Tag Archive - MSP

MSP Pricing Survey – Clouds Can Be Lucrative!

SMBs Have Adopted Cloud Services

There’s no doubt about it. Cloud services are a tremendous hit with SMB customers. Whether they are running applications in a public cloud or whether they are leveraging private cloud services from a managed or cloud service provider, the great majority of SMBs are increasing their use of cloud services* and MSPs are benefiting.

This trend does represent a double-edged sword. On the one hand, MSP clients may be reducing their needs for managed servers or managed application services such as email because they plan to move applications to a public cloud or software service provider, e.g. migrating from an in-house Exchange server to Exchange Online via Office 365. On the other hand, there is a growing opportunity for MSPs to both assist clients with their migration process as well as to offer related managed services. As time goes on we expect to see a broad range of cloud-related service offering, including:

Continue Reading…

MSP Pricing Survey – Service Offerings Expand

MSPs are adding new service capabilities

One of the strongest trends in the managed services market, highlighted by our most recent Pricing Survey, is the increase in the number of different services (or bundled service components) now offered by Kaseya MSP customers. Our 2014 survey asked MSPs to identify which of a series of 17 services they offered. These responses were then compared to those from our 2013 survey which requested input on 11 categories of service. The results are shown in the chart below. The overall response indicates that more MSPs are offering more services. In fact, a greater proportion of MSPs are now offering all of the services we asked about in 2013. In addition, a significant number are offering the newer service capabilities we added.

Continue Reading…

MSP Pricing Survey – Increased Hourly Rates

Worldwide Average Standard Hourly Rates Increased from 2013

The overall average standard hourly rates MSPs charge for their engineers and technicians went up by about $10 per hour between 2013 and 2014 according to the results of the last two Kaseya MSP Pricing Surveys. In our 2014 survey we asked about pricing for three tiers of technician support – level 1, level 2, and level 3 – whereas the previous survey simply asked about “average” hourly rates. However, despite various differences in the number and size of respondents between this survey and the previous one, the results were generally consistent. Rates in the United States and Australia were the highest followed by rates in Europe, Canada, New Zealand and South Africa. Hourly rates were lowest in India – see the table later in the post that highlights the differences on a regional basis.

Continue Reading…

MSP Pricing Survey – Growth Leaders Sell Value

Strong value pricing trend

The fourth annual Kaseya MSP Customer Pricing Survey was conducted in September and October last year and it attracted almost 700 responses from MSPs around the world. One of the strongest results to come out of the survey is the significant movement towards value-based managed services pricing and away from cost-based or market-based pricing. The chart below contrasts the differences between the 2013 MSP pricing survey results and the more recent responses. the trend towards value-based pricing is clear. The results support the notion that managed services customers are increasingly interested in business value and linking their purchases to key performance indicators (KPIs), such as system availability, or performance levels, or business outcomes.

Continue Reading…

MSP Pricing Survey – Sticky Bundles, Higher Fees

Bundling strategy increases value and stickiness

The message is clear, small and medium businesses are very interested in bundled services. A recent newsletter from AMI-Partners, I-Signal*, which reports findings from their research programs, indicates that SMBs are 3 to 4 times more interested in bundled services than in single services. They gain more value from bundled services and are loath to switch service providers unless they can do so without disrupting their existing business. The strong interest in bundled services supports the notion that SMBs are indeed more interested in value than price, despite their insistence to the contrary.

Continue Reading…

Kaseya Connect: Come for the Conversations!

Register for Kaseya Connect!

Every year Kaseya holds its premier user conference, Kaseya Connect. If you are a Kaseya customer, you have probably seen the promotions, and are asking yourself, “Should I attend?” As you might expect, the Connect event features all of the right components:

Continue Reading…

IAM Profitable: Get Your Piece of the IAM Market

IAM is Profitable

If you’re an MSP or an IT service provider, then you’re involved in a business model that’s always looking to improve its offerings and increase its bottom line. With the global IAM (Identity and Access Management) market increasing at an explosive rate, being able to offer authentication and password management isn’t just a smart move, it’s also a safe move!
Continue Reading…

Get Your Head Out of the Tech: A Realistic Look at Cloud Computing

Cloud Inspection

To understand new technologies, one must first get past the misinformation and pierce the veil of hype to see the product as it actually is. As you can see from the graph below, tech hype progresses in a fairly typical cycle. Currently, we’re just passing the peak of inflated expectations and are beginning to see the beginning of negative press. The relatively recent iCloud incident and death of Code Spaces are just the tip of the iceberg which soon will plunge cloud computing into trough of disillusionment, where it will remain until people realize what purpose cloud computing actually serves, climb the slope of enlightenment, and set out across the plateau of productivity. This same process happens with every major technology hitting the market. Video killed the radio star, and internet killed the video star, yet we still have radio stations, and television networks. The media simply hypes everything out of proportion.

In spite of the trend set by the media, many technologists try to provide realistic advice to people before they throw out their old technology in preparation for the new. Cloud computing isn’t going to eliminate the need for older systems. If anything, it will just augment their purpose. In the following post, I will outline five key elements of cloud computing in a way that shows their upsides and downsides.

Hype Cycle

Accessibility: Boon and Bane

If a user is on a business trip, they can access the same resources that they can at work. The simple ability to access resources from anywhere within the same network is a boon, as it removes much of the need for an internal infrastructure. Unfortunately, as was noted by a French Philosopher, British PM, and a man dressed up as a spider, “with great power comes great responsibility.” Accessibility without appropriate restriction is a highly dangerous risk. A cloud-based system on its own cannot know that your users should not be attempting to log in from Elbonia. If your system is made more accessible to your end-users, then it’s also being made more accessible to everyone else.

In a nutshell, IF your access security is well developed, then you can reap the benefits of increased availability, otherwise you’re going to have a bad time.

Maintenance: Can’t Someone Else Do IT?

This entry would have suited a different article entirely, but it works extremely well for the purpose of realistically portraying cloud computing.

There are two ways this scenario typically plays out. Your cloud-based service provider could be amazing — handling updates, resolving issues, and generally fixing everything before you even notice something has gone wrong. If that’s the case, then you’ve reduced the need for the services of your IT department and in-house infrastructure, thus significantly reducing overhead.

Unfortunately, such a result is not guaranteed, and if your provider leaves a lot to be desired, then your experience is going to be less than positive. Rather than staying ahead of new issues as your in-house techs did, your provider may instead do the bare minimum, only completing tasks when they’re specifically told to do so. Micromanagement is expensive, and the potential service outages resulting from poor service can be costlier than maintaining your old in-house IT infrastructure ever was.

In a nutshell, it all comes down to quality of service. If you move to the cloud and your provider is great, then things will run smoothly. If they’re less than stellar, then your experiences will reflect that.

Reliability: Now With More Points of Failure!

The reliability of a system can always be judged by the number of potential points of failure, and the redundancy (or lack thereof) surrounding those points. Cloud computing is very interesting in how it shifts the reliability of a system from hardware functionality, to relying on the availability of services.

Consider the following, if cloud based systems and in-house systems were both types of vehicles, then in-house would be some sort of SUV, while cloud-based would be some type of high-performance car. This means that their relative performance comes down to the presence of a well maintained road (internet connection). If the road is always going to be available, then the high-performance car will outright win; however, the moment they need to go off-road the SUV has a clear advantage.

I explain it this way, because it’s effective at pointing out the shortcoming of the cloud based model. If you have no internet, then you have no access. If you have an in-house infrastructure and the internet goes out, then work can still be done across the internal network. The high-performance cloud-mobile may be significantly less likely to break down, but without the internet providing access it will just sit idle during those periods.

Security: Something Old, Something New…

Security in the cloud is one of those hot-button topics, so let’s keep this as concise as possible. Companies like Code Spaces, which were bankrupted due to poor cloud security practices, provide a generous justification for their systems to be top-of-the-line. This means that cloud services and cloud service providers are often extremely focused on security. At the same time, there is no action without a cause. The reason why they are so security minded, is because they are aware that, in addition to the usual risks an in-house system may encounter, the new features which the cloud is built upon (such as multi-tenancy, shared resources, and availability) open up new vectors for attack which previously could only be theorized. This means that, while the security in the cloud is often quite strong, there are also new weaknesses which can or may circumvent those defenses.

Costs: You Get What You Pay For

In many instances, cloud service providers offer pay-for-usage models of pricing. This means that you pay based on the resources you are using, and the duration of the time they’re in use. In many cases, this is more cost effective than having the same systems in-house. This adaptability and scalability can be great for any business. On the flip-side, consider cloud based infrastructure the same way you would consider leasing a property. It can be more affordable and ideal to lease an office; however, in some cases it’s more cost effective and practical to buy the property. Whether or not you get a good cost-effective deal for your cloud-based infrastructure comes down to planning for your needs.

Whether you’re planning on migrating to the cloud, are remaining in-house, or are deciding on which you would prefer, the first step to building a strong IT infrastructure is finding the right platform to build upon. Kaseya was designed and built with security as the fundamental building block to its core architecture. To learn more: Click Here.

If you’re interested in some ways to protect your cloud-based IT infrastructure: Click Here.

Author Harrison Depner

IT Security Compliance Requirements and State Laws

State laws have always been a tricky subject when the internet gets involved. Unless your business is large enough to hire a squadron of legal representatives, you just have to accommodate for them. In this article, I’m going to outline three of these state laws which may apply to your business. Fair warning: This article should in no way be construed as legal advice. I’m not a lawyer and I don’t even play one on TV.

California Compliance Law

State: California

Law: CalOPPA (California Online Privacy Protection Act)

Who it applies to: Any commercial website or online service that collects personal information about “individual consumers residing in California who use or visit its commercial Web site or online service.”

What the law requires: CalOPPA can seem to be a fairly complicated law, so let’s break it down into a simpler form. This law focuses on how you handle personal information, and more specifically how your website or service responds to “Do Not Track” messages. This sounds like it could become difficult, but fortunately the law doesn’t require you to respond to “Do Not Track” messages. Instead it only requires that you disclose whether you do or don’t respond to those messages. In other words, you can ignore “Do Not Track” messages and collect personal information despite them; however, if you do that you will need to say so in your privacy policy.

If you decide instead to respond to “Do Not Track” messages, you will need to disclose how you respond, and while CalOPPA doesn’t specifically define how detailed your disclosure must be, it’s safe to assume that such disclosure should be accurate.

Fortunately most websites already have privacy policies, and adding a few lines that state you don’t respond to those messages, or alternately do and your practices around that, isn’t too difficult a task.

Nevada Compliance Law

State: Nevada

Law: NRS 603A (Security of Personal information)

Who it applies to: This law applies to “any governmental agency, institution of higher education, corporation, financial institution or retail operator or any other type of business entity or association that, for any purpose, whether by automated collection or otherwise, handles, collects, disseminates or otherwise deals with nonpublic personal information” of Nevada residents.

What the law requires: This security law sets forth a number of legal obligations for those to whom the law applies. In a nutshell, these obligations include:

  • Protocols surrounding the destruction of records containing personal information. (603A.200)
  • The maintenance of “reasonable security measures to protect” those records. (603A.210)
  • The disclosure of breaches which affected the stored personal information of NV residents. (603A.220)
  • Mandatory PCI Compliance for organizations that accept payment cards. (603A.227)
  • The encryption of Nevada residents PI in transmission, and during the movement of storage devices. (603A.227)

What does this mean in a general sense? Well, if this law applies to you or your clients’ businesses, then you have a lot of work to do. Fortunately, these compliance requirements are fairly typical and you may not have to make any changes at all if you’re already PCI compliant. If you do business with residents of Nevada and you’re not following these practices… well, I highly recommend you start working to follow these practices immediately. Some sources point out that this law technically has a national and international reach for any group handling the personal information of Nevada residents.

Massachusetts Compliance Law

State: Massachusetts

Law: 201 CMR 17.00

Who it applies to: Every person or organization that owns or licenses personal information about a resident of Massachusetts and electronically stores or transmits such information.

What the law requires: Fortunately this law is written in a fairly comprehensive way, so it is quite easy to explain. For those to whom this law applies, it is required that a comprehensive information security program exist, and that said program cover all computers and networks to the extent which is technically feasible. This security program, when feasible, is required to…

Have secure user authentication protocols which provide:

  • Control over user IDs and other identifiers.
  • Reasonably secure assignment and selection of passwords, or use of unique identifier technologies, such as multi-factor authentication.
  • Control of passwords to ensure they are kept in a location and/or format that does not compromise the security of the data they protect.
  • Restriction of access to active users and active user accounts only.
  • The ability to block access after multiple unsuccessful access attempts, or limitation placed for the particular system.

Secure access control measures that:

  • Restrict access to records and files containing personal information to those who need such information for their job.
  • Assign unique identifications and passwords, which are not the vendor supplied default to any person with access.

As well, the security program must include:

  • Encryption of all transmitted records and files containing PI which will travel across public networks or wirelessly.
  • Reasonable monitoring of systems for unauthorized use of or access to personal information.
  • Encryption of all personal information stored on laptops or other portable devices.
  • Require a reasonably up-to-date firewall protection and operating system security patches for systems containing personal information which are connected to the Internet.
  • Reasonably up-to-date versions of system security software which must include malware protection with reasonably up-to-date patches and virus definitions, or a version of such software that can still be supported with up-to-date patches and virus definitions, and is set to receive the most current security updates on a regular basis.
  • Education of employees on the proper use of the computer security system and personal information security.

As you can see, I saved the best for last. This law, just like the one from the state of Nevada, can have a national or international reach. Now I didn’t write all of this for you to panic about. I feel that these three laws serve as a good motivation for any business to improve their IT security and IT policies in general. Additionally, these three laws in combination provide a great framework that any business could build their IT security upon. Security is not the job of a single person, nor is it the job of a single business, instead it is a task for everyone.

The first step to building a good home is laying down a strong foundation. Similarly, the first step to building a strong and compliant IT infrastructure is finding the right platform to build upon. Kaseya was designed and built with security as the fundamental building block to its core architecture. To learn more: Click Here.

If you’re interested in learning more about PCI compliance: Click Here.

If you’re interested in another interesting compliance requirement for Law Enforcement: Click Here.

Author Harrison Depner

Building the World’s Fastest Remote Desktop Management – Part 4

Fastest Remote Control

Building the world’s fastest remote desktop management solution is a bit like building a high performance car. The first things to worry about are how fast does it go from zero to 60 and how well does it perform on the road. Once these are ensured, designers can then add the bells and whistles which make the high end experience complete.

In our first three installments in this series (Part 1, Part 2 and Part 3), we talked about the remote management technology being used to deliver speed and performance, and now we are ready to talk about remote management bells and whistles to deliver the high end experience IT administrators’ need. Kaseya Remote Control R8, which became available on September 30, adds 6 new enhancements to ensure greater security and compliance and help IT administrators resolve issues more quickly on both servers and workstations:

  1. Private Remote Control sessions:

    In many industries, such as healthcare, finance, retail, education, etc., security during a remote control session is crucial. Administrators cannot risk having the person next to the server or workstation view sensitive information on the remote screen. Kaseya Remote Control R8 allows IT administrators to establish private Remote Control sessions for Windows so that administrators can work on servers or workstations securely and discreetly.

  2. Track and report on Remote Control sessions:

    These same industries have strict compliance requirements. Remote Control R8 allows IT organizations to track and report on Remote Control sessions by admin, by machine, per month, week, day, etc., with a history of access to meet compliance requirements.

  3. Shadow end user terminal server sessions:

    Many users run terminal server sessions for which they may need assistance. Remote Control R8 lets IT administrators shadow end user terminal server sessions to more easily identify and resolve user issues.

  4. See session latency stats:

    Poor performance is often hard to diagnose. Remote Control R8 shows session latency stats during the remote control session so administrators are aware of the connection strength and can determine it’s relevance to an end user’s issues.

  5. Support for Windows Display Scaling:

    HiDPI displays are quickly becoming the norm for new devices. Remote Control R8 includes support for these display types (i.e. Retina) to allow IT administrators to remotely view the latest, high definition displays.

  6. Hardware acceleration:

    Remote management becomes much easier if one can clearly see the remote machine’s screen. Remote Control R8 enables hardware acceleration, leveraging the video card for image processing, for a sharper remote window picture while reducing the CPU overhead by 25%-50% depending on the admin’s computer hardware – “sharper” image screenshot.

Just like your favorite high-performance car, Kaseya Remote Control R8 is delivering the speed, performance and features IT administers need to obtain a high-end management experience.

Let Us Know What You Think

The new Desktop Remote Control became available with VSA R8 on September 30.

We’re looking forward to receiving feedback on the new capabilities. To learn more about Kaseya and our plans please take a look at our roadmap to see what we have in store for future releases of our products.

Author: Tom Hayes

Page 1 of 512345»
-->