Latest MSP Benchmark Survey finds compliance, app integration also key points of concern
Security continues to be the most pressing concern for MSPs that have been under increasing attack from cybercriminals because of their access to clients’ IT infrastructures, according to a survey by Kaseya.
The Lowdown: For its 2020 MSP Benchmark Survey, Kaseya, which offers IT infrastructure management solutions to MSPs and IT organizations, spoke to 1,300 MSP owners and technicians around the world about everything from pricing and service delivery to operational resources and requirements.
The Details: Previous iterations of the survey, now in its ninth year, found a variety of priorities. However, security and, to a lesser degree, compliance were top of mind for MSPs and their customers in 2020. With their remote monitoring and management (RMM) tools giving them access to customer infrastructure, MSPs have become an attractive target for bad actors. More than a third of MSPs said their business was more prone to attack than it was last year.
In addition, 95% of MSPs said that some or most of their clients rely on them for cybersecurity plans. Almost 30% of MSPs said meeting security risks was the top IT need of their clients, followed at 14% by cybersecurity services like antivirus, anti-malware, and ransomware protection.
Other key findings in the survey, released Tuesday, include:
> Compliance services: The number of regulations, like the California Consumer Privacy Act (CCPA) and New York Stop Hacks and Improve Electronic Data (SHIELD), continuing to grow, data privacy has become a priority. Two-thirds of MSPs said their clients are struggling to meet compliance requirements.
> RMM: The survey found that 61% of MSPs said RMM is their most valuable tool, followed by professional services automation (PSA) at 21% and IT documentation (11%). But it’s more than having the tools; 70% said integration between their core IT applications was important and 81% said such integration could grow profits.
> Expanded services: MSPs have transformed from providing break-fix services to offering full solution portfolios. Almost 90% of respondents said expanding their service offerings was important. The MSPs with the highest growth – an average monthly revenue increase of more than 20% — have added four to five new services over the past two years.
> Value-based pricing: MSPs continue to shift away from cost-based or price-match strategies. About 38% of respondents said that more than half of their revenue comes from value-based pricing models, while 17% said the bulk of their revenue comes from cost-based pricing.
> Cloud support: While adoption of public and private clouds is among the top needs of IT organizations this year, MSPs that manage public cloud environments fell from 70% last year to 56%, and from 59% to 49% for private clouds. However, managing clouds can still be a key part of what an MSP does. About 21% of high-growth MSPs manage their clients’ public clouds environments.
More information from the report can be found here.
The Impact: Managed security services continue to be a key need for IT organizations. The number and complexity of cyberattacks are increasing, and companies are facing a widening cybersecurity skills gap and a shrinking ability to keep up with the threats. A report from MarketsandMarkets predicts that the worldwide managed security service market will expand from $24 million in 2018 to more than $47.6 million by 2023.
Background: MSPs have come under increasing attack in recent years. The FBI and Department of Homeland Security in 2018 warned MSPs and cloud providers that cybercriminals are looking to exploit them to get to their customers. DHS has a site listing security alerts, and industry vendors and groups like Continuum, Blackpoint Cyber, MSPAlliance, and CompTIA also are putting a spotlight on the threat to MSPs. The heightened threat level is sure to continue during the COVID-19 pandemic, as most companies suddenly find most of their employees working from home, creating a much bigger attack surface for bad actors.
The Buzz: “Respondents to this year’s survey overwhelmingly agreed that their clients need more cybersecurity support from them. This is especially true in today’s uncertain environment,” said Jim Lippie, senior vice president and general manager of partner development at Kaseya. “As more small and midsize businesses look to maintain vital security operations and decrease IT costs internally ahead of an economic downturn, they will lean on the expertise and services provided by MSPs to keep their companies operating. More than half, or 60%, of our respondents said their clients experienced downtime from an outage in the past year. In our current, unprecedented climate, an outage can mean the end for a small business. So for MSPs, who are the IT backbone of these small businesses, there’s a significant opportunity to diversify their clients’ cybersecurity solutions and strategy in order to respond agilely to any threat that comes their way and maintain their livelihood.”