Archives For firewall management

2016Will You Hit Your Numbers This Year?

Increasing Your Recurring Revenue May Be Easier Than You Think

Supersizing, asking if you want fries with that, and bringing out the dessert tray, are all strategies restaurants use to increase revenue. And they work!

My son is a manager at a local Charlotte restaurant. He tells me they are closely monitoring, and rewarding the waiter with the biggest check. Their wait staff are trained to sell, and adding things like dessert and drinks to the tab raise the profits significantly. Asking has a lot to do with selling.  But targeting those who are already eating is also a key part of the strategy.$1 HC Book Ad

How to Increase Your Ticket Per Customer Now

If you’re trying to increase your monthly recurring revenue number before year end, you have just 3 months to do it. Here are a few things to consider…

  1. Firewall Monitoring. If you’re already doing some level of firewall monitoring, are you actually providing 7 by 24 monitoring? If not, this is worth between $100 and $500 or more per month for small businesses. Do they need it? If they don’t have a solid detection strategy in place, and their data is important to them, this might be the place to start.  If you can’t do it internally, consider outsourcing it to a third-party security operations center like Foresite.
  2. Backup and Recovery. Do all of your clients have offsite, cloud based backups?  If not, a disk failure could be disastrous. Disaster recovery experts tell us that about 77% of restores fail. If they value their data, and their restore point objective (How much data they can afford to lose) is important, this might be a good add-on.
  3. Mobile Security. More threats are coming, targeting phones to steal login credentials and spoof email. Your clients are probably using their phones for business, but the adoption on mobile security software is still extremely low. Per device, it’s not a big number, but the lifetime value of this customer goes up significantly with a small add-on per mobile device.
  4. Advanced Firewall Features. Many of the small business firewall products are now available with add-on features like threat emulation, sandboxing, and SIEM-like features. Selling a firewall might be hard, but what about providing these in a Hardware as a Service (HaaS) offering?

How to Get Started

Contact your current clients, offer a security update or briefing (using the concepts in my book, The House & The Cloud), and move them to an assessment. Since they are your client, I recommend waving your assessment fee, using the steps outlined in my book (Above) on page 94 – 200. 

If you follow these steps, the likelihood is high that you’ll come up with problems. If nothing else, they probably don’t have adequate protection against ransomware, and their endusers probably need a more thorough understanding of ruses be used to con them into wire transfers, downloading malware, and giving access to fraudsters.

While a new prospect deal might take 3 months from start to finish, these add-on deals are more like the fries at McDonalds. The customer is standing there, you just need to make the recommendation.  Some percent of them will buy.

© 2016, David Stelzl


socWant to Sell More Managed Services?

Being the Low Cost Provider Never Works…

But don’t be the middle priced offering either. There’s absolutely no benefit…

Your only option is to move upstream. Kmart, Walmart, Target…they’ve all worked hard to be the low cost provider. And how is that working out? Well, Kmart is closing dozens of stores before year-end. Walmart has been sweating over Amazon, their chief competitor, for the past 12 months. Month after month, these big box companies are fighting over pennies.  Amazon’s model is the only one that makes sense. It’s membership driven, offering music, storage, and instant purchase options, and a growing level of subscription oriented, monthly recurring revenue.

But in the reseller technology business you can’t win on price. Keep lowering you per workstation price and you’ll soon have margins that are so thin, you’ll have to let your best people go.  Don’t do it. (You can find more strategies on this in my book, The House & The Cloud!).$1 HC Book Ad

Instead, start asking, “How can I upgrade to a premium level of service?” Take this one step further and ask, “Where is my niche market?”

Security Offers a Compelling Premium Service

You probably already offer firewall management. But as firewall companies like Check Point and Fortinet add advanced services such as threat emulation, sandboxing, and SIEM like technology, there’s an up-sell opportunity to provide the 7 by 24 monitoring aspect. Something your clients just cannot afford to do internally.

Don’t have your own SOC (Security Operations Center), or the team to do this overnight? You can outsource it through channel-only security providers like Foresite. For a small fee, they’ll take over the management, offering different levels of service depending on the size and need of your client.

Don’t Give it Away

Don’t give this away. It’s your added value to the MSP program – something not many service providers are offering right now.  Over time, begin adding security expertise to your team, and add some high-end security services to your offering. For instance, you might add virtual CISO services or take over the reporting and interface needed for auditors policing compliance regulations such as PCI and HIPAA.

One client I work with offers GLBA management to regional banks, leveraging new laws that require there be a compliance officer, independent of the IT department. How many small banks can afford to hire someone qualified to fill such a role? Not many. But a third-party provider is permitted and makes for a great add-on service offering.

If you’re getting beat on commodity pricing, start thinking about security services and how to add that premium level. If you just raise your prices, you’re likely to be out there with Kmart, closing down offices. If you only have one office, it might be a short ride to the end.

© 2016, David Stelzl

malwareWhat’s the Likelihood I’ll be Hacked Over the Next 12 Months?

That’s the question every business leader should be asking.

The answer – it’s likely.  Over the past week two of my kids have been hit by fraudsters. Neither ended up paying, but both were initially confused. Had it not been for the constant security awareness training that happens in our home, they might have paid the bill.

It could have been malware, but in this case it was a pop-up.  “Call Our Support Desk Now!  You’ve been infected by malware,” the message read. My 20 year old son had one on his iPad; my 21 year old daughter had one on her company laptop. Both came by inadvertently clicking on a pop-up ad.  In my daughter’s case, she did call the number to see what was up (her system was completely frozen at this point.)  The technician on the line wanted to access her system, which is no longer on any Apple support contract. For $250 he promised to set her up on an annual support agreement and remove the malware on her system.

At that point she called me in to talk with him.  First I asked him how he knew we had malware on this system.  He reported that he had received a message from our system telling him.  I probed further to understand what he was planning to do to fix our computer. His explanations were technical but vague. I asked him about malware, bots, and signs of intrusion.  He wouldn’t tell me specifically what the problem was. So then I started asking about remediation steps. Was this a scan, patch, firmware upgrade, etc. He couldn’t explain. It was clear he didn’t know what he was talking about, but he was adamant that we needed a solution. Finally I said, how do I know you work for Apple. He explained that his firm, BTS, was contracted by Apple for this type of support. I took down his number, thanked him, and called Apple. He was a fraudster.

In my son’s case, he simply called Apple support directly, ignoring the phone number on the screen. It too was fraudulent. Apple gave us the right tools to scan both systems to clear them of any adware or malware. And, using Apple’s chat software, the entire process was free.

Your Client’s Don’t Know Any Better

The problem is, your clients don’t know any better. What are the chances they would call and pay?  They’re working hard, trying to get through their day, and suddenly a message pops up, and like my son’s tablet, the system is locked. Apple walked my son through a hard-reset to get back to functionality. How many of your clients would simply call the number and pay the support fee?  Sure, if they work for IT, they’re probably savvy enough to do the right thing. But what about the countless office workers, especially those working in small businesses without dedicated IT support people?

Fortunately, in our case it was a simple hard-reset. It could have been ransomware, malware installed through a support link, or some destructive virus. The point is, your clients are highly likely to be hit with some sort of fraud scheme, malware, or ransomware in the near future. If all you provide is basic managed services, or possibly firewall support, these attacks will continue, and your client is likely to pay for it. Educating them on this is the first step. But then, every one of your clients really does need someone to monitor, detect, and respond to these types of problems. They will only get worse over time.

© 2015, David Stelzl