Interviews - News - Analysis: For successful growth with Managed Security Services

Getting started with managed security services – from trust to trial and error to profitable services

Which solutions such as endpoint protection and firewall to start with? Which training courses for how many employees? Which customers to approach first? What are the most convincing arguments for SME customers? How do I recognize that I should not pursue the contact in terms of security now? When will "advanced solutions" such as XDR and MDR be added?

The start: from internal solutions to managed services

Benjamin Iheukumere, an experienced IT manager, reports from his practical experience: “It clicked for us when we realized that we could be more than just an IT system house.” The first step was to analyze internal products and consider which of them could be offered as managed services. One example of this is the managed firewall. Instead of just selling the firewall and the associated license, the company now offers a comprehensive service that includes regular updates and adjustments.

The day-to-day work of a technician in the managed services environment

For technicians, the switch to MSS means an adjustment in the way they work. Tasks are recorded in the ticket system and billing is carried out automatically against stored service contracts. Technicians can therefore concentrate fully on their tasks without having to worry about administrative processes.

Training and specialization

Another important aspect is the training and certification of employees. Benjamin emphasizes: “Employees who work on special topics are certified up to their lower lip.” This ensures that the technicians are always up to date with the latest technology and can offer the best possible security solution for customers.

The customer base as a starting point

In the initial phase, Iheukumere focused on existing customers, as they already had a trusting relationship. Familiar environments and infrastructures made it easier to introduce new solutions. The focus was on showing customers that antivirus programs are no longer sufficient and that more advanced solutions such as Endpoint Detection and Response (EDR) or even Managed Detection and Response (MDR) are necessary.

The path to higher performance

The development from simple antivirus solutions to EDR and MDR was an important step. Many customers first need to understand that these new solutions not only need to be installed, but also continuously monitored and adapted. Insurance companies are increasingly demanding the use of advanced security solutions such as XDR (Extended Detection and Response) in order to provide cyber insurance at all.

Marketing and sales: The importance of cold calling

A decisive step for success was the active marketing of the new services. As the company did not have its own sales staff, a telemarketing agency recommended by Sophos was commissioned. This campaign was successful and led to numerous new appointments and orders. “I will probably start the next campaign straight away this year, because it was fun and also achieved a good result,” reports Iheukumere.

'Employees who work on special topics are also certified up to their lower lip. This is very important to us in terms of security certifications.'

ibeco-Systems GmbH
Olaf Kaiser:

What were the first solutions for which you said that we would now turn them into a genuine managed security offering?

It clicked for us when we realized that we could be more than just an IT system house and become a managed service provider. And then we looked at our internal products and thought about which services we could take from them and turn them into a service. Not just say, sell it and we'll talk again in a year or two when the license has expired.

We were already relatively early on in our MSP journey in the security context with the topic of managed firewalls. It used to be done like this: firewall sold, license sold and if the customer needs a change, they just open a ticket. We then set up the Managed Firewall product. It contains a firewall that is suitable for the customer, it contains the licensing, which is also somewhat more modular with many manufacturers. And we also include our service in it, as we had already gained experience of how often the customer calls and says I need a change to the firewall or something like that. And how often do the updates come out per year and then we had a good calculation and stuck a monthly price on it. And then we realized that the same thing also works for the endpoint.

The customer also needs a piece of software, a license, there is maintenance work involved, logs may need to be checked, someone may need to look over it, because... what good is a security solution that is simply installed and nobody looks at the alerts? And... just like with firewalls, they simply stick a price on it and then offer it to customers so that they can go down the MSP route.

Olaf Kaiser:

What was the approach of the technicians?

If something needs to be done, the technician enters his times into the ticket system as normal and we in the management ensure in the background that a service contract is stored, for example, against which this is automatically booked. The technician sees that task X has to be carried out and then he enters his times for the customer in the ticket system and the technician doesn't have to worry about what happens behind the scenes in the billing.

Olaf Kaiser:

How do you determine which technician works on which topics?

In regular discussions with employees, we try to find out which area you feel most comfortable in and which area you find most exciting. And just as the employees bring their personal preferences with them, we also place the respective training courses and certifications. In our company, employees who work on certain special topics are also certified up to their lower lip. This is very important to us in terms of security.

Olaf Kaiser:

Let's switch from an internal to an external perspective. What was your experience in the early phase? With whom did you first try to transform this into recurring revenues?

We first looked at existing customers. These are customers with whom you perhaps have a somewhat closer relationship. These are customers with whom you have earned their trust as a service provider and with whom you can try things out. You work in familiar environments, you know the customer's network and infrastructure inside out anyway. It's much easier to implement new solutions there.

Olaf Kaiser:

What was your path in terms of endpoints and the development towards more sophisticated services? And the openness of customers to say, I have understood that the antivirus is somehow no longer 'state of the art'?

For us, this is the development from a simple AV to an EDR, to an XDR and finally to an MDR. As a service provider, you have to understand that first. It's not just something that I take off the shelf and sell and then I'm done. Things also need to be configured properly. The exceptions and the exceptions that I have to pack into it should be tailored to the customer and the customer's infrastructure. And the topic of EDR and XDR is also interesting from an insurance perspective. After all, many cyber insurers are now saying, what protection solutions have you established?

If it doesn't include at least XDR functionality, we won't insure it. The final expansion stage of something like this is when you add an MDR, i.e. a managed detection and response service. As a service provider, I can do this myself if I have the expertise in-house, but very few have it and if I don't have it but still want to offer it, then I take the MDR service from the manufacturer with me. For the service provider or MSP, it's a very nice business, because it scales almost infinitely. Because the effort is no longer really mine, it's the manufacturer's if there are security incidents.

Olaf Kaiser:

You have now decided to become more active in the area of marketing and sales.
For example, you have launched a telemarketing campaign.
How have the results been for you?

We do the major components of our security portfolio with the manufacturer Sophos. Then we said we wanted to grow in this area. And cold calling is an issue, you have to be born for it. I'm not, nor are any of us here. We have good technicians, but we don't have our own sales staff. And that's why we contacted a telemarketing agency recommended by Sophos and said that we would like to have new initial appointments with interested parties who are looking for a new endpoint solution. As a result, I made a lot of appointments via Teams. It's going very well, we'll soon be at the end of the campaign and once we're through, we'll have to start working through the orders generated. And I will probably start the next campaign straight away this year, because it was fun and also achieved a good result.

Profile

Thanks to consistent work and a clear quality philosophy, we have continuously developed ibeco - both in terms of the range of our services and in terms of personnel. Today, almost two decades after our foundation, we are an experienced team working mainly for clients from the SME segment to the upper midmarket. We owe our growth not only to our expertise, but also to the strong team spirit that has accompanied us from the very beginning.
ibeco-Systems GmbH
August-Euler-Str. 7
50259 Pulheim

Related articles

We want control.

When we have more control over things, and it sounds a bit strange that we want to have that control, we do it because it allows us to move the infrastructures that are a problem. For us, it was all about making sure that the people with us who provide the technology and the service cover the issue as quickly as possible and lose less time.

Appetite for risk.

Jason Fry, who has already sold an IT company in the UK and has been successful in the UK market with his start-up adnitor since 2019, talks about the managed security aspects that are important to him. Jason says, among other things, "we understand that the traditional way of supporting and managing IT needs to change". And what are the most important security services for him and what makes them successful? What is the "customer experience level" that is important to him as a supplement to the technical SLA?