In the past 3 years. there has been a massive shift in IT Managed Services. In 2023, many companies are finding the advantages of Modern MSPs to be undeniable as their cloud-first approach brings stronger security, better employee experience, and lower costs. With this insight, we aim to explore IT outsourcing services in 2023 and beyond. We’ll examine the updates and improvements to Modern Managed Services, the fundamental differences between traditional (legacy) and modern MSPs, and the operational and financial benefits of outsourcing IT.
First though, let’s cover a few basics.
What is an IT Managed Service Provider (MSP)?
When you are considering outsourcing some or all of your IT functions, you’ll want to look for an MSP. MSPs are specialist firms that provide some, or all IT services to small and medium businesses.
What does an MSP do?
MSPs typically manage services like network infrastructure, applications, IT support, security, backup and recovery, patching, and device management. Companies hire MSPs to save on their IT budget and/or strengthen particular facets of their IT department. MSP specialists are known to be a less expensive alternative to hiring in-house talent and more efficient in terms of managing specific aspects of an IT department.
Many companies choose to outsource their IT to an MSP in the same way that they outsource accounting to a CPA.
How MSPs save money and lower IT costs
Information Technology is a broad and deep category of work. Protecting against cyberattacks and criminals requires specialists. It takes other specialists to build, implement and maintain the infrastructure. And it takes even more specialists to support and assist your users so they can do their job effectively.
A common ratio of IT staff to overall staff is 1:200. Even at 1,000 employees that may mean an IT team of 5 or 6. It’s incredibly difficult to get the skills needed to run an IT department properly with a small IT team. It’s virtually impossible to do everything properly with a team of 1 or 2 IT staff.
MSPs allow for fractional expertise. Need an architect? Great, you get two hours’ worth a month. How about service desk (helpdesk), IT system administrators, network administrators, device management, application patching, backup, and disaster recovery management?
With an MSP you get all these things from a team of specialists. You get the benefits of a large IT department for the same cost as a couple of System Administrators.
The US market for IT managed services was over 60 billion in 2021 and is expected to grow by 12.5% year over year (CAGR) in this decade.
Benefits of using an MSP
In addition to the cost savings opportunities, many businesses that outsource IT to MSPs find that the specialist services improve security and create a better employee experience.
MSPs bring operational maturity to your business. Processes and practices that you may not even be doing yet will be implemented, making your company more mature, secure, and effective.
Further, Many MSPs provide 24/7 IT support, meaning that employees can reach out at any time for tech resolutions.
What are IT Co-Managed Service Providers (Co-MSP)?
When considering outsourced IT, some businesses elect to explore co-managed services for their flexibility. Through co-management, MSP specialists work directly with an in-house IT department to strengthen specific IT services such as identity management, device management, user support, technical account management, advance security, etc.
For firms choosing co-management, the internal IT department can focus on projects that drive business growth or implement a new capability. Meanwhile, the Co-MSP can work in the background on the day-to-day items that need to be done to keep the business secure and employees productive.
What are the Differences Between a Modern and Traditional (legacy) MSP?
It is important to recognize that not all MSPs are the same. MSPs fit into one of two categories: Modern MSP and Traditional MSP.
At the crux, traditional MSPs focus predominantly on the in-office work model and rely on on-prem infrastructure. Modern MSPs embrace the concept of ‘Modern Management.’ Modern MSPs aim to support modern work, which includes remote, hybrid and office workers, and relies on cloud infrastructure.
Selecting the wrong MSP affects your business’ technology for years to come. Below are some of the glaring differences between a Modern MSP and Traditional MSP.
1. Zero Trust Architecture
TRADITIONAL MSP
Traditional MSPs do not use a Zero Trust network. They operate a “Castle and Moat” model – wire up the building, put all the computers inside with servers in the basement – meaning their infrastructure is built to keep data safe on premises. This works well for in-office workers but leaves the company vulnerable to cyber-attack when employees are working outside the building and using unprotected smartphones. Often, you’ll find traditional MSPs using technology like VPNs, Firewalls, and on-site servers.
If an attacker does get into the private network, there is nothing that prevents the attacker from moving laterally. Once a successful connection is made, the entire internal network is available, and the attacker only needs to find an admin password to grab (or encrypt) everything you have.
MODERN MSP
Modern MSPs embrace Zero Trust as the gold standard for security. Zero Trust assumes all devices are untrusted and cannot access company resources until proven otherwise: Guilty until proven innocent.
This is typically achieved through device attestation, conditional access policies, and multi-factor authentication. Zero Trust means verifying who, what, and where each time a user tries to access a file or data. It happens in a fraction of a second, so it is invisible to users. However, it stops attacks at the door. If an attacker does manage to get in, there is no way to move laterally, and accessing admin credentials is nearly impossible.
When a user is granted access, it is only to that file or data, and only for that session. There are even checks that occur during use to ensure an attacker hasn’t compromised credentials during a session. When a compromise is detected, admins are alerted, and access is immediately halted.
Zero-trust reduces costs by reducing the need for a VPN, firewall, and virtual machines. It increases security by dynamically applying rules each time a resource is accessed. With Zero Trust, Employees can access their data on the go from any internet connection, without the need for cumbersome and throttling VPNs and virtual machines.
Traditional MSP
A traditional MSP will attempt to require end-users to update devices through a VPN or by physically bringing the device into the office. This is largely due to their “Castle and Moat” strategy which makes it quite difficult for hybrid and remote workers to get the updates they require.
As a result, remote and hybrid workers don’t get the updates they need. Their OS frequently goes stale and exposes a large number of zero-day vulnerabilities which cause major security concerns.
Modern MSP
Modern MSPs deliver Over-the-Air updates to all machines from laptops to mobile devices. Using cloud technologies like Microsoft Intune, Modern MSPs deliver deployment rings of updates and patches regardless of the location of the device.
In result, end users’ devises regularly receive patches for security flaws, feature updates, and performance improvements which contribute to your business’s overall security posture.
3. Passwordless Authentication
Traditional MSP
Traditional MSPs use credentials in a very antiquated fashion, attempting to safeguard environments through the use of a username and password. This philosophy was a great invention in 1961, but cybercriminals now see passwords as low-hanging fruit for an attack. An average knowledge worker now has close to 100 passwords between work and personal life. Many people use the same password across work and home – if their password gets exposed to some personal site, your business is at risk.
Most importantly, though, a password is something you know and that means a cybercriminal just needs to convince you to tell them what you know, and they are in. This is why phishing has become such a popular method of attack.
Modern MSP
Modern MSPs embrace passwordless authentication. This strategy leverages multi-factor authentication, conditional access policies, authenticator apps, YubiKeys (FIDO 2 Keys), and biometrics. Passwordless authentication relies on layers of security not available using traditional password management, ensuring the security of your employees’ identities and company data.
The way an MSP manages passwords is also a major security consideration as 80% of security breaches involve compromised passwords.
Enabling MFA for all employees eliminates 99.9% of account breaches, and when combined with a Zero Trust Architecture, leads to much stronger security.
Passwordless authentication relies on more than just something you know (password). It relies on something you are (face, fingerprint), and something you have (authenticator app, Yubikey, smartphone).
Phishing attacks become pointless. If you get an email requesting to provide a password, it will seem very odd. With a Modern MSP you won’t need to use passwords as employees will log in with their face or their fingerprint. Cyber-criminals cannot trick employees into giving away their faces.
4. Cloud Data
Traditional MSP
Traditional MSPs store client data in on-premise servers using network storage. This type of file storage worked great when computers and employees were always in the building. In fact, it has been the dominant model for file storage for nearly 40 years. However, now that employees are working on laptops and smartphones, and are working from outside the building on a regular basis, accessing network drives is both inefficient and costly.
First, accessing network storage remotely means users need VPN licenses. Licenses for VPNs raise costs, and when a large portion of a company’s workforce is remote, the VPN can become a bottleneck, reducing efficiency. If employees have to wait for a file to open, they aren’t being productive.
Second, network storage lacks modern features like live collaboration and automatic file backups. This leads to problems like having 6 versions of a file. Files get emailed around and changes get lost or added to a stale version. Ever seen a document with “v3.2 final (new)?” That’s indicative of a legacy mindset and environment.
Third, the infrastructure has to be purchased, managed, and protected. This is both costly and difficult to do well for small and medium businesses – even when managed by a Traditional MSP.
Modern MSP
Modern MSPs have their clients use cloud data. Cloud data is accessible from anywhere and relies on the strong protections of Zero Trust Architecture to keep data safe. Cloud data has several benefits.
First, cloud data can be accessed by any employee from any internet connection. This means employees are safe to work from anywhere.
Second, with cloud data, there is no infrastructure to purchase, maintain and secure. This lowers costs for companies and lowers the cost of service delivery for Modern MSPs.
Third, cloud data brings many modern capabilities like automatic file backup, live collaboration, and the ability to share links to documents instead of emailing attachments. When links are shared, if an email goes to the wrong person, that person cannot open the file so no breach will have occurred.
In addition, personal files can be synced to the cloud, so if a user loses or breaks a device, the data is already backed up and can be downloaded to a new machine in a few minutes.
5. Device Setup (Zero Touch Provisioning)
Traditional MSP
Many businesses have become accustomed to heavy friction and long waits in their onboarding process when it comes to hardware. The reality is that there is no longer a need for any delay when onboarding new employees.
However, traditional MSPs still manually provision devices by using a technique called “imaging.” Imaging means literally cloning a ‘golden image’ from a master copy to a computer. This image almost always includes security settings and may include a package of applications and drivers. Imaging overwrites the information on the machine so there is no undo – to reset a device has to be imaged.
In many cases, devices can only be imaged while on the local network, meaning that a Traditional MSP has to physically handle the device before it can be shipped to a customer. Imaged-based device management usually results in 2 – 3 days turn around to get a device in the hand of an employee.
The golden image requires constant maintenance and upkeep to stay current. This is a huge drain on resources and increases costs considerably. Further, it is very difficult to configure a golden image to be modular. For example, it is rare for a Traditional MSP to be able to support a build for accounting, another for HR, another for sales, etc.
Imaging was a great invention in 1995. It’s a drain on resources and productivity to modern work.
Modern MSP
A huge difference with a Modern MSP is the ability to manage ALL device types. Modern technology allows MSPs to secure Windows, macOS, iOS, iPadOS, and Android devices. It even allows data to be secured on personal smartphones and tablets without requiring the employee to give up control of the device. The technology is called Mobile Application Management and it protects company data within the apps used for email and productivity. Employees can email, use Teams, Word, Excel, PowerPoint, and more safely from their own phones.
The technology to support this lives in the cloud. It uses profiles and configurations, then subscribes users to those profiles and configurations based on the work they do. It is easy to set up a profile for accounting, another for HR, another for sales, etc. You can also separate security settings from applications. In other words, with modern technology, you can create modular configurations easily and they can be maintained easily. They also don’t have to be updated each time a patch comes out.
Another benefit is that the profiles and configurations sit on top of the Operating System rather than overwriting it. This means you can do a rollback without needing to completely wipe and restore the system (image). With Modern device management, a laptop can be configured over the air in about 30 minutes.
With a Modern MSP your employees will have a device in hand on day 1 and should be up and running in their first hour of work.
6. Remote Support
Traditional MSP
Traditional MSPs rely on local IT resources or a local IT service provider to address hardware and software issues. They will typically provide 8-5 help desk support for employees.
On-site support is touted as a huge advantage, but under the hood, it is really a necessity because of the on-premise infrastructure and network design.
Modern MSP
Modern MSPs understand that work is not exclusively conducted during traditional office hours. A modern MSP will provide 24/7 help desk support with more around-the-clock support options like live chat and support via mobile app.
Modern MSPs use matured support tools that eliminate the need for on-site support and also allow for self-service and tighter SLAs.
Because the infrastructure is in the cloud, there is no need to come to an office and physically replace a server hard drive or perform a restart.
There are no account lockouts because users leverage passwordless authentication. There are no VPN issues because VPNs aren’t needed. A customer using a Modern MSP will likely see a 25% reduction in tickets and a corresponding increase in productivity.
All this is possible because of the technology used – something a Traditional MSP cannot match.
How will outsourcing IT to a Modern MSP benefit my company financially?
One of the most compelling reasons to outsource IT is to save on costs. A Modern MSP can save your business between 15-30% in total IT costs compared to a Traditional MSP. They do this by reducing the need to hire on-site reps and using modern technology that is fundamentally cheaper to deliver.
A Modern MSP can also ultimately save on your bottom line by reducing support tickets. VPN calls are eliminated, password reset calls are eliminated, and lockouts are eliminated.
Device tickets will be reduced as over-the-air management leads to a smoother experience. Servers won’t go offline as the servers are managed by Microsoft – you just pay for usage. Employees will experience less downtime and will be productive whether in the office, or working remotely.
There will be less infrastructure required and fewer 3rd party vendors required. This leads to a more streamlined operating model, and those cost savings are passed on to you.
Perhaps most importantly, outsourcing IT to a Modern MSP reduces your chance of a cyberattack. The average cost of a cyber-attack for an SMB is $108,000 and 1 in 4 SMBs have reported being breached in the past year.
Modern MSPs leverage innovative methodologies like Zero Trust Architecture. Zero Trust solutions reduce your chance of breach by 50% and deliver a three-year 92% return on investment. That considered, your business will ultimately save big by securing environments with the expertise from a modern MSP.
Conclusion
When looking to outsource IT services, we strongly recommend seeking a Modern MSP to provide stronger security and a frictionless employee experience. A Modern MSP will position your business to efficiently harness new technology and ultimately save you big on your bottom line.
For more information on our offering check out Modern Endpoint Management or contact us.
Contact us to learn more About Modern Managed Services
Taylor Hopper
Taylor is the Business Development Manager for Mobile Mentor’s Modern Managed Service, based out of our Nashville, TN office. Taylor has worked with numerous Managed Services Providers and SaaS companies throughout her career, and enjoys finding the right technology solutions for today’s modern business problems.