Back to Blog

How to Confidently Bundle Office 365 Security for MSPs

The standard shipping container is the unsung hero of the modern world!  More on that later…

Why Bundle?

Bundling means combining several MSP service offerings into a “bundle” that you sell at a single, collective price.  It’s the opposite of delivering services and software licences in an ad-hoc manner. It is offering complementing packages and services which work together to meet a desired IT engagement level for clients. Offering, say 3, different bundle levels is a common approach to let the clients choose their appropriate engagement and investment into your services.  This is a rapidly growing trend with MSPs for small business, especially the ones with growth aspirations.  

The Usual Obvious Advantages

  • The bundle gives the client confidence that the chosen service level is standardised and fits their business broadly so that they can get back to their business.
  • The delivered whole is worth more than the sum of the parts. Clients understand complementing services work in the above way and thus adding elements into the bundle, some of which would not normally be sold initially, in a non-bundled scenario, is like front loading an upsell to the client. The client sees that upsell value immediately.
  • The pricing is easier to consume for clients. They can compare packages and have confidence in their choice. This increases stickiness.

The Not so Obvious Advantages

  1. The shipping container - Streamlining makes delivery consistent and achievable

    Streamlining and standardisation through complete or partial automation will make delivery achievable, consistent, and less expensive.  Just like the shipping container revolutionised international supply, allowing for streamlining, reduced inter-transport overhead switching, and reduced cost of freight. We all know that ad-hoc work is disruptive and overly time consuming. IT Admin and support personnel rolls become a constant chop and change between tasks and each task comes with a non-standardised overhead. Standardisation on the other hand creates smooth repetition in which tasks can be automated or semi-automated.  Whenever tasks cannot be automated, set playbooks and scripts can be quickly adopted and iteratively improved upon.  The scripts can be followed effectively by less skilled operators. Ad hoc overhead diminishes and the service level gains consistency.
  2. Full-Cycle, Proactive Engagement and Retention

    Higher engagement and retention is possible in a delivery that is streamlined and standardised. Not just because the engagement is efficient but more because a standardised service, unlike an ad-hoc service allows for the perfection and consistent delivery of the real value making activities which would otherwise be neglected. These value making activities are unfortunately what in the “heat of the moment” considered non-critical tasks, that would otherwise be omitted in an ad-hoc pressured schedule.

    Ad-hoc schedules move from fire to fire, focusing only on the indispensable part of service, the quick fixes and fire suppression. Fire suppression is not proactive, or future preventative. It does not implement standardised and consistent changes that will prevent future fires. It does not proactively check for standard failures and does not follow up with clients with reports and remedial future actions.

    These value making tasks are where the value creation happens. The proactive work improves the level service by dramatically strengthening a robust and consistently future proofed client IT posture. It is also in these tasks that clients are engaged, made felt secure, relationships are improved, confidence increases and ultimately the client retention skyrockets.

Full Lifecycle Office 365 MSP Security with Confidence

So now we can see the hidden values of standardising. This is especially true for Cloud MSP services such as Office 365. Office 365 is probably the most important single service to secure since it encompasses most of the client business. Standardising and maintaining security gap analysis, config roll out, monitoring, triage, remediation, and client touch will complete a full proactive and value making lifecycle.  

Standardise and Automate These Aspect

Automate Gap Analysis

Office 365 is notoriously unconfigured and difficult to do so given its size and complexity. Adopt a pre-selected set of security baselines that fit your client and that can be instantly scanned against any client to produce a gap analysis. Make the gap analysis reportable for added client touch. If automated, this process can be repeated at regular intervals with little effort.  

Automate Baseline Application

Using baselines in your gap analysis lets you easily view gaps and have the confidence to quickly remediate them given the same baseline is used also for remediation. Continuously monitor these baselines, with alerting, for easy posture maintenance.

Automate Event Monitoring

Deploy an easy to set up and configure monitoring solution. Something that plugs in quickly and does not need specialist attention. Ensure the alerts are feeding into your PSA of similar alerting tool. As a bonus if the monitoring can pick up past events you will get the bonus of handling clients who have already been breached.  

As a bonus if any baseline deviations (from above) can be fed into the same engine you are also saving time switching between tools.

Automate Triage

Not having excellent alerting with simple visibility, complex event translation, augmented IP and risk information will slow you down when it comes to triage.  Triage can require an expert eye at times so anything that can give confidence to less experienced service admins will help a lot

Automate Remediation

Remediation needs to be easy, confident and handle three scenarios:

1.       Remediation of baseline deviations and other risky gaps

2.       Remediation of breached accounts

3.       Alert dismissal and addition to the risk register

The first two are critical for a fluid and confident response. Automating the adding of items to the risk register is often overlooked even though in many cases it is exactly what happens when a client asks you to “just please leave it as they are too busy for the disruption”.  It is their choice.  The ability to add it quickly, record it, and report it, is critical to avoid future blame landing on the MSP.

Regularly Report for High Client Touch

Automated Report should include at best:

Make the client reporting a regular client touch opportunity.  If you have deployed the above then these checkpoints will be a great way of proving your robust approach, active and consistent response and ultimately your value an MSP.

Consideration - The competition and putting more in the base packages

Now Office 365 is ubiquitous at all levels, however its security delivery is not. Besides the fact that security as a second class citizen must change, you should consider your local competition with other MSPs in their bundles.  

Here is a suggested Bronze MSP bundle package that will compete well given the current threat climate

• Adware and virus protection/removal,

• Endpoint support and Patch management

• phone and remote support services

Office365 Continuous Security Posture Management

The bundle can be a double-edged sword since it standardises and hence makes comparable competing MSP offerings. Of course, there is no way back. Folks choosing a new MSP will compare. If it is possible to deliver some security standards, at low cost, and through automation, as part of your Office 365 security bundle then you will nail the competition comparatively

Shameless Plug – We do all This – Explicitly For MSPs

I believe strongly in what I have written above. I have spoken to hundreds of MSPs. I see the challenges and have created Octiga to address these directly for MSPs. Octiga provides client security ultimately however it is the MSP that benefits continuously through the automation of everything you see above.  We see the MSP as our clients and they trust we have their interests, and the interests of their clients at heart.

So if you think Octiga is a what you need to improve your business, get in touch with us or book a quick 15 min session!

More from the Blog

SharePoint Online Security Best Practice Guide for MSPs

Despite the tight security services provided by Microsoft, SMEs' Office 365 is breached intentionally by malicious actors or inadvertently by insiders. Follow these SharePoint Online Security Best Practices to protect your organisation & employees from common security mistakes in 2022.

Read Story

Why MSPs need to Reconsider SIEM for Office 365 Security

The advantages of SIEM make it a go-to tool for Office 365 security; however, the long list of implementation pitfalls can sometimes exceed its benefits. Here are some insights on why MSPs need to reconsider Office 365 SIEM and how they can turn them around.

Read Story

Secure and Manage Office 365 with PowerShell- The CIS Approach Part 2

Secure and manage Office 365 with PowerShell via the CIS approach. This part deals with addressing Office 365 security audit activities. Here are the basic PowerShell commands for scripting and remediating Office 365 audit log for admins, service providers, consultants and security admins.

Read Story

Never miss a minute.

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa.
We will never share your email address with third parties.