Interviews - News - Analysis: For successful growth with Managed Security Services

Ongoing development as a model for success with managed security services

Everything you need to know about setting up Managed Security Services: How is the security model structured? How do customers decide between the three modules for endpoint protection and what tips the scales in favor of the higher variants? What is the customer response to your managed approach? Does the monthly notice period play an important role for you? Which automations are most important to you?

Different service levels for different needs

One example of ProComp’s tiered security services is the different levels of endpoint protection. The basic package includes InterceptX Advanced, while the standard package includes the now standard Extended Detection and Response (XDR). For customers who take their security particularly seriously, there is the Premium service package with Managed Detection and Response (MDR) Complete, which offers 24/7 proactive protection. There is a simpler model for firewall monitoring: here there is only one service package, which is based on the size of the company. Companies with fewer than 30 employees pay less than larger companies.

The challenge of convincing customers

Andreas admits that it is a challenge to convince customers of the need for extended security packages. While new customers usually opt for the standard package, there are also existing customers who still work with the basic package. Intensive discussions are often necessary here in order to convey the added value of the new technologies. Another issue is how customers react to monthly costs instead of a one-off purchase. Some customers want to retain control and therefore prefer to buy licenses to ensure security themselves. However, ProComp explains to these customers that IT security is an ongoing process that involves identifying and minimizing risks at an early stage.

The importance of automation

One key to the efficient provision of security services is automation. ProComp has implemented various automation measures over the years to increase the efficiency and effectiveness of its services. One example of this is the use of the Sophos API to create a dashboard that provides an overview of all customers and immediately displays potential security issues. A Teams chatbot that notifies employees of security incidents is also one of ProComp’s innovative solutions.

Flexibility and future prospects

An important development in the area of managed security services is the flexible contract structure. ProComp has switched from fixed three-year terms to monthly contracts, which has been well received by customers. This flexibility allows customers to switch quickly if they are dissatisfied, which increases ProComp’s competitive advantage. Andreas also emphasizes that the continuous adaptation and expansion of services is crucial in order to meet the growing demands of customers. By working closely with vendors such as Sophos and constantly developing its automation processes, ProComp remains at the cutting edge of technology.

'There are events where we don't get notified by email, but the content is important for me to know so that I can provide my customers with the best possible support. And then a lot is possible with the API, especially with SOPHOS. For example, we have now built a Teams chatbot that can chat to our employees via Teams if something is wrong with a customer.'

MSP Journey · Managed Security Services · Sophos & Olaf Kaiser · Portraitbild Andreas Ernstberger
Andreas Ernstberger
ProComp Professional Computer GmbH
Olaf Kaiser:

What is the basic structure of your managed security portfolio?

Andreas Ernstberger:

In principle, our Managed Services are particularly interesting for customers who do not have the time or the know-how to take care of their IT security themselves. We have different packages with different products behind them. Our partner, which is no secret in this area, is Sophos. If we look at the endpoint, we currently have three building blocks: Endpoint Protection Service Basic, Standard, and Premium. In Basic, the InterceptX Advanced is behind it, so to speak. As some sources say that Extended Detection and Response is now state of the art, this is included in our Standard package, and customers who take the issue of security really seriously and want the best possible protection take the Premium Service, which then includes MDR Complete and ensures that the customer is proactively protected 24/7, because we can't do that as ProComp. Firewall monitoring is a little simpler. There is only one service package here, which varies according to the size of the company. We have a package for small companies with fewer than 30 employees, and it is a little more expensive for companies with more than 30 employees.

Olaf Kaiser:

What is your experience, is the decision between the packages an intensive discussion with the customer?

Andreas Ernstberger:

In the meantime, all new customers opt for the standard package because we say that this is the state of the art, and if you explain well what added value you have with EDR and XDR, then you can get customers excited about it. However, we also have a few customers from the past who still have the basic package. For them, there are already one or two discussions about why more needs to be done now. And that is one of the challenges of managed services. If you have manufacturers behind you who are constantly adapting their products and incorporating new features, you have to make sure that your service descriptions, contracts and much more are always up to date.

Olaf Kaiser:

How do your customers react to the fact that you don't sell software, but a managed service that incurs monthly costs?

Andreas Ernstberger:

Yes, of course there are such and such customers. There are customers who say, I want to be in charge myself. I can do it, I have the resources for it. Then they buy licenses, now in the traditional way. And then the admin doesn't look at the dashboard for three years, except when he downloads the installer again. But then we always try to explain to our customers that IT security in particular is an ongoing process. I have to find the needle in the haystack in my company as early as possible so that there are no major risks. And the customer's task is ultimately to inform us if there are any new clients or servers in the company so that we can integrate them accordingly. This also frees up the customer to take care of other issues such as digitalization and how to advance my company's IT technology.

Olaf Kaiser:

Now I've checked off that I'm allowed to pay monthly. And is there anything else you would like to clarify? There are other services that we are happy to do for you, but these will be invoiced separately.

Andreas Ernstberger:

Exactly, that's an important point and it's a very difficult undertaking, especially in the area of security, because assuming the customer has a cyberattack or something serious happens, then of course the costs for service providers can become almost limitless. That's why, as a provider, you have to protect yourself a little. Our service is: We react to detections. Let's take XDR as an example. As a rule, this is not yet a hard event where something malicious is prevented, but XDR detects suspicious behavior on some client. We are notified, but with a certain threshold value. Then one of us takes a look at it. This is all included in the monthly flat rate. But if we now determine that something needs to be done, e.g. taken offline or we need to analyze in depth, then this results in a charge based on time and effort. And our customers know that too. From my point of view, there is no other way of mapping this, because if I want to map all eventualities in my MSP model, then it can very quickly become very unattractive for customers in terms of price. We didn't want that either.

Olaf Kaiser:

How long am I tied to ProComp with these managed services? What terms do you offer your customers?

Andreas Ernstberger:

So when we got into the subject, we had a three-year contract term. But then the question usually came up, what does it cost if I simply license it for three years? And then he compared left and right and then the response was very often that the price difference was too great when extrapolated over the three years. And now we have monthly flexibility. We've already noticed a positive effect, because interested parties or customers know that if it's no longer suitable after two weeks, I can send ProComp a notice of termination and look for another provider.

Olaf Kaiser:

What advice would you give readers about the importance of automation between all these systems or interfaces? What are your experiences, where should one look if one wants to deliver these security modules efficiently?

Andreas Ernstberger:

Automation is essential. If you're new to the topic, as we were years ago, you can usually still help yourself quite well with the manufacturer's board tools. If something happens, I get an email alert, so I might need to have a bit of a process in my company or a strategy for how to deal with it and who to send it to. We have already implemented a few additional things via the API at SOPHOS. For example, a dashboard where you can see across all customers whether there are any things that are wrong. And there are events where we are not notified by email, but it is important for me to know in order to be able to provide my customers with the best possible support and then a lot is possible with the API, especially with SOPHOS. For example, we have now built a Teams chatbot that can chat to our employees via Teams if something is wrong with a customer. And I think that ProComp will also take the next step in the coming weeks and months. Because we want to keep growing with our customer base.

MSP Journey · Managed Security Services · Sophos & Olaf Kaiser · Portraitbild Andreas Ernstberger

Profile

ProComp's digital solutions automate your company and guarantee lean and efficient processes. Optimized IT operations also conserve your valuable resources. Our digital experts deliver the solutions you really need. Our solutions for your company's digital challenges: Digital processes: Work efficiently with digital process, information and document management. IT infrastructure services: The IT infrastructure grows with your requirements – automated, dynamic, reliable and always up to date. Security: IT security, malware protection and video surveillance – all-round security. Web-based solutions: Our web solutions do exactly what they are supposed to do: make it more fun to work with your own website.
Andreas Ernstberger
Head of Network & Security Solutions
ProComp Professional Computer GmbH
Industrial avenue 1
95615 Marktredwitz

Related articles

MDR is not a technology, but a service

From the customer's point of view, it is about how Managed Detection and Response (MDR) is used to test and introduce stronger security performance and, from the MSP's point of view, how a central MDR service is linked to important systems via APIs through to the establishment of alarm chains.

Managed firewall in focus – from service definition to reporting

What services - both planned and unplanned - are included in your managed firewall packages? How can the customer purchase the whole bundle of hardware, software and services? All as one fixed monthly price? Are there really helpful reports for customers from the firewall? Which services are not included and are provided on demand or on request at the firewall? How do you deal with customers who already have another firewall in use?