Archives For var

Is Your MSP Business Growing?

How Many New Logos Did You Pick Up in 2015?

That was the question I started with in last nights Check Point/Tech Data event just outside of Boston. From the hand raises it looked like many groups I’ve spoken to in recent months.

Everyone has an MSP offering – meaning there are thousands of resellers offering basically the same thing…and most don’t see big growth.  2016 will probably show a decline in sales – and if you’re hoping to sell more product, forget it. The cloud really is hear to stay. Of course everything seems to go in cycles, so maybe we’ll move back to mainframes next, and then a new type of Token Ring network.

If you’re in sales, you know the technology is not all that important. Conversion is what matters. Do you have something people are interested in, need, and are willing to spend their hard-earned cash on? Last night I shared pieces of a presentation I use to convert small business audiences through lunch & learns. The point of the message is this: Everyone needs more security. This will become even more critical over the next 12 months as many companies adopt more apps, more cloud, and more BYOD. $1 HC Book Ad

The problem is, small business owners are limited on budget. If you ask them, they don’t need more security. In fact, they don’t need more of anything…well, what they really need more of is retained earnings and working capital.  Better workers would be a plus.

But the truth is, they really do need more security. They just can’t see it. If you had a way to attract them into an educational session, with a message that clearly explained the need…and brought them to a point of wanting to know where they really sit (Assessment), would new business result?  It would.

The core message I presented last night comes from my book, The House & The Cloud.It points out the one BIG mistake just about all companies have made. Their security centers around firewalls and passwords. There is no detection, and there is no response. And that means, once a breach occurs, they won’t know it for at least 14 months (According to the FBI – and it could be a lot longer.)  Next step – enter the Assessment.

Our meeting ended with Tech Data and Check Point offering qualified resellers a seat in the SVLC Security Sales Mastery Program…the only training program I know of specifically designed for resellers, to teach them how to sell more security to business leaders.

© 2016, David Stelzl

P.S. Looking forward to presenting this later today in NYC. – Sponsored by Ingram Micro.

ingram

 

BigData2016 Will Be The Year of Big Data

So What Does Big Data Have To Do With Managed IT?

In case you haven’t noticed, Managed IT is getting harder to sell. It’s a commodity. The Monthly Recurring Revenue is great – and you can probably ride the contracts you’ve landed over the past decade for a while. But don’t stop innovating – your churn rate will eventually catch up.

The future CIO and SMB business owner (company size doesn’t really matter), needs better intelligence. Specifically, they need analytics to help them navigate two areas. First, analytics will provide insights on customer behavior, experience, and engagement – a critical component of competitive advantage. Second, they need to know what’s happening with data security as they adopt new technologies to serve their client.  It’s this second area that every managed IT provider should be investigating right now.

Here are some things you should be adding to your offering right now:

  • UTM Firewalls that include the detection elements – sandbox technology, data leakage protection, malware (specifically bot) detection, intrusion prevention, etc.  Both Fortinet and Check Point have some compelling offerings worth checking out in 2016.
  • Centralized management and analytics – some way to watch over the UTM firewall, 7 by 24, with reporting that makes sense to the customer.
  • SIEM technology. For those in the SMB market, this is somewhat new. In the past, event correlation has been expensive and complicated. However there are some technologies out there that are  now making this possible. Arctic Wolf might be one to check out. Alien Vault also have some compelling technology, however the barrier to entry may be too high for most in the SMB space.
  • Continuous Scanning and Periodic Assessments – in my book, The House & the Cloud, I present the Impact vs. Likelihood Chart. Understanding which threats matter and what their likelihood is, will be essential to getting your client to invest in the right places at the right time.
  • Policy management and compliance. Finally there are some SMB focused tools to help with online policy development and management. Check out The Compliancy Group ad on the sidebar of my blog as one option.  I expect compliance requirements and enforcement to grow in the coming year.

It may be that most of your clients are too small right now to invest in these higher end programs. However, the day is coming when they will need them. Start finding ways to provide this, add it to your line card, and set a goal of closing at least one this year, giving you a case study to use in your marketing.  Showing this level of capability will set you apart from the thousands of other MSPs who say security, but really mean, “Firewall Management”.

© 2016, David Stelzl

********************************************************

If you’ve not read The House & The Cloud – now is the time to read it. This one book can open doors you’ve only dreamed of opening in the past. It will equip you with a message designed for 2016.

$1 HC Book Ad

 

 

 

appleHow Quickly Are You Responding to Your Customer’s Needs…

Time is important. The way you view your customer’s time just might be the most important part of your offering. Three recent interactions over the past week underscore just how important this is.

Apple Has Great Support

I mentioned in a post the other day that my daughter had been contacted online by a fraudster offering support. She called me in before paying the fraudulent charge, but I still went to Apple to make sure we were doing the right thing.  Apple was easy to contact. My daughter’s system is not new. In fact, it’t time to upgrade. But contacting support was easy, fast, and free regardless of the date I made the purchase. Using the online chat software I had my answers in less than 5 minutes, and the instructions on what to do were easy to follow.

American Airlines Calls You Back

My airline travel was down last year due to more online programs – so I lost my chairman status (USAirways). As a chairman member I always got immediate service.  Now that I no longer have the privilege, I have to wait in line like everyone else when calling in with a problem or question.  Last week was my first call into the now merged AA and USAirways company.  While the wait time was over 15 minutes, the automated system did take my cell number and call me back.  This is a great service for support organizations that don’t have to give immediate assistance. Sure enough, about 30 minutes after I placed the call they called back. I was connected immediately without being tied to the phone listening to hold music and marketing announcements. MMS Blog Ad

Quickbooks Makes You Wait

On the other hand, I had a Quickbooks App issue this morning. My first contact was with a woman who didn’t really speak English. Make sure your people speak the language of the people you support. I’m okay with a slight accent – we get that between northern and southern US. Not a problem.  But this was “Broken Engrish”, and very hard to understand.

She must have asked me 3 or 4 times which version I was using. For some reason she didn’t understand me either. When we finally agreed that I was on a Mac using the App, she told me I needed to talk with the online support team. Before placing me on hold she informed me that Quickbooks does not allow the support team to call out.  So waiting was the only option.

18 minutes later I am on the phone with online support. When I told him I had a Mac with an App, he simply said, “You have to uninstall it and reinstall it. We don’t support the App.” When I complained that the first person should have told me that, he insisted that he had told her to tell me that on the phone. I’m sure he did, but for some reason she did not relay the message. He apologized for wasting half an hour of my day and we hung up.

Computer support is critical. Most of us spend the entire day doing something on a computer. If you’re in the managed services business your clients should be support contracts, not T&M, and the support should be nearly instantaneous.  If you support the security side of your client’s business (which is a must these days) your response time is even more important.  The good news is, fast, quality support is worth paying for when you make money using a computer.

© 2015, David Stelzl

virus blueWhy Urgent Issues On Your Security Assessment Report Don’t Sell The Next Step

Have you ever wondered why the client doesn’t jump on the chance to implement your recommendations when you complete an assessment?

One of the most frustrating things in the security business happens when you complete an assessment. It seems like at least 90% of the assessments I’ve been involved in or read the report from, have several urgent issues. Gartner and I both have stated that 80% of the security budget is spent on keeping people out, but in my book, The House & the Cloud, I make it clear that detection-response is the only strategy that works.  Yet, clients rarely implement the recommendations that come from these reports.  They pay to have them done, listen to your findings, and then move on to other things. Why?

What’s Really Urgent? Hint: It’s Not Old Equipment or Missing Patches

I was meeting with the President of a technology  reseller two weeks ago in a 6-Hats Strategy session, going over the assessement process.  This fall he’s signed up to do at least 15 assessments before year-end, but if they don’t convert to managed services contracts, he won’t be happy.  History shows us that only about 15% will convert to more business unless he changes something.MMS Blog Ad

As we went through the 6 Thinking Hats Brainstorming Session, his list included things like missing patches, open ports, and free or non-existant Anti-Virus software. These all sound urgent, but they’re not! Not unless you can tie these issues to something more concrete. For instance, if you’re assessment comes up with no Anti-Virus software (of course most companies today would have something for AV), but there’s no sign of malware, you’re going to have a hard time convincing the CFO or frugal business-owner to spend more money.  Same thing with outdated software or hardware. If there’s no sign of danger, they probably won’t move to remediate.

Assessment Sales Depend On Impact and Likelihood

If you want to sell the next step, you have to take the next step in the assessment process. This is clearly spelled out on page 194 – 199 in The House & The Cloud, 2nd Edition. The next step is looking for the issues that should exist when a company fails to do the right thing.  Symptoms are enough to get a response. You don’t need the deep dive technical  analysis on what a particular botware application is doing. If they have one, it’s bad even if a marketing company put it there. If the marketing company is able to install bots on a network, the bad guys can do it too. Don’t worry about what the bot is, just find it.

If the systems are missing security patches, look for evidence of tampering, foul play, or unauthorized activity.  Keep asking yourself, “So what” for each issue you find, and tie it to a business problem. Find evidence of that problem, and you’ll have justification.  Don’t just say – your port is open. No one cares.

© 2015, David Stelzl

P.S. If you want to sell larger security deals, click the ad above and see if you qualify for a free seat through one of the many hardware vendors who sponsor this training!

Adding Security to Managed IT

Security is the most important part of your managed program.

Last Thursday I spoke to resellers in Atlanta, sponsored by Check Point Software.  This all day event included several important updates for resellers on what to consider in your managed program.  Keeping patches up-to-date and backing up data is important, but just about any reseller can do this.

What Small and Medium Size Businesses are Missing is the Ability to Detect Security Issues  

Following my session, was an excellent overview on how Check Point manages security at the end node. Small businesses are not going to stop their people from using their own phones and tablets for work (BYOD).  So how will these companies stop all the mobile device malware coming out?  This is a perfect role for the future SMB MSSP.  Can your company detect when a mobile device has been compromised? Are you able to help your clients make sure unauthorized users are not connecting to their wireless network? What about monitoring their IPS or correlating their events and providing reporting to show attacks you are blocking?  It’s all about intelligence. Helping small businesses (the businesses most targeted by today’s hackers) detect when someone is trying to access their data, and then responding to stop it.

It’s Not Just Technology – Marketing Science I Needed

In my session I showed how resellers should market and sell this. Not all business owners immediately see the need. As an example, the event I did last week in Richmond had over 30 attendees – every attendee (with the exception on one person who left early) signed up for an assessment provided by the hosting reseller. But I can tell you, not all of these attendees thought they had a need when we started the meeting. It was only after they heard the message.

This is the place to start.  These attendees where business level people, interested in keeping their businesses safe and growing. Assuming they are pretty safe, their focus is on profit and growth.

They may not all need more security, but the assessment process we are using is designed to uncover urgent issues such as compromised end nodes. If we don’t find problems, they should just keep checking. But we almost always do.

I spoke with one reseller yesterday who performs several assessments every month. While just about every assessment shows urgent issues, his assessment-to-project conversion is only about 15% (Which is average for our industry). Something is wrong here. If all of the assessments reveal urgent issues, why is the conversion rate so low?  It’s the assessment process. It’s designed to uncover vulnerabilities, but not designed to convert clients.

In my session I reviewed how to move business people from thinking they are fine, to understanding the truth about security. From there, we talked about how to assess and convert, to help businesses take the right actions to keep their data secure. Once things are under control, the MSSP offering should be designed to maintain an acceptable level of risk.

Providing this to your customers will make you one of their most important strategic partners.

© 2015, David Stelzl

P.S. if you’re interested in selling more security, consider the Security Sales Mastery Program – contact us to see if your company is eligible for training sponsored by Check Point Software, or one of several other well known security manufacturers.

Spkr-web1

 

       

This morning I am preparing to speak to Cisco channel managers, account managers, and channel marketing. The topic – Event Marketing. 

Challenging Presuppositions

Years ago Tim Ferriss, Author of The 4-Hour Work Week figured out how to accomplish more in a few hours than most of his sales colleagues could accomplish in an entire day.  How did he do it? After hours upon hours of unproductive cold calling he decided to step back and analyze the process.  The gatekeepers were always getting in his way – no one would let him speak to the decision makers.  So instead of making his calls during work hours, he simply moved to 8:00 AM, calling for 30 minutes, and then picking up again at 6 PM for another 30 minutes.  In no time he was closing more meetings than any of his peers. 

Tim shares a story in his book of how he won the Chinese kickboxing National Championship by studying the rules and changing the game to create an advantage.  He writes in his book, ” Sports evolve when sacred cows are killed, when basic assumptions are tested! The same is true in life and in lifestyle.” Tim’s process was revolutionary – but senior management has caught on, and in my recent CIO meetings I understand that they don’t want to hear from you before their administrative assistant shows up.  So now what?

Traditional Lunch & Learns

This past week I spoke with two different manufacturers about lunch & learns.  In both cases my clients – both resellers, were working on funding for events they are planning.  In both cases the vendor sponsor was skeptical about sponsoring me to speak. 

My events are different.  I counsel my reseller clients not to let vendors do the speaking, and I insist on inviting executives.  “That’s not the way we usually do it.”  Both companies made this statement…but what are the results of the typical event? 

It’s like Tim Ferriss’ cold calling.  Traditional lunch & learns are drawing small audiences of technical people, reporting high attrition rates (like 50% of those signing up never actually get there), and no measurable return on investment. The measure of success I hear all too often is, “How many attended?”  That’s like measuring sales by asking, “How many calls did you make?” – what does it matter.  If you don’t generate any gross profit, what’s the point?  And if you managed to make your entire quota on one call, why do you need to make 100 more calls?  A second call might get you to your accelerators (assuming your compensation plan has this feature built in.)

Changing the Rules

Why am I so stubborn about how the event happens?  Several years ago I started challenging the assumptions.  Why does the vendor have to speak?  Does it lead to more sales? Don’t get me wrong here,  I don’t care if they speak – but let’s not speak just to have a role in the event, or just to feel important.  The only question everyone should be asking is, “What is the purpose of having the event and are we achieving that purpose?”  From what I can tell, there are two reasons to have an event:

1. To reignite old buyer relationships.

2. To create new buyer relationships.

From the reseller’s perspective, these are the only two things that really matter.  Traditional cold calling doesn’t work – my clients all agree.  Tim Ferriss had a great idea, but it too has lost it’s savor.  Lunch & learn events with IT people have been around for ages, but they aren’t producing.  Why? Because technical people don’t have any money. 

So I started looking at the buying process.  The seller needs time in front of a decision maker, but there has to be a compelling reason for that meeting.  Decision makers are business people. They spend money for one of two reasons: to make more money, or to mitigate risk.  That’s it – simple, just two reasons.  Then I started looking at events in general.  What makes one event a major success, while another has almost no attendees?  Why do some events lead to 1000 people making major life changes, while other events lead to no measurable change at all?  It’s the speaker – and the motivation they provide to make a commitment, change something, or move in some direction.  It’s a conversion process, and there’s a simple formula to make it all happen.

So 10 years ago I joined the National Speakers Association and started studying great speakers.  It’s not the product they sell (Every motivational speaker worth their fee has a book or DVD set.)  If it was, they would simply set up an online store and go on vacation while the money rolled in.  They can’t do that. Most speakers sell their products at the conference or seminar.  Their book sales online are mostly unmeasurable.  But at the conference, they often sell enough product to double their speaker fee income.  It’s the speaker’s passion, combined with a life changing message, delivered to an audience that has the authority to make the commitment or accept the challenge. 

This morning I’ll be sharing the basic principles of event marketing success.  Why would anyone want to continue making dozens of unproductive cold calls five days a week when they can sell to 30 or 40 people at one time in one hour?  I have found that with the right message, at least 60%, and on average 75% of the audience will respond to the right message.  If the right conversion product (assessment or strategy session) is offered, they’ll sign up.  This leads to multiple meeting opportunities.  If you don’t close business after all of this, you can’t blame it on the event – but you are way ahead of where you would be on a cold call.

© 2013, David Stelzl

 

Lexington Airport

Lexington Airport

Yesterday I met with over 60 business leaders in Lexington Kentucky, representing more than 40 companies, along with NetGain Technologies and representatives from Cisco Systems…I shared with them some of my major concerns in the area of cyber security for the coming 12 months.  Studies show that over 80% of small business leaders are not concerned with security, feel they are pretty safe, and consider the Internet a critical part of their IT infrastructure.  Yet, nearly the same number have no formal security plans, have no way of detecting an intrusion, and worse, 90% of Visas reported cyber incidences come out of small business.

At the end of our session, NetGain extended an offer to provide a some simple tests that would allow their guests to see if they have been under attack.  The FBI tells us that it is often more than 14 months before this type of intrusion comes to light – often too late to recover. Some simple diagnostic tests can often prevent a disaster down the road.  Just about every attendee agreed that this was a necessary next step in the right direction – over 70% scheduled right there in the meeting and will be conducting these tests over the coming three weeks.  Several of the larger firms also committed to getting more user awareness training into the hands of their end-users.  This is by far the biggest point of vulnerability and must be addressed by business if they plan to protect their data.

© 2013, David Stelzl