Category: TruMethods Blog
Want to learn more about becoming a top managed service provider? Explore the TruMethods blog for insight into MSP training and IT solutions.
Are Tools Shrinking Your MSP Profit Margin?
Protecting your SMB Customers from Tax Scams
The April 15 filing deadline is looming, and so far, the 2019 tax season has been a lively one. Businesses and individual filers alike have been struggling to understand the full ramifications of the significant changes made to the tax code in 2018 under the Tax Cuts and Jobs Act of 2017. Additionally, a government shutdown threw a monkey wrench into the IRS’ ability to process tax returns and issue refunds.
Cybercriminals are expected to take advantage of the confusion and turmoil, increasing their use of tax scams to steal personal information and email credentials.
Tax scams are attractive to hackers because of the breadth of personal information available on tax forms, including names, birth dates, social security numbers, wages, and addresses. In some cases, companies applying for employer identification numbers (EINs) were tricked into signing up via fake websites. Other scams involve tricking HR employees into changing direct deposit information, or companies hiring fraudulent tax preparers to handle their accounting.
W-2 scams are a common problem as well as a form of business email compromise attack. The cybercriminals impersonate a company executive using a spoofed account or an already compromised account and request W-2 forms. Most of these emails don’t contain malicious attachments or URLs, and because they are leveraging a legitimate (yet compromised) email account, they are difficult to detect or block using blacklists, signatures, URL protection, and sandboxing.
When successful, these attacks result in data from the W-2 being used for identity theft. Not only are victims compromised, but they also bear the cost of identity theft protection services moving forward.
Practical tips to avoid tax scams
Here are a few steps you should follow to protect your customers avoid getting involved in tax scams:
- Deploy advanced anti-phishing protection that leverages technology like machine learning to analyze communication patterns. Artificial intelligence and machine learning can also help detect account takeover attacks. Additionally, use DMARC (Domain-based Message Authentication, Reporting and Conformance) authentication and enforcement to help reduce domain spoofing.
- Use data loss prevention (DLP) solutions and business policies to block emails that include W-2 forms and other sensitive documents from leaving the company’s servers. During tax season, perform regular searches for emails with tax form attachments or other tax-related information.
- Step up security training around tax time to help raise awareness of tax fraud and perform additional phishing simulations to identify at-risk employees.
- Make sure email accounts are protected with the right level of authentication, and robust password policies are in place.
- Encourage customers to institute additional policies to protect against scams – like requiring verbal or in-person confirmation of any request for financial or other sensitive information, or wire transfers.
Even tax preparers themselves are targets. Their files contain sensitive information and customer data, and last year the IRS reported receiving numerous reports from tax preparation firms that had been the victims of data theft. If your customers are using an outside firm to handle their taxes, make sure they have done their due diligence in evaluating their data protection systems and confirmed their validity by requesting a Preparer Tax Identification Number and verification of their CPA status.
If a customer becomes the victim of a W-2 scam, make sure they report the incident to the IRS and launch an internal investigation to determine the scope of the problem, eliminate malicious emails, and disable any compromised accounts.
Finally, remind customers of the following truths for detecting fraudulent messages: The IRS almost always contacts individuals through snail mail. They don’t call. They don’t e-mail. They don’t demand personal information or payment over the phone.
With security protocols and protections in place, your clients can get back to sorting through the confusing array of new tax rules and getting their returns filed on time.
Chris Crellin is Senior Director of Product Management for Barracuda MSP, a provider of security and data protection solutions for managed services providers, where he is responsible for leading product strategy and management.
Thoma Bravo Acquires ConnectWise: Some Thoughts On The Deal
A few weeks ago, I published a blog post on the rise of private equity money in the channel. Recently, Thoma Bravo, a private equity investment firm, which also owns Continuum and is a major investor in both SolarWinds and Barracuda, acquired ConnectWise (a deal estimated to be worth $1.5 billion). Somehow, this feels like a seminal moment for MSPs.
When ConnectWise was a privately held company
As a privately held company, ConnectWise was considered the center of the MSP community. Not to get nostalgic on you, but I remember being in Providence, Rhode Island in the fall of 2008 at the first ConnectWise user group meeting. Since then, I’ve been presenting at ConnectWise user groups every year. In those early years, what made ConnectWise stand out from the crowd was it made major investments in building communities (investments private equity firms would never make).
On Arnie (and why being a polarizing figure isn’t a bad thing)
I’d like to mention a few things about Arnie Bellini. Sure, when he was ConnectWise’s CEO, he was a polarizing figure at times, but it comes with the territory when you’re a CEO out in front of your business like he was. Looking back, his tactics paid off in the end, didn’t they? For example, while many MSPs remember Arnie, I bet they couldn’t name the CEOs of other leading channel brands.
For those of you who don’t know Arnie, here’s something to think about. In 2008, I called Arnie and left a message to let him know I was leaving Mindshift and had plans to launch TruMethods. After five minutes, my phone rang. It was Arnie. He said, “I’ve been waiting for you. Our partners need help.”
He then filled a room of ConnectWise partners in Tampa, Florida for me to test my first starter kit. He also agreed to co-host my first starter kit videos and let me use the ConnectWise TV studio. He had me in studio for ConnectWise TV sessions. He had his marketing team work on joint content promotions. By the way, he did all of that to help partners and never asked for anything in return.
More recently, when we texted about the deal, you know what he didn’t mention? The billions of dollars he made on the transaction. He only told me about the $200 million going to his current and past employees with stock options. You want to know what else? The deal made 70 new millionaires. I know a lot of these folks and have spoken to many of them over the past week. I am thrilled for each one of them, especially those I worked with in the early years.
What Thoma Bravo’s acquisition means for the industry
Do you feel Thoma Bravo’s acquisition of ConnectWise marks a turning point for our industry? Do you believe private equity companies with knowledge in building, growing and selling software companies will ultimately be a positive thing for us as an industry? For me, I feel companies built by owners and teams with deep MSP roots and knowledge are a dying breed — but maybe I’m being over dramatic.
Could this phase of our industry maturity be the beginning of what comes next? Are we becoming an industry where AI, predictive analytics, advanced security services and BI lead the way, and what we now know as MSPs become base services and not the real reason why customers buy from us?
Think about the past: Before MSPs, there was a different industry where IT providers were basically hardware companies. We sold and fixed hardware and offered maintenance agreements. Today, that industry is all but gone — or at least — not relevant to why customers buy our services.
For those of you who’ve been in the IT provider world for many years, this is good time to take a moment to reflect on where we’ve come from, where we are and where things could be headed.
One thing I know for sure is this: Those of us who can operate efficient businesses built on high-value relationships with our customers are going to be able to navigate the changes in the channel and take advantage of market conditions as they change.
MRR Down? Re-Evaluate Your MSP Sales Process
If your monthly recurring revenue (MRR) is down, it might be time to re-evaluate your sales process. In fact, even if your MSP’s MRR is increasing every month, you should still gauge your progress in the sales process on an ongoing basis. Then, every couple of months, re-evaluate your sales process to determine where you and your sales team can improve. If you’re unsure of where to begin, look closely at where you are as a salesperson and an individual before reviewing your sales process.
Your attitude, belief and personality drive results
Success ultimately begins with you. You’re going to have a tough time selling your managed services to prospects if you don’t believe in yourself or theservicesyou’re presenting. Overcoming self-doubt is one of the first steps to improving your overall sales performance as an MSP salesperson. By succumbing to your fear of failure, you sell yourself and your business short — so what’s one of the keys to making more sales? Begin building your confidence in sales by controlling what you as an MSP salesperson can control. Simply know this: Your attitude, belief and personality drives results.
Trust the process—but don’t forget this
Even though we atTruMethodshave a sales process for our members to utilize when they’re selling to customers, it’s important for you to keep this in mind: Our sales process provides guidelines to achieve success. Not every sales situation is going to be the same. Unfortunately, things are going to come up, and you’re just going to have to adapt to them. Your goal is to control the sales process.
Gauging your progresswith the sales process: What you should know
Not sure how to gauge your sales progress? Well, first, look at your MRR. If you’re not selling MRR, there could be a bunch of things going on, but one of your reasons could be sales process. The same could be said about your closing ratio. Yes, other things could be impacting it, too, but your sales process could be one of the reasons why you’re not closing as many sales as you’d like each month.
You can also gauge your MSP sales process by determining whether you can control it and evaluating your ability to forecast sales—both of which—unlike MRR and your closing ratio—are linked directly to the sales process. How often are you able to stay in control the process of the sale? If you or your salespeople are having issues with managing the sales process, take the time to review our content on the three phases to mastering the sales process: the basics, command and mastery.
Now, regardless of how much you sell, you should be able to get an accurate forecast on what’s going to close this month and the next month. If you’re oftentimes wrong, there’s a sales process issue within your MSP, and it should be rectified immediately. Don’t let this continue to impact MRR.
Additionally,whenre-evaluating your sales process, consider the following:
- Is price an issue?
- Do you create clear separation?
- Can you qualify prospects quickly?
- Do you give up sales assets too easily?
- Do you lose control late in the process?
- Do you present too early?
- Are you working hard in the process?
- Does it feel like selling?
- Are you hoping and waiting?
Remember: Failure is not an option, so when you’re identifying problems in your sales process, start with you. Do you have the right attitude to the drive results you want? If so, use the TruMethods sales process as a guide to generate additional MRR for your MSP. Always gauge your progress in the sales process to determine how you and your salespeople can master the sales process.
Thoughts On Private Equity In The MSP Channel
Now, I’ve spoken about private equity entering the MSP space before, but since then, a lot has happened, much of which is good news for MSPs. Think about it this way: PE firms only chase expanding addressable markets. The fact PE firms have been investing in the channel means they believe the potential customer bases for MSPs and vendors are growing rapidly. While PE firms investing in the channel is overall a good thing, there are some things for MSPs to consider this year.
Where are we at today?
For the past for few years, PE firms have been making plays at MSPs and software vendors. Just think about the M&A activity we’ve seen: Silver Lake and Thoma Bravo acquired SolarWinds; Vista Equity Partners bought Datto, AutoTask and LogicMonitor; Thoma Bravo purchased Continuum and Barracuda Networks; Insight Partners owns Kaseya. Kaseya acquired IT Glue, Unitrends and others; and Continuum bought BrightGauge. (The list goes on and on.)
By the looks of it, PE firms aren’t done with investing in the channel — even though some experts have expressed concerns over how long the increased activity from PE firms will last. Regarding PE, while a lot has happened over the past few years, there are still MSPs and software vendors up for grabs in the market. (I’m sure you know the players I have in mind.) Outside of the channel but still pertaining to technology, PE firms are continuing to go after enterprise software vendors. While the interest in tech players in growing addressable markets is real, MSPs have some choices to make.
Solutions for MSPs are getting better — but there’s a catch
Without a doubt, in general, due to PE money, solutions for MSPs are getting better — nobody can deny that. Today, the MSP toolstack is better than it’s ever been before, but it’s also larger, more complex and a much bigger component of your cost per seat (I’ll address this topic in an upcoming webinar, so be on the lookout for it). As solutions become increasingly complex, it’s important for MSPs of all sizes to pay close attention to what the major vendors are doing in the MSP landscape.
Follow the market’s leaders
Take a close look at the toolstacks from each of the major vendors in the channel and assess what they’re building or buying. Then, consider this: What are the advantages or disadvantages to aligning with one vendor? Is there better pricing, support, integrations, communities? How do you balance it all? Let me stress this: I’m not suggesting it’s time for MSPs to pick sides (it’s a little early for that).
What I am saying is MSPs need to stay aware of the changing market and potential implications of growing PE money in the market over time. As you consider new tools and services, factor in the landscape. The bottom line is the market conditions have created an environment where it’s easier to be an average or below average performing MSP, so this is where top-performing MSPs can thrive.
Never has getting to the top of the MSP value stack been more important. The good news is the following: I believe maturing markets always create opportunities for those who understand the changing factors. It’s our job as an industry to stick together by staying on top of the market conditions and position ourselves to leverage the changes to our benefit.
What the Influx of Security Breaches Means for MSPs
With cybersecurity top of mind for business owners, MSPs have an extraordinary opportunity to become more than just IT providers in 2019. When executives review security vulnerability reports for their organizations, they’re forced to look at how breaches would impact overall business risk. This is where MSPs can insert themselves as not only cybersecurity experts but business risk professionals.
How is the security landscape evolving for MSPs?
Cybersecurity is an increasing concern among businesses across the globe. The truth is the global cybersecurity market is expected to hit $180 billion by 2021, which means there are plenty of opportunities for MSPs to generate additional monthly recurring revenue (MRR) by focusing efforts on delivering managed security services to businesses of all sizes. Even though cybersecurity risk has been cited as the top risk by managers and nonrisk professionals for more than five years, there are no signs of worries about cyber threats going away anytime soon. To meet the needs of this ever-changing threat landscape, over the years, MSPs have evolved their approach to protecting clients. Now, a security strategy is much more than just a solid endpoint solution; it’s a comprehensive approach to managing the integrity of the customer’s technology footprint — and clients now get it.
Educating clients on cybersecurity is becoming less important
Nobody is safe from cybersecurity attacks in 2019. Even though some of the biggest hacks in 2018 occurred at multi-billion-dollar companies, including Facebook, Quora, Google and Marriott, SMBs aren’t immune to attacks by cyber criminals. Fifty-three percent of mid-market companies have experienced a breach, according to the 2018 Cisco Cyber Security Report: Special Edition SMB. The days of MSPs having to educate customers and prospects on the dangers of vulnerabilities are over.
With security breaches garnering media attention, customers are now more aware of security risks than ever before. Instead of blowing off cybersecurity discussions, they’re being proactive by asking questions on the trending topic and insisting on additional security measures to protect their businesses. This opens the opportunity for MSPs to have substantive conversations about how security impacts overall business risk. For MSPs to take advantage of this shift in awareness, they need to position security as a key process in their services, which they began doing many years ago.
MSPs are continuing to build and enhance their security practices in 2019
Without a doubt, MSPs have been aggressively funding their security practices over the years to combat new and evolving cyber security threats in their markets. In my opinion, from what I can tell, MSPs are going to continue investing a lot of capital and resources into their security services this year, but not all MSPs agree on how to properly structure security services to their customer bases.
Due to this difference in opinion among MSPs, pricing models for security services vary from MSP to MSP. For example, some MSPs have opted to create security service layers on top of their offerings, while others have baked security services into their managed offerings. As for the latter, these MSPs are structuring their securities this way because they feel the need to ensure their clients are protected, and they don’t want to potentially lose business to MSSPs looking to steal market share. No matter how MSPs break down their security offerings for clients, there’s always room for growth.
While the influx of security breaches is good news for MSPs, there’s always a downside to every upside: MSPs are becoming a threat vector for malicious attackers. As MSPs assess businesses for security vulnerabilities, they should also evaluate within to protect themselves and customers from increasing security threats. Without a doubt, cyber threats are going to continue in 2019, and if MSPs don’t seize the opportunity to become more than just IT providers, money will be left on the table.
‘Shadow IT Emerges Due To Unmet Needs’: A Conversation With Adam Radulovic
Shadow IT isn’t going away anytime soon, so be sure to hold on tight. As managing shadow IT becomes a greater concern among business leaders at all levels, solutions to overcome challenges arising from this unfortunate phenomenon are accelerating. Those businesses already geared up to combat increased security threats from the widespread use of shadow IT are — you guessed it — MSPs. Even though there are many MSPs still unsure of how to control shadow IT effectively, a good bulk of them are making progress and protecting their customers from unintended side effects.
To find out how TruMethods members are tackling shadow IT challenges within their clients’ organizations, I reached out to Adam Radulovic, CEO of XL.net, a Park Ridge, IL-based MSP, and asked some questions on how he’s managing shadow IT’s growing presence in the enterprise space.
A lightly edited transcript of our conversation follows.
How has your strategy to tackle shadow IT progressed over the years?
Shadow IT emerges due to unmet needs. Similar to water that hits a rock, it will eventually find its way around resistance. Our approach has been to embrace the needs of all the departments within a client’s business through quarterly technology meetings. We have always had the intent to anticipate and fulfill a business’s needs, but in our early days, it was hard to do that while dealing with broken computers, viruses and the level of IT noise present when we did not have command over reducing that noise. Five years ago, we finally got command, and instead of being looked as the “IT guys” that kept their computers clean (the “computer janitors”), we are now looked at as part of our clients’ leadership teams. This allows our clients to reach their objectives faster, more efficiently and safer than ever before.
Why don’t customers fully understand the risks of shadow IT? How do you go about educating them on the dangers?
Back to the water analogy, we first create a path for IT needs with all the departments through a technology steering process, which greatly reduces shadow IT since needs get addressed and scheduled. For the few instances, we typically would only hear about them after an issue — in which case, we do an incident report to understand the root cause of an individual going outside of the established technology steering process.
How do you go about securing organizations when facing shadow IT challenges?
We follow a system owner process driven by security standards (ISO27001 / CSC 20) when identified. Basically, it identifies an individual in the department that is fully accountable for the access and regular training of the system (the system can be a software application, client/server on-premise solution or cloud-based solution).
What are the top shadow IT issues facing MSPs today?
Certainly, the top shadow IT issues for MSPs — and really any IT department — are gaining command over reducing noise from IT and having a technology steering process that addresses needs.
Does Your MSP Sales Engine Need a Tune-Up
To be able to successfully execute your MSP sales plan for the year, your sales engine needs to be running at peak performance. If it’s not, it’s probably time for a sales engine tune-up — and just like any tune-up, there’s a sales checklist to follow to ensure everything runs smoothly the remainder of the year.
Are you using your resources effectively?
If you’re not generating enough revenue, evaluate how you’re allocating your resources. The first question you must ask yourself is the following: “Which resources am I dedicating to new Monthly Recurring Revenue (MRR)?” If you’re the only salesperson at your business, assess how you’re spending your time. Then, take a moment to think about where you’re focusing your energy. If you’re the only one selling, you’re probably not solely dedicated to generating new MRR. That must change if generating new MRR is on your sales plan. Keep in mind: Your sales engine must be always be aligned with your sales plan.
Define your goals
When it comes to sales goals, it’s always best to stick to the basics. Start with defining your MRR goal, First Time Appointment (FTA) goal and goals for lead generation activities (think about supporting goals for each of those activities). To figure out your MRR goal, simply multiple your FTAs by your close ratio by your average MRR — that’s it. Make the numbers work in your favor by adjusting them — that’s all there is to it.
Hold your salespeople accountable
Your salespeople should know their numbers with prospects — plain and simple. One way to keep your sales team in check is by having them record their monthly activities. Simply, have them keep track of their prospects. Are your salespeople required to fill out perspective business reports (PBRs)? These reports include not only the numbers for 30-day prospects but also 31-60-day prospects. Your sales team should be able to recall the details of every sales lead they’re managing.
Keep your sales team disciplined
You should be holding meetings with your salespeople — even if you’re the only one selling your services. Don’t laugh, but when I was the only salesperson at my company, I held a sales meeting with myself every week — to keep myself accountable — and some of those meetings didn’t go well. Seriously, though, you need to meet with your salespeople once a week to assess what’s going on. Then, use the information you collected during your weekly meeting to adjust your sales forecast.
Follow your sales success principles
Do what you need to do to be successful. Period. Ignore everything else. For example, hit 100% of your activity goals 100% of the time. Own your results. That’s what matters at the end of the day. If you’re supposed to make 200 dials each week, make 200 dials every week. Don’t come up with excuses. Hold yourself and your salespeople accountable to the goals you put forth for your team.
The beginning of the year is a good time to reflect on your sales engine’s performance. If it’s not where it needs to be, go through the above checklist to determine how to proceed for the new year.
MSP Leadership Advice: The Wheel of Life Goes Round and Round
Like a wheel, life goes round and round. Holding it all together is your framework, which you’ve been building up your entire life. If one spoke breaks, you weaken as a result. To keep the ride — your life journey — from getting thrown out of whack, strengthen your life’s spokes by growing and accepting.
The wheel of life, and the spokes supporting it
The wheel of life has spokes. These spokes support the wheel in many ways, including the additional weight added on during tough times. What’s important to remember is everybody’s spokes are different, and that’s okay. We all have our own distinct goals. To get you through hardships, which can happen at any point in your life, your spokes must be solid. If not, it’s going to be one hell of a ride.
For me, my business has always been a consistent spoke. Your business or career is something you have a lot of control over. It has kept me grounded and stopped me from going astray. If you’re still looking for spokes to support your wheel, I urge you to make one your business or career. I’ve been running businesses for many years now, and so far, focusing on operating, growing and scaling my business has helped me avoid many of life’s abrupt potholes.
Have a growth mindset
Nobody’s perfect. At the end of the day, we’re all unfinished products — each and every one of us. There’s always more to learn and opportunities to pursue. The good news is this: If you’re willing to develop yourself as a person, you’ll not only acquire more knowledge but learn more about yourself in the process. When you grow as an individual, your business thrives, and when your business flourishes, you, your employees and everyone else around you prosper. Even though keeping an open mind is challenging for many of us, it’s important we practice this concept on an ongoing basis. It’s what helps us move out of our comfort zones, away from what we know and toward opportunity.
No one gets through life unscathed
My mom had a lot of great sayings, many of which I’ve been lucky enough to pass along to my own children. I often repeat one of her maxims when things aren’t going so well — as a reminder to myself that we all go through ups and downs in life. No matter who you are or where you come from, obstacles arise daily. My mom spoke the truth when she said, “No one gets through life unscathed.”
The older I get, the more often I find myself returning to her insightful words to help get me through hardships. Life was a lot easier when I was younger when I think about it — fewer problems, setbacks, and tragedies. Now, many years later, having had to push through adversity throughout my entire life, I’m a lot wiser (at least, I think so) and can bounce back from setbacks a lot quicker than someone a lot younger than me. I’ve learned to keep my core strong by building a foundation for me to live by.
Life has a plan of its own. We can do our best to steer clear of obstacles, but we’ll never fully avoid them all. The key to overcoming challenges is having a strong foundation of support. We strengthen this framework by having a growth mindset and accepting the fact we all endure hardships.
