Channel Chatter, Feb 21 - 28, 2024

This newsletter is in BETA, and feedback is welcomed and encouraged.? Anyone who joins in the beta will be included in the launch offer! ?The intention is to deliver a set of actionable insights into the discussions had by the community for vendors to leverage for execution. Does this deliver???

Channel Chatter is the parsing of the listening posts that the Business of Tech podcast has around the MSP community across discussion forums and groups to bring together insights and discussions that I think are worth considering.?? In considering the needs of MSPs by listening to them for the podcast, there are insights specifically for vendors serving the space to be shared.? That is this newsletter.??

There was a small conversation that speaks to the landscape.

I struggle with good assessments as a small MSP and was wondering if there’s anything to go off of. As in a standard for IT Hygiene instead of Security.

This conversation did not result in a ton of answers.

Start here and make your own spreadsheet to audit your clients:

For your own MSP you can go with CompTIA TrustMark. It’s based on a combo between CIS 18, CMMC/NIST 800-171, HIPAA, NYS DFS 23 NYCRR Part 500.

That’s it.

Silence speaks, and the fact that this question didn’t provide more answers is telling. The IT services community is not shy for speaking up.

Was this a lack of knowledge of offerings? Was this a lack of interest? Or was this a lack of concern? I'm left without a clear answer, just as NIST has released the 2.0 version of their Cybersecurity Framework, which notably wasn’t mentioned as direct guidance.

I would hope that this answer gets a flood of definitive answers. It didn’t. It’s left me wondering how much to be concerned about and what this is a statement on.

The omission of NIST's Cybersecurity Framework 2.0 from the discussion points to a potential underutilization of existing, reputable frameworks. It could reflect a broader industry trend where the emphasis on cybersecurity overshadows the equally critical aspect of IT hygiene, which encompasses a more comprehensive approach to maintaining system integrity, reliability, and performance.

Vendors and industry bodies have a critical role in educating their audience about their products and how they align with industry standards.

And all of this is an opportunity for education.

As an important reminder for vendors, your customers don’t know your offerings.

I’m a ScalePad customer and I didn’t know this.

That’s referring to the Lifecycle Insights audit template within the product. On the upside, a clear justification for further cross-sell and upsell to your customers.

Thanks for reading Channel Chatter! Subscribe for free to receive new posts and support my work. https://mspradio.substack.com/

Topics of Interest

This section is a high-level summary of the major topics of discussion within the community during the time period. This gives you a sense of the questions the community is raising and what they are discussing.

1. Challenges in Attracting and Retaining Clients for MSPs. The conversation centers around an MSP's unconventional method of impressing potential clients by using a Guardz subscription to scan for leaked email accounts, which backfired as it was perceived as blackmail. This incident underlines the delicate balance MSPs must navigate in demonstrating value without overstepping ethical boundaries. Additionally, the discussion offers various strategies, such as targeting specific business verticals and offering unique services, highlighting the diverse approaches MSPs can take to attract and retain clients.
2. Cybersecurity Concerns and Solution Effectiveness. Conversations on cybersecurity reveal a broad spectrum of concerns, from the effectiveness of cybersecurity solutions to vendor-specific vulnerabilities and the challenges in implementing robust security practices. Discussions about vendors like Huntress and CyberCNS reflect the MSP community's ongoing search for reliable cybersecurity partners. The mixed reviews on various cybersecurity solutions highlight the complex landscape MSPs navigate, balancing effectiveness, cost, and client needs.
3. Vendor Strategies and Product Integrations. The integration issues between Syncro and Huntress reveal the technical and communication challenges that can arise between MSP tools and cybersecurity platforms. This highlights the need for better interoperability and support between vendor systems to ensure seamless service delivery. It underscores the importance of vendor collaboration and effective support channels in solving integration issues, which can significantly impact service efficiency and client satisfaction.

1. Security Update Clarity and Vendor Support Issues. The discussion around a security update from ConnectWise ScreenConnect emphasizes the confusion and frustration that can result from unclear communication about security patches. This situation highlights the critical need for transparency and clarity in vendor communications, especially regarding security vulnerabilities. It showcases the potential for operational disruption and security risks when updates are not clearly communicated, emphasizing the need for vendors to prioritize clear, actionable information in their updates.
2. Standard for IT Hygiene. The search for a standard equivalent to the CIS Top 18 for IT hygiene reflects a gap in the industry for comprehensive, universally accepted IT hygiene practices. This conversation points to the need for standardized benchmarks to guide MSPs in maintaining and assessing the health of IT environments. This topic is unique for its focus on a largely unaddressed area within IT services - the need for a standardized IT hygiene framework.

1. Software Outages & Issues. The conversation around the enterprise-wide outage at Change Healthcare due to a cybersecurity event underscores the significant impact such incidents can have on services and the critical importance of robust cybersecurity and disaster recovery planning. This discussion is notable not just for the scale of the impact described but also for the insights it provides into the cascading effects of cybersecurity incidents on managed services. It highlights the vital role of MSPs in preparing for, responding to, and recovering from such events, emphasizing the need for continuous improvement in cybersecurity practices.

Product Gaps

This section is intended to highlight “gaps” that appear to exist in the market, where a specific weakness or need is highlighted in terms of product offerings. This can also include potential gaps in the market. If you wondered what MSPs “wish things did”, that’s this section.?

1. Enhanced Integration and Interoperability: There's a clear need for better integration between different MSP tools, including RMM, PSA, cybersecurity solutions, and documentation tools. Products that offer seamless integration could significantly reduce operational friction and improve efficiency.
2. Comprehensive IT Hygiene Standards: The absence of a universally accepted standard for IT hygiene practices similar to the CIS Top 18 indicates a need for a comprehensive framework or tool that MSPs can adopt to ensure consistent IT health across their client base.
3. User-Friendly Interfaces: Multiple conversations highlighted dissatisfaction with the user interfaces of various tools, suggesting a significant opportunity for vendors to differentiate themselves by focusing on user experience design.
4. Cost-Effective Cybersecurity Solutions: Given the discussions around the effectiveness and cost of cybersecurity solutions like SentinelOne and Acronis, there's a gap for innovative, cost-effective cybersecurity tools that do not compromise on quality or features.
5. Telecommunications Management Services: The business idea around managing telecom accounts indicates a potential service gap in the market for MSPs to offer telecommunications management as a part of their service portfolio.
6. Documentation and Knowledge Base Tools: The need for efficient, secure, and comprehensive IT documentation tools was highlighted, suggesting a gap for innovative solutions that can centralize and streamline documentation processes.

Vendor Discussion

This section is designed to give you insights into who was “discussed” this week. These are vendors that were mentioned or commented upon, and not necessarily a specific set of complaints about the vendor. This may be a good opportunity to learn about a new name, or get a sense of who is in the zeitgeist.?It’s long. It’s intentionally long, to give you the firehose.

• Acronis: Mentioned for its Endpoint Detection and Response (EDR) solutions, Acronis is discussed in the context of cybersecurity, comparing its effectiveness and cost to competitors like SentinelOne.
• Arrow: Discussed regarding direct versus distributor relationships in network stacks, highlighting the strategic business decisions MSPs must make in sourcing their hardware and software.
• Avanan: Considered as an alternative to other email security solutions, indicating a market segment where MSPs are looking for reliable and effective security options.
• Barracuda: Mentioned for its shortcomings, indicating dissatisfaction with some of its offerings and the search for better alternatives.
• BitDefender: Discussed in relation to its antivirus and EDR capabilities, showcasing the consideration of various cybersecurity solutions by MSPs.
• Bvoip: Brought up in the context of AppRiver's user interface and customer support issues, highlighting vendor comparison based on UI/UX and customer service.
• Cisco: Mentioned in discussions about supporting cloud customers, indicating the need for MSPs to support a wide range of infrastructure tools.
• CloudAlly: Discussed alongside other vendors for dissatisfaction with user interface and customer support, reflecting on the importance of user experience in vendor selection.
• CompTIA: Recommended for its emergency response team, showcasing resources available to MSPs for cybersecurity incident management.
• Confluence: Recommended for IT Documentation and Knowledge Base, highlighting the tools MSPs use for internal knowledge sharing and client documentation.
• ConnectWise: Users express skepticism towards ConnectWise's motives and practices, indicating concerns about vendor transparency and partnership ethics.
• Control4: Suggested as an HDMI Matrix system vendor, showing the diverse technological needs MSPs cater to.
• Defender: Suggested as an alternative to Acronis or SentinelOne for cybersecurity solutions, indicating the range of cybersecurity tools considered by MSPs.
• Datto RMM: The current on-call alerting solution used, prompting a conversation about alternative solutions, showing the ongoing evaluation of tools by MSPs.
• Exclaimer: Mentioned in discussions about dissatisfaction with user interface and customer support, similar to other vendors, indicating the critical role of user experience.
• Fortinet: Discussed for its robustness and use in network stacks but with concerns about cost and recent critical vulnerabilities, highlighting the security and budget considerations of MSPs.
• Godaddy: Used for a domain sale, indicating the various services MSPs may manage for their clients.
• HaloPSA: Suggested in a conversation about creating an employee-centric MSP company, indicating the search for tools that align with company values and operational strategies.
• Huntress: Suggested as a cybersecurity solution, indicating its reputation in the MSP community for security offerings.
• IT Boost, IT Glue: Recommended for IT Documentation and Knowledge Base, showcasing the importance of documentation tools in MSP operations.
• Keeper: Mentioned in a discussion about the best product for IT Documentation and Knowledge Base, similar to other documentation tools, highlighting MSPs' focus on documentation and information management.
• Kaseya: Mentioned in various contexts, from contract renewal practices to issues with its agent software, reflecting on the complex relationship MSPs have with their software vendors.
• Lenovo: Discussed in the context of direct ordering and warranty information management, indicating operational challenges MSPs face with hardware vendors.
• Mandiant: Recommended for cybersecurity incident investigation, showcasing the external resources MSPs may leverage for specialized security needs.
• Microsoft Defender for Endpoints: Mentioned as a cybersecurity solution, indicating Microsoft's presence in the MSP security solutions space.
• NinjaRMM: Discussed as a disruptive RMM tool and for causing unexpected alerts, indicating the evaluation of RMM tools by MSPs.
• Novacoast: Mentioned in relation to SOC services for an upcoming solution, highlighting the partnerships and subcontracting relationships within the MSP ecosystem.
• OnPage: Offered as an on-call alerting solution, indicating the search for effective incident management tools.
• Ops Genie: Recommended for alert management and pricing, reflecting on the operational tools used by MSPs for service delivery.
• PagerDuty: Criticized for its lack of native services, indicating MSPs' expectations for comprehensive solutions.
• PagerTree: Praised for its SAML integration, indicating the importance of security and efficiency in MSP operations.
• Pax8: Praised for its API, pricing, and vendor offerings, indicating the value MSPs place on distributor partnerships that offer technological and financial benefits.
• ScreenConnect: Discussed in the context of security breaches, reflecting on the security vulnerabilities MSPs must manage.
• SentinelOne: Discussed for its critical CVEs and cost, indicating the critical evaluation of cybersecurity tools by MSPs.
• Skout: Described in negative terms, indicating dissatisfaction with some cybersecurity solutions.
• Sophos: Discussed positively as an alternative to other vendors, showcasing the ongoing search for effective and reliable cybersecurity solutions.
• StorageCraft: Mentioned in discussions about user interface and customer support issues, similar to other vendors, indicating MSPs' criteria for vendor selection based on user experience and support quality.
• TechPulse: Mentioned as an alternative for licensing 3 users and integration with Halo, suggesting it's a viable option for MSPs looking for solutions that require minimal resources.
• Terraform, Chef, Puppet, CloudFormation, Ansible: Discussed in the context of Infrastructure-as-code tools, highlighting the need for MSPs to adapt to and support these technologies as they become integral to cloud infrastructure management.
• ThreatLocker: Mentioned as part of a conversation on streamlining security solutions, reflecting the ongoing search for effective cybersecurity tools that offer both capability and cost-effectiveness.
• Timus, TwinGate: Discussed in the context of securing remote workers, indicating the exploration of various Secure Access Service Edge (SASE) and Zero Trust Network Access (ZTNA) solutions by MSPs.
• Todyl, Perimeter81, Sophos MDR, OpenBSD, Exium: Mentioned in discussions about securing remote work environments, showcasing the variety of tools MSPs consider for implementing comprehensive security measures.
• Ubiquiti, Engenius: Discussed for their use in network stacks, with Ubiquiti receiving mixed reviews and Engenius being considered as a potential alternative, reflecting MSPs' consideration of various networking solutions.
• Unitrends: Included in a discussion about streamlining and cost reduction in security solutions, indicating its role in the backup and disaster recovery solutions market.
• USA Parts Direct, Storage Parts Direct, Ingram, ServerSupply, WaterPanther: Mentioned in the context of sourcing hardware, particularly hard drives, showcasing the diverse sources MSPs use for procuring hardware components.
• VAR Staffing, Bowman Williams: Mentioned in a conversation about finding fully remote MSP roles, indicating the role of specialized recruitment agencies in the MSP sector.
• Verizon, AT&T, T-Mobile, Comcast: Discussed in a business idea about managing telecom accounts to save money, highlighting the potential for MSPs to offer telecommunications management services.
• WatchGuard, ESET, Malwarebytes (Threatdown): Mentioned as potential antivirus/EDR solutions for a small MSP, reflecting the diverse range of cybersecurity products considered by MSPs.
• Zerotier, Tailscale: Discussed in strategies for securing remote workers, indicating the exploration of VPN alternatives and network access solutions by MSPs.