As the progress of technology marches on, managed IT services providers are tasked with staying ahead of the curve and meeting changes as they come. As part of this continual adaptation, new services and solutions are changing the fundamental purpose of MSPs, challenging the industry to evolve yet again.
For a long time, managed services was synonymous with remote monitoring and management (RMM). It was the core of the MSP business; a fulcrum that the technology and services stack was balanced upon. But those days are long gone. RMM remains an integral technology, but now one of many core solutions that are considered “standard” to the modern MSP value proposition. Today, the core of MSP packages comprises a full suite of RMM technology, backup and disaster recovery (BDR) options and modern cyber security solutions—coupled with the expertise of behind-the-scenes, integrated NOC and SOC teams and complemented by client-facing Help Desk services.
If it sounds complex, that’s because it is. Managed IT services has never been more comprehensive, specialized and intensive; and that’s because small- and medium-sized businesses (SMBs) are increasingly dependent on technology to power their sales pipeline and run their operations. And, as this technological dependence increases, the risk of exposure to breaches and cyber attacks also increases concurrently, in addition to the devastation of a data loss event, natural disaster or physical damage to onsite hardware. Therefore, due to these dynamics, the MSP is positioned as a crucial component of SMB success, with a responsibility to keep their clients online, safe from cyber threats and secure from data loss.
But this escalation from cloud-based RMM providers into a full IT services, technology management and vCIO consultant didn’t happen overnight. Let’s track the evolution of the managed IT services provider to see where and how these advancements arose.
The Advent of RMM Software
At the beginning of managed IT services, providers essentially started as hardware and software vendors. Huge sums of money were spent developing custom tools, data centers and command/control centers to deliver limited, ad-hoc services. While they were effective in the delivery of discrete services, they required broad sales and marketing efforts to capture accounts, recoup investments and drive down costs, but infrastructure costs skyrocketed as well. Labor was expensive, and providing services at scale was costly. The best use-case was initially for larger enterprise clients, with steady contacts and little change in demand.
In other markets, the channel, which at the time was mostly still engaged in manual break/fix professional services (something breaks, a technician is called in to fix it), proved to be the answer to many early MSP sales and revenue challenges. Through channel resale of managed services, providers accelerated revenue generation, expanded market presence and maintained viability outside of break/fix transactions. But, a problem remained: the channel was (and continues to be) best-suited for mid-market and SMB segments, while the price and appropriateness of managed services were (at the time) suited for a larger enterprise market. This discrepancy stifled the proliferation of wide-scale managed services adoption, until cloud-based RMM tools started to gain a foothold.
With the arrival of commercially available, cloud-based RMM technology, smaller, traditional, value-added resellers (VARs) were able to build their own managed IT services infrastructure and practice, eventually creating the MSP segment that exists in the channel today. This was conceivable because RMM applications allowed VARs to deliver some maintenance and emergency repair work on servers, storage devices and PCs through the cloud, freeing up time and resources that were previously spent on-site at a client location. The ability to sell this model on a periodic subscription basis provided predictable, annualized recurring revenue (ARR) and profitability—filling a gap in the channel that had been consistently eroding as hardware and software product sales were rapidly commoditized.
Managed IT services driven by RMM software were profitable for transitioning VARs, but cost was still a substantial barrier to entry. Many VARs and emerging MSPs spent small fortunes building modest service delivery platforms to support their fledgling businesses. Some early providers reported spending as much as $1 million developing their infrastructure and network operations center (NOC), and these costs did not reflect the expenses of hiring, training and supporting expert staff. As time wore on, the viability of an in-house operation proved to be less profitable than newer managed services models.
The Next Generation of RMM
The MSP model matured further due to the increased availability of third-party RMM and NOC offerings. These allowed service providers to offload labor and budget-intensive infrastructure and tasking to a trusted, reliable and scalable partner—one that will not only maintain the infrastructure and provide support, but also independently advance technology capabilities. These “Master MSPs,” as they came to be called, delivered a combination of technology, SaaS-based solutions, and skilled technical labor at a price point unmatched by in-house operations, driving the total cost of ownership down on MSP infrastructure costs. Providers were poised to reap larger margins from each client account, and were able to rapidly expand their client base as Master MSP partners could scale rapidly to meet new sales acquisitions without growing expenses.
This is the de-facto model for the majority of managed IT services providers today. In the years since this model took hold, more services started to be delivered through this cloud-based model: BDR, network monitoring, and other technologies proved to be increasingly needed and crucial services for small business—all added and supported through Master MSP partnerships that were increasingly profitable.
However, while this success and growth continued in the channel for years, other dynamics started taking place. Service delivery of RMM and BDR became saturated in the SMB channel market, leading to commoditization and zero-sum customer acquisition (i.e., few net-new, most business coming from customers switching their vendors). While this proved the viability of the managed services model and the success of MSPs in serving their clients, it also led to increased mergers and acquisition activity in order to supplant competitors and increase growth. This activity led to smaller MSPs devoting their practices to specialized niche markets or vertically-aligned industries, while the larger MSPs deliver services at scale to a wider market.
And yet, as the channel seemed ready to calcify into a predictable pattern, change was on the way.
Today: At the Forefront of the Cyber Security Revolution
The latter-half of the 2010s saw a dramatic increase in cyber threats and attacks—particularly toward SMBs—as black-hat tools, ransomware code and crypto-currencies all proliferated in the anonymous, encrypted spaces of the internet collectively known as the dark web. Bad actors and criminals worldwide were now able to target SMBs, public infrastructure, hospitals, police stations, city hals and more—anywhere in the world—and demand a bitcoin ransom. Meanwhile, data breaches, DNS attacks and crypto-mining schemes all exposed the public, private and corporate data of millions, which was also sold on the dark web. These unchecked criminal actions left consumers wary as their information was exposed, put many businesses in breach of compliance, and caused others to shutter for good. To fight back, the channel turned to MSPs.
The managed IT services industry, until now, was not the province of specialized cyber security services; many enterprise clients used a dedicated vendor, while SMBs often used consumer-grade software or went without security services. This climate was perfect for the next major evolution of managed IT services—the transition to a cyber security-focused industry, supported by all other solutions already provided by MSPs. Now MSPs could be the all-in-one IT solutions provider for their clients, and can monitor, manage, secure, remediate and back up IT environments through remote software. And, in addition to already successful network operations centers, security operations centers (SOCs) emerged, integrating best-in-class skilled technicians to work seamlessly with NOCs and MSPs.
Looking to the Future of Managed IT Services
As it stands today, MSPs are full-service IT and technology solution providers, trusted advisors and virtual CIOs (vCIOs) for their clients, with a huge profile and importance to the direct success of SMB (and enterprise) businesses. With this expanded role, the next area of growth is, without question, into cyber security, as there is many of open space to sell into existing customer bases and capture net-new clients who now need managed security services more than ever. And, as acquisition activity only increases, the security space will be vital for the viability of smaller-scale MSPs, as there are increasing threats and attacks that SMBs must be protected from. This rapid growth will continue to evolve the channel, the industry and the role of the Master MSP in this space. Yet while change is inevitable, the mission of managed IT services remains the same: to deliver effective, powerful and profitable IT solutions that enable the business success of SMB clients. Amidst the tumult of rapid scale and change, that’s one point of solid ground that will never go away.
By Carlos Borges
By Ray Vrabel