Research into Australia’s SME space and cyber security has produced some worrying results; according to the research SMEs are aware of the need to lift their cyber-security game, but they are under-prepared for an attack, their cyber security practice is under-resourced (often reliant on university students rather than full-time staff), and while physical assets are protected, digital assets are much less so.
Cyber criminals are benefitting from the move to cloud that has been necessary to allow SMEs to operate through remote work and lockdown. There’s also the human factor, with the majority of successful cyberattacks occurring because of human error at some point on the chain.
To compound the issue further, Australia faces a dramatic shortage of cyber security skills and SMEs are disproportionately affected as the talent is being snapped up at high prices by enterprises. For these reasons in combination, local SMEs need their managed services providers more than ever.
The challenge MSPs face
According to N-able, a specialist in providing MSPs with technologies to assist their SME customers, MSPs are facing challenges in assisting their customers across a number of vectors:
- The absolute reliance on IT among SMEs means that uptime and support is more critical than ever, so MSPs need to find pathways to automated remediation and immediate response.
- With most SMEs now running a hybrid environment, with cloud services and on-premises technology, they need their MSPs to be able to monitor the environment with a single pane view.
- SMEs also need assistance with a growing range of threats—it’s not just about new viruses, as cyber criminals are now finding new and innovative ways to attack companies, and MSPs will need to offer their customers layered security and response.
- Another challenge is budget. SMEs never have the budget for the perfect solution, so the challenge for the MSP will always be to find efficiency and leverage automation wherever possible to offer a comprehensive solution that meets the budget pressures.
- Finally, SMEs badly need assistance with remote management. Monitoring, control, and risk management with remote workers is a new thing for many SMEs, and in the absence of internal resources, they’re looking to their MSPs to deliver this.
According to N-able’s senior director of partner experience, David Weeks, the other challenge is that MSPs need to continually evolve their solution on behalf of their customers, and that means ongoing investments that the MSP needs to take on themselves. “We do believe that service providers should not take undue risk with their customers, and that they should have that minimum viable package,” Weeks said. “That minimum viable package is constantly changing, because there's new threats that are constantly being introduced and that does mean more investment.”
At the same time, this is an opportunity, Weeks added: “With each investment, you're reducing your risk, which means you're reducing your potential cost of a breach for the customer.”
N-able’s vision for MSPs is that the opportunity is there that by making the investments they can move up the value chain. With so many IT providers, it’s easy to become stuck in a “reactive” or break-fix frame of mind, but the value for the channel is in moving up the chain and having the strategic, consultative conversations with their customers. The more the channel partner can be seen as a pseudo-internal resource that saves the SME the need to consider an internal IT team, the greater the benefit.
However, MSPs also face some internal challenges of their own in being able to provide these services:
- A shift away from large up-front licensing fees to monthly services can impact on revenue and cashflow, especially at the point that the MSP first transitions to the new model.
- Skills availability—the skills shortage in Australia is severe enough that even MSPs can struggle to attract enough talent for their needs.
- The need to offer true 24/7 services, with real-time responsiveness, and the difficulty with resourcing that level of support.
- Building capabilities around deploying, managing and supporting complete solutions, rather than point products—customers don’t want a simple managed security product, they want their entire environment to be protected in a holistic manner—and that means automation, security, data backup and protection.
- Finally, the MSP needs to be constantly aware of, and within the requirements of, regulatory mandates around security and the SLAs that they will be bound to—the MSP takes on a lot of their customer’s risk in offering these solutions.
For the MSP, the solution here is to find the right partners for their own businesses. They need vendors and suppliers that have a local understanding and resourcing to support them—and, subsequently, their customers.
The N-able solution
N-able has invested heavily in global support and MSP partner enablement, with a team of over 90 people dedicated to onboarding, technical and sales support. Locally, there are 24 people based in Sydney, including eight partner success managers, and this is growing rapidly having been introduced in 2020 as part of an initiative to increase focus on N-central and RMM partners. There is also a library of resources available to partners through the N-able MSP Institute.
Additionally, as Weeks said, the MSP environment is one that thrives when peers can collaborate and support one another. “When we look at the market, we see that people look to their peers first before they're calling anybody else and, that makes sense as they’re in the trenches together,” he said. “We want to foster that engagement, whether they're a customer of ours or not, and encourage the community to talk to one another.” N-able facilitates this communication through both events and active forum discussion groups.
According to N-able, the sum of these investments allows it to provide MSPs with the ability to navigate these challenges through the wide range of security tools that it offers, with most either built in or integrated with N-able RMM and N-able N-central—its two RMM Platforms that provide the visibility and remote access that MSPs need. For partners that do only need to provide a single product to their customers, N-able maintains a range of those, including:
- Take Control (remote access)
- Passportal (password and documentation management)
- MSP Manager (PSA)
- Mail Assure (email filtering and archiving)
- N-able Backup (backup and recovery, with a data centre located in Sydney for data sovereignty concerns)
These features and tools allow an MSP to build a complete security stack to sell managed services packages, or to create individual services for their clients.
“We also sell these solutions in monthly billing or consumption models, so MSPs do not have to commit to annual licenses with once off payment that can leave them out of pocket and having to make up for the lump-sum cost of the solution over time,” N-able Senior Director, APAC, Matthew Drake, said. “This is often the case with some of the alternative enterprise solutions that some MSPs purchase to create a complete layered security stack.”
Research suggests that Australian SMEs are looking to increase their investment into security. The risks to the business are too great otherwise, and they also know how woefully underequipped they are to handle the task internally. A truly strategic MSP will be their best foot forward, and those MSPs that can move up the value chain for their SME customers can look forward to very strong growth in the years ahead.