Technology Reseller v94

12 01732 759725 ‘We’ve got a proposal from someone else and it’s half the price’ and having to explain that the two proposals aren’t the same, which they rarely understand. In September, Mit told me about Assurix. I mulled it over and thought that could be good for us because with an external benchmark we can at least say ‘we are at this level, are they?’.” Investment in externally verified proof that one’s controls are working is a very different approach to competitive pressures to that taken by many MSPs, which is to keep lowering prices. As Patel points out, this can only be done by cutting corners with potentially disastrous consequences for the MSP and its clients. “I was on a podcast just before this call with someone who had lost a deal because another MSP was charging £15 pounds per user per month. How in the world can a client trust an MSP charging £15 per user per month? Assume you’re a 10-user company and you’re getting charged £150 a month. How many hours can that IT company spend on your business and break even? Three hours. And how many hours can they spend to make the average margin in the industry? One and a half hours. You can’t manage the IT for a company of 10 people in one and a half hours a month; it’s just not possible.” Not for everyone There will always be businesses that choose to buy on price, regardless of the risks, but the overall push is clearly towards more regulation, more security, better governance and more accountability, so how many MSPs does Assurix expect to achieve its trustmark? “I don’t think the Assurix trustmark is for every MSP, and I don’t think every MSP is going to be able to get to the standard,” says Patel. “There’s talk of there being 13,000 MSPs in the UK; I think a truer figure is 6,000 to 6,500 MSPs. Our aim is to get to about 1,500 MSPs in five years’ time, and I think that’s probably the right cap for the number of good MSPs out there,” says Patel. To date, the largest MSP recruited by Assurix has 150 employees, and MSP is doing everything it says it is doing (and everything it should be doing) to secure its clients. For MSPs, it provides a competitive differentiator and the discipline and motivation to achieve and maintain the highest standards. Early win The value of Assurix was brought home to Little Big Tech Founder and Managing Director Nick Haley even before the company’s verification process had been completed. “We were contacted by a company that had identified certain security issues and raised them with their incumbent MSP. It turned out these had been present for more than four months without being picked up by the MSP. We went to a meeting with them, told them how we operate, told them about the process we were going through to get the trustmark – it was just before we’d actually got it – and how we would be held to account to make sure we were doing exactly what we should be doing. It was one of the easiest ‘yeses’ I’ve had.” This ‘win’ highlights the appetite for a trustmark that gives clients confidence that an MSP is delivering what it promises, which is exactly what prompted Patel to launch Assurix in the first place. “The challenge in this industry is that service is very visible, so if you don’t pick up a phone call, don’t reply to a ticket or don’t set up someone’s machine when you’re meant to the customer is going to know about it. But security is invisible – a client won’t know whether their MSP is patching machines when they’re meant to or if the stuff that’s installed on their machines is working and keeping them secure. Assurix helps SMEs differentiate between MSPs that all sound the same and promise the same things.” For Haley, this was the initial attraction. “We’re a young company, with 10 staff, in our fifth year of trading. We typically target younger, ambitious companies that are on a growth trajectory and often haven’t used an MSP before. One of the things we kept running up against when proposing a comprehensive package of support and security was being told Little Big Tech, which provides managed IT and cybersecurity services to 60 clients with five to 150 users, has become the first MSP to be awarded an Assurix trustmark following independent verification of its security controls and service operations. Launched by MSP industry leader Mit Patel last October, Assurix provides externally verified proof that an MSP is meeting required standards across 64 controls covering security maturity and operational maturity, mapped to the NCSC Cyber Assessment Framework (CAF) version 4. Unlike point-in-time certifications like Cyber Essentials Plus or ISO 27001, Assurix continuously monitors controls, with live controls polled every six hours, and will suspend an MSP from the Assurix Trusted MSP register should its standards slip and not be rectified within 30 days. Another way in which Assurix differs from ISO accreditations is that ISO lets businesses tolerate a level of risk as long as it’s acknowledged and managed, whereas Assurix has prescriptive standards that must be met or exceeded. For SMEs, Assurix verification is independent, up-to-date proof that an London-based MSP is first to be independently verified under new trustmark designed to prove an MSP is both secure and operationally effective National trust MSPs Mit Patel

RkJQdWJsaXNoZXIy NDUxNDM=