Archives For Managed Services

I’ve spent a few hours reviewing the Cisco Annual Security Report for 2014 and some of the data contained in it just isn’t interesting, but extraordinary. I’ve excerpted parts of it here with comments (my comments are in italics):

  • Java comprises 91 percent of web exploits; 76 percent of companies using Cisco Web Security services are running Java 6, an end-of-life, unsupported version – This is a huge problem for organisations, particularly given that many of the Java exploits are due to older versions and updating Java across a computer fleet is difficult and fraught with challenges.

  • Ninety-nine percent of all mobile malware in 2013 targeted Android devices. Android users also have the highest encounter rate (71 percent) with all forms of web-delivered malware – Android devices are becoming more ‘trusted’ in organisations rather than the ‘walled garden’ iOS environment. With the enclosed ecosystem at Apple comes security so I’m not sure why corporations who are security conscious would be considering Android? It’s potentially a cost issue as iOS devices are generally much more expensive, but it’s easy to see this is false economy due to the security risks.

  • There should be an assumption by all users, perhaps, that nothing in the cyber world can or should be trusted – I’m intrigued what we can do in the industry around getting this point across to users, it’s still apparent to me that people who wouldn’t dream of letting someone in their front door without checking all information about them freely invites them into their computer world where there is arguably more information available about a person (banking, tax etc).

  • Cisco defines the primary security concerns for 2014 as:
  1. Greater Attack Surface – Data is the prize that most attackers are after, either personal data or information about the environment for further attacks, a staggering statistic – 100 percent of business networks analyzed by Cisco have traffic going to websites that host malware – do you know what’s going on in your network? If the companies analysed skew towards Fortune 500 as most Cisco clients, what chance do SMEs have at securing their networks? The two questions Cisco suggest asking are:

– Where is our critical data?

– How do we create a secure environment to protect that data, particularly when Cloud and Mobility leaves us with little control over it?

2. Proliferation and Sophistication of the attack model – The vectors for attack are numerous and the surface area is huge, the weakest part of your network is where attackers are focusing (usually endpoints) but always with the goal of accessing data residing in datacentres or computing centres. Segration of networks will become key to securing data in the future.

3, Complexity of threats and solutions – Gone are the days when spam blockers and antivirus software could help guard an easily defined network perimeter from most threats. Today’s networks go beyond traditional boundaries, and constantly evolve and spawn new attack vectors: mobile devices, web-enabled and mobile applications, hypervisors, social media, web browsers, home computers, and even vehicles. Point-in-time solutions can’t respond to the myriad technologies and strategies in use by malicious actors – Agree with this point wholeheartedly, in the past all we really needed to worry about was securing our networks from outside at the perimeter level and securing endpoints. The endpoint types have now become myriad and securing them is often impossible, it’s apparent that the majority of security now needs to occur at the network level in order to be effective.


  • Spam volume is down however malicious spam doesn’t appear to be decreasing – Spammers are increasingly using public interest stories (such as the Boston bombing) to drive traffic to malicious websites. Again, how do we stop users from accessing this data given the speed at which spammers can register domains, create fake websites and spam out?


  • Java provides an attack vector too large to ignore, 97 percent of enterprise desktops run Java, as do 89 percent of desktop computers overall in the United States – When will Adobe address the inherent risks of Java? Or when will sysadmins demand that Java just isn’t installed on corporate desktops? We surely mustn’t be far away from this time given the risk and depth of the issue?


  • Today’s security teams are grappling with the “any-to-any problem”: how to secure any user, on any device, located anywhere, accessing any application or resource – MDM is just one part of this problem (although a growing one), how do we secure BYOD at the network level and more importantly accessing corporate applications that are required for people to be productive in their employment? Loss and targeted theft of devices also causes challenges for businesses, particularly ones that haven’t encrypted information on their mobile devices or don’t enforce security on the mobile devices. Given the privacy act amendments I’d suggest that mobile devices will be one of the first ports of call for attackers seeking to compromise corporate networks.


  • Attackers are targeting specific, high value industries via a number of ways to potentially infect – these industries are electronic manufacturing, pharmaceutical and chemical industries. However it’s important to note that other previously low risk industries (such as mining and agriculture) are also rising as those industries value increases – I’ve actually heard from customers that no-one would want to see the data they keep so why should they be concerned about securing it (in a more than cursory fashion) – anywhere there is money, attackers are interested, so if your business is making money, I’d be worried about security.


  • Hosting partners, DNS Namespace providers and Infrastructure as a Service providers are increasingly becoming the focus of attacks due to the fact that once they are compromised, compromising other customers of this provider or using their services to deliver more malware is simple. One compromised server in a large hosting provider could essentially compromise hundreds or thousands of websites. – How secure is your hosting provider? What tools and protection do they have in place at even the hypervisor level to ensure they won’t be compromised?


  • All organizations should assume they’ve been hacked, or at least agree that it’s not a question of if they will be targeted for an attack, but when … and for how long. – This is demonstrated by the fact that 100% of business networks monitored by Cisco have traffic going to malicious websites, it would be naïve to assume that most businesses have not been compromised. Organisations should review what data is going across and out of their networks in order to understand potential compromises.


  • Brute force logins are the number one way websites are compromised – Security logging /alerting, lockout policies and complex password enforcement on any public facing platforms is essential to ensure that brute force attacks are difficult to succeed.


  • DDOS Attacks are increasing in volume and severity – Most businesses that are usually subject to these sort of attacks have already invested in infrastructure to mitigate these attacks, however with the growth of the Internet of Everything and ever increasing bandwidth available organisations should prepare for longer and stronger attacks which may bring previously adequate protection to it’s knees. We’ve also seen that industries that traditionally wouldn’t be targets are becoming targets for a variety of reasons, particularly sites that allow users to comment or ‘flame’ each other which may invite ‘payback’ from people with the means to do so.


  • Ransomware is still a concern and still a major source of revenue for cybercriminals – We’ve actually seen a lot of Ransomware attempts on our customers, which we’ve mitigated through client and server side AV which allows us to ‘undo’ the changes made by these encrypted type Ransomware software (e.g Cryptolocker), however this isn’t going away as a challenge to organisations.


  • Security talent gap – Most organisations don’t have the skills and experience to protect themselves from sophisticated cyber-criminals. There appears to be a shortfall of security professionals, particularly those with ‘white-hat’ type skills. Organisations that can’t source appropriate talent, or aren’t big enough to, should partner with organisations who have strong security focus to round out that skill shortage.


  • Cloud is the new perimeter – With the moving of the ‘edge’ to the cloud, organisations are often at the mercy of their cloud providers security model which may not be in-step with the internal expectation of security process. What questions are you asking your cloud provider on their security process, disclosure policy and patching policy? Is it backended with the business expectation of security?

The Cisco Annual Security Report is available at: and I heartily recommend downloading it and reviewing it for your own purposes, it’s a bit wordy but certainly valuable to all organisations.


My thoughts on the customer experience are very straightforward.

If you aren’t offering something that someone else isn’t offering (ie you have a monopoly) the only way you can differentiate or compete is by making it easy for customers to do business with you in a repeatable and consistent fashion.

This is exactly where retail have it all wrong and are suffering at the hands of the e-Commerce industry.

I could go into a large department store, fight traffic, get parking, walk through hundreds of people to buy my stuff, then wait for a person who knows nothing about the product to help me, then check out and get home OR I could go online, read other customers reviews and one click order from the comfort of my lounge room in my underpants without any of the above. The only issue is that of delay of fulfilment, but most customers don’t need a new pair of shoes, or a DVD player TODAY, so it’s not really an issue in retail.

One is easy, the other is hard and the way this applies to the IT industry is that we all too often make it too difficult for customers to do business with us both initially and in a repeat fashion.

There are a number of ways we can improve the customer service experience, but I’m going to focus on the issues and on two products which are awesome and I really enjoy working with that improve that customer service experience.

The first issue for mine is non-integrated service portals – I hate these with a passion; a separately maintained username and password onto a portal which is usually not well designed and doesn’t allow customers to do key tasks. I’m looking at you here Connectwise, you know what I’m talking about! But luckily, the solution is already here and it’s called DeskDirector ( – I’ve been doing some testing with this product and it, in one word, is awesome.

It’s basically a replacement for the Connectwise service portal (which you probably already give access to your customers to) that does a number of great things to improve that user experience for customers and make it easier for them to do business with you.

First, it’s AD integrated to the CLIENTS Active Directory, you just put their domain SID into a portal and then the users automatically authenticate with their own Active Directory username and password and even better, if the client doesn’t exist as a contact in Connectwise and they try and use the portal, this will actually CREATE them as a contact in Connectwise! That’s actually a really simple thing, but it’s really great because often you won’t have clients details for a call back or something like that, plus you can track who logs tickets and for what.

Second, it’s a client side application installed with a easy installation on clients PCs, particularly easy if you use something like Labtech to roll it out but the reason that clients want to use it is because it includes a raft of user training built into the product and the ability for you to provide training to customers is what will drive the client side adoption of the product without having the “oh no, not another thing for me to use to interact with my service provider!” discussion. The training is customisable and you can provide your own training material on a global or specific per company basis – the other advantage of this is that if a client can find the answer to the problem before contacting you, then you’ll save costs on servicing that customer. But mostly, the client is happier because they can pull training and information they need whenever they want it to help themselves.

Third, there’s a raft of features I love which enable the customer to interact in a simple and consistent fashion. These are:

1. A very user friendly wizard driven way of logging a ticket (including adding screenshots etc very easily) which can automatically assign service types into Connectwise or put the ticket onto different Connectwise boards. Also the ability to see all active tickets for a company including timeline and interactions with your organisation
2. The ability for a specific user at a client site, if they are added to a particular group (that you manage in Connectwise) to be able to either have all of their tickets logged as a priority 1 or 2 OR have the ability to ‘fast-track’ particular tickets that might not look important at first glance but actually are (ie a single PC not working might not be important, unless that person is the payroll person and today is pay day!)
3. The ability for clients to see all invoices issued to them from Connectwise (if given the permission) so they can self service their own invoices taking the pressure off your account management/finance team if a client wants to see an old invoice.
4. The ability for clients to see “Recommendations” which are basically Opportunities in Connectwise and flag them for review (or really just say they want to buy them!) along with being able to see the quote if you have Quosal and are using Order Porter.
5. The ability for clients (if they have the permission) to see tickets in the “On Hold – Awaiting Client Approval” status and approve the ticket – no more billing or security problems when a client says they didn’t approve for work to be done
6. If you want to provide the feature of ‘chat’ with your engineers, there is also the ability for clients to chat with engineers and your engineers to see the ticket they’re chatting about and enter the notes from the chat directly into Connectwise from the chat application installed on your engineers PC. In my mind, this would replace the chat agent that Connectwise are selling which is kind of expensive anyway.

Anyway, that’s enough about Desk Director, but take my word for it, it is truly awesome and I can’t wait to get this rolled out to our customers so they can experience the power. It’s not that expensive and well worth a look, the guys will set it up for you and you can test drive the power of it.

The second issue I have ugly reports. That’s a pretty blunt term, but clients want to know what’s going on with their network and with their service tickets and they want to do that in an easily understood fashion that can be given to a non technical executive and they can at a glance see what’s occuring. I spoke a little in my last blog post about experience scores which I think is where the industry needs to move to but while that’s being built out you have to provide some sort of Managed Services Report to clients who you’re working with.

Generally the reports coming out of RMM and PSA tools are disparate, and, well, ugly. I’ve seen a lot of them, used a lot of them, and even as a technical person sometimes the content is not easily understood even if you know what you’re looking at.

The guys at BrightGauge (( have a excellent piece of software that pulls information out of Connectwise, Labtech, Kaseya, Autotask and GFI Max and consolidates that into a online, fully customisable, drill down, gauge driven report that both looks awesome and demonstrates value to your clients for the services you’re delivering. It’s a major differentiator if your competitors are still issuing the tired old reports that have a lot of words, but don’t really say anything. It’s also dirt cheap for what it does, if you don’t already have it, seriously – go and sign up now, they have no contracts and when we’ve needed their support they’ve been very forthcoming with it.

For mine, the next iteration should be that the guys from BrightGauge talk to the guys at Desk Director and have Desk Director be able to deliver the reports directly down to the client desktop without requiring another portal. It would be especially cool if a client could run their own reports, on their own timelines directly from Desk Director. More than one portal.. is too many portals – but if you’re reducing 3 portals to 2, then you’re at least going in the right direction!

Both of these products solve a number of difficult problems with giving clients granular, understandable access to the value you deliver for your Managed Services clients and I can highly recommend both of them for streamlining and improving the customer experience.

My major point for this post is that clients are expecting to be able to pull information on their timeline without necessarily needing to interact with you and your staff or wait for a reporting period to come around so they can see what’s going on with their networks. Anything you can to do give that information in a consistent and concise fashion will add value to the customer experience and make it easier for them to do business with you which will drive improvements in profitability, customer retention and customer satisfaction for you.

Webroot SecureAnywhere Performance Report


February 28, 2013 — Leave a comment

The most important aspect in any MSPs business is establishing partnerships – there’s absolutely nothing more important if you wish to be successful than understanding the reasons why you should partner and then deciding who you’ll partner with.

There’s a number of people MSPs should look to partner with and I’d like to make a suggestion on who they might be and why:

  • Customers: This is obviously a no brainer, but a lot of people overlook this and simply become service providers to their customer base. That isn’t enough if you want a mutually fulfilling relationship – you need to be partners in every sense. Your success should be tied to the success of the customers business; if you can provide them with the technology underpinnings to outperform their competitors, price becomes irrelevant and you start to deliver true value to customers. In saying that, customers need to WANT to partner, some are more than content with a service provider relationship and never want you to do anything else than deliver a good service – there’s nothing wrong with this, but demonstrating value to customers in this scenario is very difficult and you could quite easily be replaced by someone else who is doing it cheaper, or promising better service (whether or not that is true, is another story).
  • Industry Groups: There’s a number of industry groups for MSPs which are great environments for networking and for improving every aspect of your business – some examples would be HTG, Service Leadership, local business chambers etc. There’s a difference though between ‘attending’ these groups and ‘partnering’ with these groups and I’d suggest the difference is intent – if you’re going there with the intent to share, participate, learn, give back and grow together then you’re partnering with them – if you’re there to just improve yourself and be passive, I’d suggest that you’re not partnering – both are valid approaches and there’s no judgement here but I truly believe that one has tremendous payback associated to it
  • Vendors: This is a tricky one and can be fraught with difficulties – some vendors understand partnership and want not just for you to sell their products, but to do better business and offer you the support and guidance to do so but in return they may expect more from you than a traditional vendor – a greater share of your business, a case study, assistance on steering committees or advisory boards etc – but if you’re not prepared to give, how can you expect a vendor to do so?. Other vendors just don’t get (or value) partnership and want nothing other than for you to buy/sell more of their stuff – again, both valid and common approaches but their value differs greatly. At Anittel we try to not go as wide but go much deeper with the vendors that we work with and try greatly to partner with each organisation that wants to partner with us and can see the value in doing so – we’re very fortunate to have great partners in industry as a result of this open approach and look forward to those relationships being long lasting and mutually beneficial
  • Your staff: another one that sounds pretty self explanatory but is overlooked regularly. Your employees are the front line of your business, they’re who your customers see every day and who they form relationships with. Partnering with your employees is not as simple as offering them a job and some occasional training or a perk here and there – it’s about understanding what they want out of their career and supporting and developing them to get there, whether that’s inside of your business or elsewhere. I’ve been very fortunate to have some great people supporting my career inside of Anittel and they’ve chosen to partner with me to increase my skills and leadership ability not just by offering courses, or career opportunities, but by sharing their wisdom and being patient with me lack of wisdom. Should I ever choose to leave Anittel I believe that it will be with the full support of those people who have nurtured me – my friend Tim Brewer says it as “It’s not being cast off, it’s being launched out and having those people tell everyone how great you are” or something like that, I may be paraphrasing and he probably used more words!

I hope you can see the value in partnership and choose to pursue that with all around you, the personal and professional value is inestimable – I also hope that when you come across vendors or people that don’t value partnership that you choose to attempt to persuade them and if not, find an alternative because you are forgoing a lot of value and rewarding poor behaviour by working with people or organisations that don’t understand partnership.

OK – Back to talking about technology things! 🙂

I feel like again I should state this – I’m not a shill for any product, If I’m talking about it, it’s because I use it (or my customers do) and love it or I hate it.

With this particular product line, I can also say that I’ve sat on the Quosal advisory board for a meeting so have a little more view point to the future of the product than some other people. But I have no financial interest in any of the customers, nor do I get paid from any of them!

Now, that’s out of the way, I want to spend some time talking about what I consider to be the Dream Team of the MSP world.

Anittel utilise what Connectwise calls “The IT Office bundle” of Connectwise, Quosal and Labtech. We have used Connectwise for all 3 years of Anittel, Quosal for probably 2 and Labtech for only 4 months or so.

Firstly, Connectwise is the secret sauce, this is our ‘source of truth’ and where all of our data resides in one format or another – configurations from Labtech, Quotes as Opportunities from Quosal etc – everything goes into this system and it’s where we pull and push data to and from, for instance to our reporting tool for MIT customers (shoutout to Brightgauge!) and to our accounting package. It’s utilitarian and built as a robust PSA for MSPs – you’re limited by your imagination only with what you want to do with and all of our 210 staff use this on a daily basis for everything from documentation to time sheeting and invoices. This isn’t a basic service desk bolted onto a RMM tool – this is a ITIL based full featured PSA tool.

Quosal, well, what can you say about Quosal. We purchased it basically to get uniformity to our sales proposals – but it’s so much more than that today. Kent, Steven and Sam are pretty much geniuses and this is actually my favourite product of the three. Quosal will do opportunity management for you (in conjunction with Connectwise), has a fully featured web and mobile client, picture based quoting (ask them for a demo of this) and enables you to protect sales margin in a way unseen in any competing products. We have seen a significant improvement in hardware and software gross margin from the implementation of this product and it has more than paid for itself many times over.

I’ve also been fortunate to see the ‘next’ version of Quosal and you’ll just have to take my word for it, it’s awesome.

What I like a lot about Quosal is that it’s designed for sales people, it’s not designed for highly technical people, so it’s very simple to use and will save sales people time which means adoption is a breeze.

Finally, Labtech – we recently transitioned from Kaseya to Labtech and it’s probably the best decision I’ve made over the last 3 years. We were using Kaseya as a simple remote control tool and not really unlocking the true value of the product, one could debate whether it was the Kaseya product, or our adoption of the Kaseya platform – but the Labtech product itself more than stands on it’s own two feet as a stand alone RMM tool whereas Kaseya was a RMM and PSA tool built into one (with more development work being done on the PSA than the RMM), it’s value therefore was limited as we already had a investment in Connectwise. Our staff are loving Labtech thus far and the work that it’s done on minimising our alerts, maintaining our clients PCs and Servers without as much intervention has done wonders for the improvement of our productivity.

But the main reason we transitioned to Labtech because we saw a lot of value in the integration piece between Connectwise, Quosal and Labtech which holds a lot of promise to us due to our size and the synergies we can obtain by having tight integration between the three products.

I know Arnie at IT Nation 2012 demonstrated a similar scenario I’m paraphrasing here, which if you saw should have made you run out and buy all three products but if you didn’t I’m about to blow your mind with awesomeness

Arnie demonstrated a PC installed with Labtech, a Quosal client and a Connectwise Client – the PC was underspecified with resources and required additional RAM. Here’s the information flow which mostly occurs AUTOMATICALLY!

  • The Labtech agent showed too little RAM for the users performance requirements
  • This pushed a configuration into Connectwise
  • A quote was then raised for RAM options automatically in Quosal and emailed to the Account Manager for their review (maybe 1 x 8Gb or 2 x 4gb with options for both)
  • An opportunity was created in Connectwise for this opportunity
  • The customer receives an email quote via OrderPorter and gives their approval electronically
  • This approval closes the opportunity in Connectwise and posts an order to your accounting package (if setup)
  • A ticket is created automatically for the install of the RAM into Connectwise
  • Once the ticket is completed and closed, the configuration is updated in Connectwise and a ‘before and after’ configuration email is automatically sent to the customer showing the amount of RAM they had before and what they have now

How awesome is that?!?!?! Did your head just explode?!

This is true demand generation from your RMM tool out to your quoting tool and delivers value through your tools to your customers that you couldn’t have with really any other tools in this same format.

All of this stuff isn’t future technology or pipe dream stuff, it’s here and now. If you want to talk about how we leverage these tools, please feel free to call, email or message me below!


Before I start on a review of this product, I just want to make something clear – I’m not a shill for any product – if I’m writing about it, it’s because we use it and either my customers or I like it (or loathe it).

So, in the interests of full disclosure, Anittel recently purchased 10000 agents of Webroot SecureAnywhere for our clients and internal use. This was after an exhaustive review process and many, many vendors input and sales pitches.

To preface why this was an important decision and one in which a lot of diligence was undertaken is because the two things that cause the most problems for any MSP is Malware and Backup issues. The amount of time burnt on these two issues the world over must be enormous because just internally here at Anittel I have worked out that we spent between 400 and 500 hours in any given month on these two issues, that’s a lost revenue opportunity of $50-60k which is straight off the bottom line.

Traditional issues are malware infections including ones created through zero-day exploits, clients not updating through traditional signature based updates, issues caused by AV installations (particularly ones that include a firewall) and other simple and niggling issues. It’s a running joke that the second something goes wrong with a PC or server, after you’ve rebooted it just uninstall the AV package and it’ll probably fix it.

So, to say it’s a pain is an understatement – when we were looking for something to replace our existing AVG/Kaspersky implementation through Kaseya we wanted to address these issues, not lock ourselves into another nightmare scenario.

I was fortunate enough to come across Webroot as part of our reviews and I was very impressed with a few things in theory with their product, namely:

  • It isn’t signature based, no need to ensure machines get signature updates every day
  • It has a very small install footprint
  • It has a very small scanning footprint
  • It retains a cloud based library of processes/applications that are allowed and not and if it doesn’t fall into one of these two categories it journals the changes made by that process/application and allows you to roll back if it becomes a known bad process/application.
  • It can be installed alongside other AV implementations without conflict (which was key, given we were going to be migrating from an existing AV installation for clients and wanted no lapse in protection)

I got talking to some guys there about the fact that I liked the product, but didn’t like the fact it was yet ANOTHER portal, something I talk about in an earlier blog. They were keen to work with us and Labtech to integrate it into our RMM tool which was a great outcome for all.

Anyway, we’ve been running it in beta internally and with some selected customers now for about 3 months and it’s been a stellar success, I’ve been very happy with the rollout and we’re now planning a schedule to cut all customers over to this platform in the immediate future.

There’s a few bad things, so on balance, I’m going to share them as well

  • It’s not great on a machine that’s already infected, it doesn’t have a clean up tool like McAfee Stinger that is good on pre-infected machines, you really want this out there before a breakout (obviously) then it’s very effective
  • The web portal, if you have to use it, is annoying – I don’t like it’s authentication mediums (although I understand why) and I think it’s clunky and not easy to understand. We’ve limited access internally to a few super users of the platform and setup standard packages for customers, this has worked well, I’d caution against rolling this portal out for 30 engineers – you’ll spend more time resetting passwords than having them working.
  • The integration to Labtech is in it’s infancy, it’s basically deploy/remove from Labtech using scripts, I’m working with Webroot on further integration such as logging tickets when a virus is found and remediating them/closing the ticket but that’s a while away

Otherwise, I can highly recommend Webroot to MSPs and in fact to corporates as well who are looking for a excellent anti-malware solution.

I’m getting a demo of their web security product as well this week, which looks to be interesting too and based on the same model (lightweight client and cloud based ‘definitions’) – I’ll let you know how it looks next week


Understanding the total value of your clients to your business is an important process to undertake. It’s essentially to know who is “keeping the lights on” so to speak so that you can give them the love and attention that they deserve. Not all clients are created equal and they don’t expect to and shouldn’t be treated the same – know where your bread is buttered and ensure that it’s continuing to be buttered!

But in saying that, total value from a net $ perspective can be misleading and some simple calculations can show why. If you have an unprofitable Managed Services agreement it can undo all of the margin you’ve built in other parts of the business.  

It’s been said to me with relation to Managed IT agreements “Why don’t you consider the ad-hoc work they do or the server refresh we’re going to do in 6 months when you calculate their ‘value’ as a customer” and whether we’d be better off keeping them on the books or politely suggesting they may be better served elsewhere. There are a few problems with this logic delivered quite elegantly on a sum basis – these sums are based on a fully loaded labour cost of $75 per hour per engineer which I think is reasonably accurate.


1.            Ad-hoc work is not guaranteed and fluctuates month to month; infrastructure upgrades by the same token are not guaranteed and you could look after a customer for 12 months on agreements that are costing you money only for them to leave you before they undertake the server upgrade component because they are unhappy with your service due to you spending hours on their network and never fixing the core issues

2.            Notwithstanding this, assuming they stay with you and do an infrastructure upgrade in year 1 – let’s do some quick calculations:

If a customer has an MIT agreement on which the monthly fee is $2000 and the effective hourly rate is $50ph (40 hours worked) at a fully loaded labour rate of $75ph you’d actually lose EVERY month on this customer $25ph or $1000pm – assuming this a business would waste $12000 per annum on that particular customer

If that customer chooses to do a infrastructure refresh for $30000 ($20000 hardware and $10000 labour) of which gross margin is 15% on hardware and all project labour is billed at $120ph the sums look like this:

(-$10000 + ((15% of $20000=$3000) + (83 hours of labour *$45=$3735)) = -$3265                                 

$45 = difference between labour cost of $75 and billing rate of $120

For the whole year that customer is STILL MINUS $3265 for you to look after them and they don’t do infrastructure upgrades every year!

If you were to improve the MIT rate to $75ph  the customer turn-around is $10000 (from a negative of $3265 to a profit of $6735)


This is just working with some round figures for ease of calculation, however it’s pretty easy to demonstrate how tolerating a low average hourly rate does not lead to pay-offs in the longer term.


3.            The other discussion point  that can be predicated is “This customer does another 20 hours of additional ad-hoc work per month, so they HAVE to be profitable”.


Taking the same customer from above with a MIT effective hourly rate of $50ph on a $2000 agreement and assuming they do another 20 hours of Professional Services work per month at this rate of $120)

(-$1000 + (20 hours x $45)) =$0  – again bearing in mind the $45 figure is the difference between the cost and revenue of the additional professional services work)


At BEST a business would break even (on a 0% Gross Margin) with this customer assuming this work occurs every month, but you would be doing 60 hours of work for $0 profit and it’s very easy to see how this could go sideways quickly and become a massive loss.

So, what’s the most important metric in your Managed Services business? The one I keep an eye on the most – Average Effective Hourly Rate by location on a rolling 3 basis.