Co-Managed MSP services don’t always work out as planned.
Bad matches between clients and their MSPs are a two-way street. One company’s best-in-class MSP is another organization’s worst-in-class IT provider.
On the other hand, a very mediocre MSP can serve a business that is way out of its weight class, but not without substantial risk to the client.
Mismatches are more complicated when your MSP is sharing IT management responsibilities with your in-house technical team.
What can go wrong? I will draw on eighteen years of first-hand observations to present a quick review of three perennial Co-Managed IT/In-House IT problems and what you can do to avoid them.
#1 - Strategic Misalignment
IT system architecture, design, and support are ongoing strategic priorities that require understanding and buy-in from the top.
The success of your mission and growth trajectory is closely correlated to consensus (and enthusiasm) from a broad coalition of asset owners who should inspire the rest of the team to embrace the technology enablement process. Just say no to compartmentalization!
Is your in-house IT team onboard? Do you have an experienced IT Director you trust to call balls and strikes objectively? Does he or she have capable associates?
Get your prospective MSP and all IT stakeholders in the same room or Teams Meeting early in the qualification process.
Observe the reaction and rapport between members of your technical team as they’re fielding questions about the business rationale behind the design of your IT stack.
You don’t need to be a vCIO or Senior Network Engineer to tell when someone is out of their comfort zone or threatened. Don’t ignore your intuition or first impressions from this encounter.
Suppose your company is in disarray about strategy and tactics. In that case, the MSP is set up for failure in the same manner an Oscar-winning actor can’t turn a terrible screenplay into a successful movie.
Learn More: The vCIO Superpower
#2 - The Status Quo
Your company may want to continue with the way you’ve always managed IT operations. And plenty of MSPs will gladly accommodate this requirement.
The acronym for this time of IT provider is AFAB (anything for a buck). If this is what you want, be sure to clarify this to overly confident MSPs who think they can change your mind.
Over the years, I’ve made several friends at prospect companies who never became clients but enjoyed the openness and good cheer throughout the qualification process. We’ve stayed in touch, and ProviDyn has received referrals for organizations that are better aligned with our business model.
The following examples are culled from actual conversations and demonstrate mindsets that are unlikely to change. The storylines (no exaggerations) are abridged for brevity and clarity.
Law Firm: “We don’t trust the cloud and want to keep all of our file shares onsite. If we decide to go with you, we require you to hire our dedicated engineer away from our current MSP. Our ISP services and phone system are a mess but we have to keep everything in place because the owner’s brother-in-law is the telecom vendor.”
Manufacturing Company: “We insist on keeping our current ticketing system, even if it doesn’t seamlessly integrate with yours. This is a non-negotiable because our IT team spent years trying to get it right.”
Property Management Firm: “We bought a premise-based file server so we can see our IT guys working on it. Otherwise, we don’t have any idea what we’re paying them for.”
These three examples reflect old-school thinking where MSP services are viewed as a raw commodity, one step up from HVAC repair. None of the scenarios are scalable, and their comments reveal little or no interest in the strategic value of IT.
Are you evaluating IT providers with your five-year business plan in mind? Do regulation, compliance, and cybersecurity framework expertise play a significant role in your decision criteria? If you answered “no” to both questions, an AFAB MSP would be a better fit.
Learn More: 5 Simple Truths About Managed IT
#3 – Master Services Agreement (MSA) Scope Creep
This section is a clarion call to read the fine print. And get very intentional about what is handled in-house and what is outsourced.
For the relationship to be successful, your MSP and IT staff need to stay in their respective lanes and avoid tripping over each other. For example, the MSP handles the backend infrastructure, and the client manages the user help desk.
Many MSPs offer procurement services to ensure every endpoint (workstations, switches, ISP connections, Wireless Access Points, etc.) is compatible with your environment. The goal of this feature is to promote standards that drive tighter security and higher quality of service.
If in-house IT ignores this guideline and purchases products and services independently, integration problems will ensue. As a result, support costs for the MSP will go up, and these increases will be reflected in your monthly fees.
Many MSPs have client infrastructure standards that necessitate upgrades and projects throughout the relationship.
The following stipulations are based on the technology lifecycle and quoted verbatim from a best-in-class MSA:
- The client will ensure all equipment is under the current manufacturer warranty. Equipment exhibiting chronic failure, regardless of warranty status, may require replacement at the Client’s expense if it continues to cause significant business disruption.
- Infrastructure equipment, including but not limited to servers, storage devices, network devices, and any business-critical systems, must be protected by battery backup units in good working order with sufficient battery capacity for proper shutdown in the event of power failure.
- Software must be genuine, properly licensed, and vendor-supported.
- All equipment with Microsoft Windows Operating Systems must be up to date, and the Client agrees to provide adequate maintenance windows and ensure client devices are online and available for updates in accordance with Service Provider’s standard Patch Management Policy.
- Passwords must adhere to industry standards for length and complexity.
- Remote access to all Client systems and data must be via secured access methods, and Multi-Factor Authentication (MFA, 2FA) must be enabled for all systems where available.
- All Windows devices must be running the latest Anti-Virus software and updates as provided by Service Provider.
- All wireless network traffic must be securely encrypted, and guest wireless networks must be isolated on a separate network or VLAN.
Keep this in mind and plan ahead. The right MSP partner will be upfront about this and help you create an IT Roadmap and budget to guide your journey.
It’s imperative to understand potential problems before you commit to an MSP.
I hope these guidelines have increased your awareness and prompted some new to-do’s. Be on the lookout for future articles on this evergreen topic. I’ve only scratched the surface.
If you enjoyed this article, you might also like the related content in our free eBook.