When it’s time to grow their business, managed IT services providers face many decisions. One of the most important is to decide what type of clients they want to service, and what would be the most lucrative for their business. By choosing to specialize in providing service to a specific industry, an MSP can focus on the specific needs of that area, delivering a higher level of expert service that could not be delivered through an MSP that has a more general approach to service delivery. This is known as a vertical approach, and the industry an MSP is targeting is more generally known as a vertical.
Verticals can vary dramatically from industry to industry, and it’s important for MSPs to find the one that will fit best for their organization, their skillset, their location and their current client base. Below are just a few niche verticals that MSPs have found opportunity and success developing their practice to specialize in.
D3P—Designated Third Party—an acronym that FINRA uses to refer to the designated storage provider that a broker-dealer firm uses to store and archive data.
FDIC—Federal Deposit Insurance Corporation—promotes public confidence in and supports the U.S. financial system, insuring depositors for at least $250,000 per insured bank. The FDIC identifies, monitors and addresses risks to the deposit insurance funds while limiting economic impacts when a bank or thrift institution fails.
FFIEC—Federal Financial Institutions Examination Council—develops uniform reporting systems for financial institutions that are federally supervised as well as their holding companies and the nonfinancial institution subsidiaries.
FINRA—Financial Industry Regulatory Authority—safeguards investors against fraud and harmful practices through creating and enforcing compliance for rules and regulations for all U.S. brokerage firms.
SEC—U.S. Securities and Exchange Commission—The SEC oversees the key participants in the securities world, including securities exchanges, securities brokers and dealers, investment advisors and mutual funds. The SEC promotes the disclosure of market-related information, maintains regulation for fair dealing and protects against fraud. The SEC is the primary overseer and regulator of the U.S. securities markets, working closely with other institutions, including Congress, other federal departments and agencies, the self-regulatory organizations (e.g. the stock exchanges), state securities regulators and various private sector organizations.
GLBA—Gramm-Leach-Bliley Act—requires companies offering financial products or services like loans, financial or investment advice, or insurance to explain to customers their information-sharing practices and how they safeguard sensitive data.
SOX-404—Sarbanes-Oxley Act Section 404—mandates all publicly-traded companies to establish internal controls and procedures for financial reporting and to document, test and maintain those controls and procedures to ensure their effectiveness and compliance.
IT has a huge presence in the finance industry, from trading instruments to record-keeping, as well as reporting and calculations and more. IT is essential in modern finance, and this reliance creates many opportunities for the managed IT services provider.
Because all financial transactions involve the exchange of information, whether internally, or externally to other institutions, governments or to consumers, information technology is essential to their success. Banks, hedge funds and proprietary trading groups need MSPs to help provide services for ultra-low latency trading, market data, hosting and infrastructure connectivity and risk management solutions.
Financial services companies need their data encrypted and backed up securely, and must have a full range of backup and disaster recovery (BDR) solution to meet federal compliance regulations. MSPs that specialize in BDR for financial services help these businesses protect sensitive information, mitigate downtime and promote overall business continuity.
In the world of trading, IT provides information for stock traders to make decisions instantly, allowing them to make orders as fast as possible. The business continuity provided by MSPs allow transactions during weekends and holidays, even when there is no staff working at the bank. By 2016, 60 percent of banks will be processing the majority of transactions in the cloud, and in a recent survey, nearly 87 percent of those hedge fund managers surveyed are using cloud services at least in some form in conjunction with their business."
Regulations concerning the privacy of sensitive and personal financial data are different around the world, so MSPs need to be aware of how those regulations are adhered to, because they will impact the needs of their clients and their business as well. Due to FDIC, NCUA and FFIEC regulations, banks and credit unions are performing more due diligence internally and when choosing an MSP in order to effectively meet compliance in all areas of the business.
Due to the incredible popularity and potential of this vertical, we've written a separate MSPedia article.
PCI DSS—Payment Card Industry Data Security Standard—Introduced by five global payment brands—American Express, MasterCard, Visa, Discover and Japan Credit Bureau—PCI DSS is a set of information security regulations that apply to any organization that handles cardholder information.
CDE—Cardholder Data Environment—areas that are comprised of people, processes and technologies storing, processing, or transmitting cardholder data or sensitive authentication data. Any system that stores or processes cardholder information or has access to systems that store or process cardholder information are subject to the requirements of PCI DSS and can be considered a cardholder data environment.
POS—Point of Sale—The actual location of a transaction, typically referring to devices or systems used to record the transaction.
CPOS—A computer-based POS that uses software to execute the functions of point-of-sale.
Watch Webinar: The Next Big Thing for MSPs - PCI Compliance
In the 21st century, IT is enabling the retail industry in a way like never before. Points of sale and of supply are being revolutionized through technological advancement, and at its core is a strong connection to IT, creating new opportunities and new venues for revenue and growth.
Because of these shifting changes in the retail space, MSPs have an opportunity to cater to the retail industry and form indispensable partnerships. The retail sector has realized there is a need for managed IT services, and the role of MSPs has increased and will continue to increase over the coming years, due to the expansion and globalization of payment processing and fulfillment.
Speed and business continuity are essential to the retailer, and as such they will look for MSPs that have a solid BDR solution as well as an ability to predict and resolve network problems at an increasingly efficient pace. Consumer buying impulses can shift rapidly, and if systems are not working and product cannot be sold, competitors will fill the void left by a company that is lagging due to unstable IT systems. Therefore, an MSP will be crucial to 24x7x365 remote monitoring and management, to effectively close tickets before they stop the flow of the buying process.
PCI Security Compliance addresses a retailer’s security implementation and execution in order to mitigate payment security risks. Every business engaged in credit card payment processing is required to comply with PCI Security Standards. If a retailer collects or stores credit card information, and that information is compromised, leaked or hacked, the retailer could lose their functionality to accept credit card payments, amidst a variety of other consequences including lawsuits, insurance claims and government fines—not to mention lost customers.