How to Boost MSP and MSSP Margins

Margins are usually pretty tight in the managed services space. Not grocery store-bad, but still pretty tight.

Michael Hanauer, Vice President of Managed XDR Sales & Marketing at Barracuda MSP, has heard that average margins hover around 8%. Clearly, that leaves plenty of room for improvement. Anything that can boost margins without requiring heavy investment has great potential value for both managed service providers (MSPs) and managed security service providers (MSSPs).

We asked channel experts for tips on how to increase margins and profitability. Here are their answers.

See our picks for the The Top 22 IT Channel Partners

Partnering Beats DIY

Do-It-Yourself (DIY) can sometimes work well for homeowners. They paint a room, fix a leaky toilet, or change the blinds. But for larger tasks such as roofing, rewiring or re-plumbing a house, many quickly get out of their depth or end up taking a long time to complete the job. Their initial enthusiasm subsides due to issues such as lack of proper tools, inexperience, architectural complexity, far too many mistakes, and escalating costs. Learning as you go is at best cumbersome.

It can be the same with managed services. Some MSPs and MSSPs find success in one niche and decide to invade another zone of service. Perhaps they built everything themselves years ago when they were starting up – bought the servers, wrote the code, and over several years built the service up to where it is today. But in the current world of IT services, competition is such that there may not be time to spend a year hiring new resources, procuring and assembling the many facets of the infrastructure, training staff, and launching the service.

Hanauer gives the example of trying to launch a security operations center (SOC). An SOC analyst salary might be around $100,000 or more a year.  To fuel 24/7 coverage, at least 6 employees would probably be required. That’s $600,000/year just for staffing – plus benefits. Adding the cost of ongoing training and the tools they need to run a SOC such as an enterprise-grade security information and event management (SIEM) system, agents to collect data, and other technology elements, and the annual cost to run an SOC may top $1 million per year.

“To improve margins, I’d recommend outsourcing such expensive elements to a trusted vendor partner that has achieved economy of scale across a broad client base with affordable pricing that would allow MSSPs to apply their desired margins on top of their price,” said Hanauer.

That approach has the added benefit of letting you scale services to meet demand without a big upfront cost – kinda like cloud computing.

Also read: Financial Services MSP Shows Importance of Partnerships

Lower Costs or Higher Prices?

Speaking simplistically, there are two primary routes to higher MSP margins – increase prices or reduce costs. Increasing the price of a service is not always easy. It requires what economists might call “pricing power” – customers who fully understand the value of these services and might grudgingly pay more as your costs rise.

In security, for example, customers that aren’t seeing attacks and where everything is running smoothly often feel that they are paying for a non-required service. This leaves them asking the question as to why they are subscribing to the service, let alone the increase in pricing. In that case, a way to demonstrate value is through detailed reports that include staffing and resource costs saved and  threats encountered, prevented, and remediated – and, if possible, what the attack would have cost a customer so you can demonstrate return on investment (ROI). MSPs and MSSPs must step up and show their customers that their service is preventing threats, reducing downtime and saving on costs.

Reducing cost may be an easier route to increasing margins, particularly if the result is an increase in sales. That typically takes outsourcing or automation.

“MSPs can reduce costs either by introducing automation across their service delivery where applicable or outsourcing some aspects of their services without cutting corners,” said Hanauer.

Also read: Top 15 Managed Security Service Providers (MSSPs)

Calculate Staffing Carefully

Sophos launched its own managed services business two and a half years ago. Yiannis Vassiliades, the company’s Senior Director of MDR Products, said he learned to account for enough people (analysts, leads, customer success managers) to have enough coverage while accounting for vacations, illness, turnover, and 24/7 service. To compete effectively, there is no getting around having the minimum personnel complement in place (or paying another provider that possesses such riches).

“This core team will have a capacity to cover up to x-number of customers,” he said. “This team represents a ‘fixed cost’ but it is necessary to launch a service.”

Be Realistic and Plan Well

In addition to staffing, there are many other areas that require realistic and accurate planning. Promises of high margins should be avoided. Those from the software side of the business might set expectations based on their experience in selling applications. Managed services are a different beast entirely.

“Services margins are always going to be lower than software product margins due to the ongoing human-cost element that does not exist with product after it is delivered,” said Vassiliades.

Additionally, to maximize margins, he recommends that a credible customer growth forecast is generated. This enables the organization to determine hiring requirements that should be raised in direct proportion to customer acquisition targets. An SOC that can cope with 20 customers can’t be expected to suddenly deal with 30 more without many additional resources.

“A common mistake is to slow-roll hiring,” said Vassiliades. “This leads to people burnout and high turnover.”

MSP and MSSP Business Models and Tools

Further reading on the managed services business and tools:

Drew Robb
Drew Robb
Drew Robb has been a full-time professional writer and editor for more than twenty years. He currently works freelance for a number of IT publications, including eSecurity Planet, ServerWatch and CIO Insight. He is also the editor-in-chief of an international engineering magazine.

RELATED ARTICLES

Must Read