the point where every MSP should be monitoring services from a security standpoint. They should be offering vulnerability and a bunch of other things. The problem is the education to the mid-market hasn’t happened yet to get them to separate budgets and be able to afford to do all that. We talk about operational maturity before cybersecurity. In the next two to three years, if you’re an MSP that doesn’t have a partner that can do this for you and for your clients, or you haven’t built out the capabilities yourself, you won’t survive because the world’s getting to the point where it’s going to be standard practice to offer all these advanced security measures, or you won’t be able to operate.

Sci: It is a must-have or starting point, but this must include an SOC (Security Operations Center). It is vital in today’s environment.

Schweizer: Advanced cybersecurity is now required for any serious company offering MSP services. The conversation circles around risk in an abundance of categories. If you are the MSP provider, the client thinks you are protecting them, even if you or their current provider is not. From the dealer’s perspective, if you touch the network, even with an MFP you introduce risk. The end-user is now facing requirements from their insurance carrier to protect themselves against cyber risk. The end-user, even if their data isn’t inherently valuable, is at risk due to compliance issues and business continuity. It is tough to run your business, for even a day, if your IT infrastructure is down and a cyberattack will take it down. Just to pile on, a bad actor might penetrate you and then get to your clients through your network. We spend hours, days, and weeks coaching on cyber hygiene. On this topic, if you are a partner or not, you should take our security IT Nation Certify course. It’s free. Over 10,000 people have taken it. You’ll be scared, but you’ll be better off when you are done.

VanDeWalker: One big challenge is ensuring your cybersecurity offering is robust enough to contend with your MSP competitors. It is important for dealers to remember they don’t need to build out their offerings alone. In fact, virtually every MSP partners with many different companies to provide the proper suite. Another challenge in cybersecurity is how rapidly it evolves with respect to how it is sold. Do you require cyber insurance? Do you also sell physical security? There are many considerations to make, and dealers need to have a clear plan on what they sell and whom they sell to and stick to it religiously.

Access Related Content

To become a subscriber, visit www.thecannatareport.com/register or contact cjcannata@cannatareport.com directly. Bulk subscription rates are also available.