In today's changing volatile economy, companies find the predictable monthly service charges of a managed service provider (MSP) highly attractive. They can deploy technology, confident that they're not pouring money down a black hole. The problem is, scads of technology providers are now trying to recast themselves as MSPs.
How can you tell which ones are qualified?
That's Charles Weaver’s job. He's CEO of the 8,000-member International Association of Managed Service Providers. His nine-year-old group offers an accreditation program for managed service providers, and it's closer to a bar exam than a pro forma blessing. No MSP has ever received a perfect score, and it can take as many as three tries before a company passes. (For more on MSP accreditation, see When Selecting Qualified MSPs, Assume Nothing.)
Part Technology, All Business
The Managed Services Accreditation Program (MSAP) has two parts: a written exam and a physical inspection. The written exam is only about one-fourth weighted toward technology, says Weaver. The other 75 percent relates to the business. "It's not a technology certification. We look at everything from their financials to their facilities. We make sure they're a healthy stable company. We ask questions about disaster recovery and security, but a lot of the exam is designed to determine their financial stability."
The physical inspection follows, during which Weaver or one of the 15 IAMSP board members visits the facility. They check for physical security and process documentation, among other issues. "Documentation is a big problem at the small and midsize service providers," says Weaver. "They fail to write things down, and that puts their business at risk." If they fail the test, the IAMSP shows them how to improve, and they can take the test again (at a cost of $1500).
Dealing with Growth
The accreditation program has been so successful that Weaver is hoping to set up partnerships with consulting firms to help MSPs prepare. The IAMSP has already added sub-categories relating to accreditation for green IT facilities and master MSPs (those who lease services to smaller MSPs).
But keeping up with the growth in the industry is keeping Weaver busy. "Companies are demanding managed services because they're trying to cut costs. But they're finding very green, very immature vendors who say they're an MSP because they went to a seminar," he says.
If you're entrusting your company's technology to an MSP, then invest the time to determine whether your MSP is accredited, and what that accreditation process involved.
Online competition and access to price information has been squeezing already thin retailer profit margins for some time now. Combined with the added pressures of the economic crisis, many retailers are being pushed to the edge. Sadly, familiar names, such as Circuit City, have already been pushed over the edge.
To survive this crisis forward-looking retailers need to focus on:
- Efficiency -- making every part of the business as lean and efficient as possible, especially in the supply chain.
- Cost Removal -- driving out costs everywhere, especially in labor, their second biggest cost after the goods that they sell.
- Customer Experience -- seeking ways to differentiate an increasingly homogeneous shopping experience.
Retailers have traditionally been very closed to the idea of managed services provided by third parties. Razor thin margins have made them very risk adverse. There is a general skepticism of service providers, large IT firms, and their understanding of retail or their ability to adequately serve retailer needs.
Those fears and biases are beginning to fade as the reality of economic pressures for cost reduction and competitive pressures for differentiation bite harder than ever before. Retailers are now exploring how managed services allow them to address these monumental challenges.
Research by Cisco IBSG (the company's strategic consulting arm) reveals that successful providers of managed services must address retailer core buyer values:
- Proven Reliability -- to manage risk and complexity.
- Cost Effective -- pay for performance.
- Tailored Solutions -- specific to the retailing industry.
- Focus on Customer Experience -- enabling competitive differentiation.
- Speed to Market -- deliver benefits immediately.
Many retailers are aggressively applying managed services to innovate. Digital Signage, or the ability to provide targeted multi-media messaging to customers, is being used by retailers such as WalMart and Eddie Bauer to influence buying decisions at the point-of-sale and to increase store traffic. The complexity involved in the deployment, underlying network and operations means that retailers are increasingly turning to proven, managed end-to-end solutions.
Companies like Best Buy and Home Depot are trialing Telepresence kiosks that allow them to enhance the shopping experience by bringing expertise directly to their customers in their stores -- in a scalable and cost effective manner. Service providers that install and deliver these solutions become valued partners who offer unique value-added solutions specific to the retail industry.
The current economic crisis will re-shape the retail business. Resilient retailers who survive and thrive will be those that proactively embrace next generation managed services as a means to attain competitive differentiation. Inventive managed service providers will deploy unique solutions that help to position retailers for the long term.
About the author: Stuart Taylor is a Director in Cisco IBSG. Stuart leads thought leadership and engagements with key Service Providers in managed services. He has over 15 years of experience focused on strategy, corporate development, business unit strategy, M&A and operational improvement with large mobile and wireline operators and high technology clients.
My conversation with Jonathan Nguyen-Duy, Director of Product Management for Verizon, ended up being very thought-provoking. We were supposed to talk about a new security offering, a backbone-based solution aimed at stopping Internet-based attacks even before they hit a company's network. (I'd spoken previously to Nguyen-Duy about Verizon's risk-correlation service.)
Nguyen-Duy is a fount of knowledge about the changing landscape of international cybercriminals. Verizon is expanding its denial-of-service (DOS) detection and mitigation capabilities into eight network management centers serving 24 countries with new levels of scalability -- in part because of an increase in international cybercrime, according to Nguyen-Duy.
"Our customers are telling us that the frequency and complexity of DOS attacks has grown. We're now seeing cyberattacks based on social and political activism. We're also seeing less sophisticated hackers getting access to attack methodologies."
A case in point: consider the following related events.
Item: The Bureau of Alcohol, Tobacco, and Firearms, he says, recently arrested "the eBay of cybercrime" in Phoenix, Arizona which was selling automated attack programs, called botnets.
Item: A CIA official said at a conference that the recent power outages in South Florida were results of an unauthorized probe of the utility network originating from China.
Item: Crime syndicates are more frequently attacking financial services firms, online retailers, and government agencies for extortion purposes, in countries where there may be no laws or no enforcement of the laws.
"If you're a global enterprise or agency with deep pockets and a brand to protect, the challenge is real," Nguyen-Duy says.
"This gives rise to a clear problem: If you have a DOS attack that floods a device with five times the normal amount of traffic, do you have the capacity on site to parse through it and separate the legitimate traffic, and can you do it in real time so you don’t have degradation in service?" Remember that typical consumers won't sit through a transaction if they experience latency of more than 10 seconds.
Protection: Around the Clock, Around the Globe
No, we're not trying to write the script for Die Hard V here. However, because globalization is increasingly driven by the ability to share information anywhere, companies that take advantage of it are also making themselves more vulnerable.
Unless you want to deploy high-priced security experts everywhere you do business, it would be prudent to consider how expanded managed security services can protect your multinational communications network. And, thereby prevent the unthinkable from becoming a reality.
In the past few months, AT&T has announced increased demand for managed services on new contracts ranging from just under $5 million to more than $200 million, with companies in the private, public, and non-profit sectors. The range of both the deal size and the diverse applications indicates two key facets of managed services: its advantages truly span multiple business sectors, and organizations can deploy it by selectively out-tasking their networks.
The $4.9 Million Managed Services Contract
For instance, Evansville, Indiana-based Berry Plastics is consolidating a number of legacy networks into a single IP-based platform. You probably have one of the plastic products in your home that Berry Plastics manufactured. The multinational company has 68 manufacturing facilities worldwide and nearly 14,000 employees.
Its $4.9 million contract with AT&T includes the creation of an IP-based virtual private network (VPN) for its 76 domestic locations. Alan Letterman, manager of IMS Engineering and Technology for Berry Plastics, said in a statement that "information technology supports our business momentum and positions us for expansion."
The non-profit Blue Cross and Blue Shield Association extended its managed services relationship with AT&T through two multi-million dollar contracts. AT&T will provide the BCBSA 39 member companies across the U.S. with services ranging from mobility, data, voice, hosting, Internet Protocol (IP) application support, consulting and managed services. BCBSA anticipates greater cost efficiencies and higher reliability for their network services.
The $223 Million Managed Services Contract
The most comprehensive of all the recently announced AT&T deals, though, was the $223 million contract with the County of Los Angeles. It's a five-year contract, renewable to twelve years, that covers all voice and data services for up to 1,000 county locations. The contract means AT&T will be supporting multiple network types, including IP, frame relay, and ATM; remote access; VPNs; local and long distance service; plus Web, video, and audio teleconferencing services.
When you assess each deployment in context, there's a common link connecting them, even though they represent diverse industries and business models. The leaders of each organization clearly faced significant cost pressures, and each proactively redirected their attention to a solution that didn't require significant capital investment.
Their deployments represent the ongoing trend for companies to outsource network infrastructure, choosing instead to focus on their core competency -- while still retaining the flexibility and agility they need to serve employees and customers with state-of-the-art telecommunications capabilities.
Several industry analysts are predicting a continued groundswell and increased momentum towards managed network service deployment. Furthermore, CIOs and IT managers who previously resisted this trend are now ready to join the movement. They recognize that service providers will adapt to their needs and address any lingering concerns that may stand in the way of adopting the solution to their current network operation challenges.
What's motivating you to think about managed network services? Is it cost? If so, you'll be surprised to hear that you're somewhat behind the times. A new report cites six top reasons companies turn to managed services, with cost ranking all the way down the list at number four.
According to Warren H. Williams, Vice President and Senior Program Director of IntelliCom Analytics -- a market research firm focusing on managed services, outsourcing, and other technologies -- cost was a big factor several years ago. Today's list of motivations, however, looks like this:
- ● Improved overall network performance
● Increased network reliability
● Increased network availability
● Reduced operations cost
● Improved network quality of service
● Reduced business risk
Cost is still important, certainly, but Williams' research over the last three years reveals a growing shift in priorities. "The corporate network has become a strategic resource; the Internet is a vital part of marketing, investor relations, customer satisfaction, and employee access to information," he writes. "Networking complexity and security requirements have increased exponentially."
This equates to nothing less than a multi-threaded convergence. On the one hand, there's the convergence of communications capabilities, such as data, voice, and video. On the other hand, there's the convergence of the network as the platform for a multitude of business processes.
Williams envisions these issues coming together "on a single infrastructure, with the objective ... of facilitating communication between man-to-man, man-to-machine, and machine-to-machine regardless of the endpoint." The end result? A flexible infrastructure that can support changing business conditions. Coupled with this capability, however, he says, is an "ever-increasing complexity, increased performance and reliability expectations, and increased costs for skilled personnel and management platforms."
Thus, the shift in motivation from cost reduction to network performance improvement. When considering managed services, then, you should look at the widest set of advantages possible: not just cost reduction, or the avoidance of high-priced personnel, but the advantage that comes from the ability to bring more flexibility and agility to your business.
A new report from Forrester Research on the state of IT security at small to midsize businesses (SMB) in North America and Europe predicts ongoing growth in the managed security space.
In a result similar to that of enterprise respondents, SMB executives reported that the two top drivers for using managed security services is the demand for a specialized skill set that security requires (cited by 31% of the respondents) and the need to reduce costs (cited by 24%).
Other reasons cited for adopting managed security services include:
- The need to reduce complexity (19%)
- The need for 24/7 security coverage (19%)
- The rest of the IT environment is outsourced (5%)
The report also revealed that the top two services SMBs ask from their managed security provider are e-mail or Web content filtering (36%) and network firewall monitoring (33%). Forrester believes that the biggest uptick in the next year, however, will come from increased use of vulnerability management and assessment. Some 20% of SMBs plan to deploy these services in the next twelve months.
The Forrester report clearly shows that SMBs have a strong interest in all facets of managed security services. Some 23% are already using it for identity and access management, and another 35% are interested in it, but either have no plans or no budget for adding it to their slate of services.
Similar proportions of SMB executives recognize these issues: host event log monitoring or management (31% are interested but have no plans or budget); IDS/IPS monitoring or management (30%); endpoint security (34%); and regulatory compliance monitoring and assessment (31%).
When To Add Managed Services
The Forrester survey didn't tackle one of the most interesting questions from a managed services standpoint (in fairness, the focus was on security, not managed services). That is, what will it take for SMBs to start adopting the services in which they express interest, but have not yet budgeted for?
Our recommendation is to be proactive and deliberate about adding services. Don't wait for the need to arise; develop a plan to takes into account your security needs and build capabilities into both your budget and deployment plans on an incremental basis. That way, you'll enjoy the highest level of protection with a minimum amount of disruption.