Small, medium North Bay businesses increasingly seek outside cybersecurity help
As threats mount, a market is growing for more small and medium-sized companies to sign on with information technology managed service providers for regular service, rather than going from cybersecurity incident to incident, say experts.
The market for MSP agreements is booming, valued at $239.71 billion in 2021. The financial services segment accounts for the largest revenue share of MSP growth, over 18% last year. Reports by GrandViewResearch.com estimate this could be a $730 billion market by 2030.
According to an IDG report commissioned by NTT Ltd., nearly 55% of companies are approaching MSPs to opt for their value-added services to reduce security risks. Those risks have multiplied since the COVID outbreak as employees work remotely and business partners and customers rely entirely on electronic communications. .
Managed services are becoming increasingly popular as businesses seek a more strategic approach to operate, organize and protect their operations effectively, according to IT industry watchers. That’s especially at a time when market and regulatory changes, and a looming shortage of employees with experience in cutting edge technologies — such as cloud-based solutions — is driving them to look favorably at MSPs.
Most MSPs charge $175–$250 per user monthly for basic service and from $100–$200 hourly, depending on breadth of services provided, according to Velomethod.com. The annual cost of engaging a MSP often can be lower than hiring one or two talented full-time employees with some IT experience. The average salary of an IT technician is $45,000–$60,000 per year in total compensation, based on Encomputers.com analysis.
“Until 2019, we operated under a ‘if it’s broken, we fix it’ model, but found that most incidents were often part of larger problems that needed to be addressed,” said Todd Tolly, president and co-owner of Santa Rosa-based TeamLogic IT, serving clients in Sonoma, Napa and Marin counties.
“We’ve found 97% of the time client issues can be resolved offsite without having to make a premise visit at additional cost. We currently have a staff of 20 working in three-member client teams. Some prospective clients want us to complete a project but do not want to pay us to maintain it. If a firm just wants us to patch computers and obtain upgrades, we take a pass.”
TeamLogic IT, founded in 2010, is part of a nationwide franchise network with 260 locations across the U.S.
Tolly said as small firms grow, they need more support than a single staffer can provide, especially when it comes to tracking expanding business IT needs and creating a strategic roadmap for the future. He said firms with internal IT departments are also seeking outside assistance in an era of low unemployment, when it is harder to find talent they want.
He said most clients have four IT priorities:
- Cybersecurity.
- The budget needed to play a defensive role.
- Convincing clients to adopt sound business IT standards (that they haven’t paid for in the past).
- How much control they are willing to transfer to an MSP.
Michael Chaput is founder of EndSight LLC, Napa-based outsourced technology support provider with 145 employees and over 300 clients.
“For most people who own and operate a business, IT is not their area of core competency,” he said. “For some, the first time they believe they need additional IT support is when they have been attacked. On a day-to-day basis, it is difficult to ramp up and even harder to keep pace with technology advances without establishing a strategic relationship with those who do.”
He said some new clients with internal IT departments want to proceed slowly at the beginning of an MSP relationship limited to a per-seat cost and an hourly rate and settling for a trial run for weeks or months without a contract.
Chaput considers this to be a big mistake.
“Knowing we will be there next month helps our clients ensure continuity of operations and stability, as does having a one-, three- or five-year contract,” Chaput said. “For an MSP, this allows for an investment in and a commitment to our staff.
“While most MSPs offer 24/7/365 network monitoring, few can staff to do this based on an economy of scale analysis without outside assistance. We rely on security providers such as SAPHOS, Arctic Wolf and Sentinel and resell their products and manage results for our clients.”
To identify malicious code, Endsight uses AI tools to look at an entire network and check for compromises such as, is the client’s system sending its data to Europe or elsewhere, triggering an alert and determining if this is an actual breach or a false alarm – as well as looking at the volume of data activity over time to detect anomalies involving sensitive material.