At your service (originally published in Issue 127 of CRN Magazine (Australia)
Managed services delivery, it seems, is coming of age. Deploying and administering specific IT functions has in recent years become a popular way for resellers of all stripes to make a buck.
Rolf Jester, a senior Gartner analyst specialising in services, says the managed services sector has become almost boring.
“[Managed services] is becoming more of a normal business, and normal businesses -- when things are ticking along, making money and delivering services that customers like -- are a bit ho-hum. And, in actual fact, that’s a good thing,” Jester says. “That’s good news.”
The Australian managed services sector has turned over about $4.5 billion in the past calendar year and that figure is expected to go on growing by 4 or 5 percent a year for the next five years or so, he suggests.
You would think that packaging and delivering managed services might be a game for industry giants, like big-bang outsourcing was once upon a time.
However, Jester says the field is much wider. Actually, many smaller companies have wriggled into the niches between small and mid-size and large company needs to provide every kind of IT and related services.
“It’s a well-established business in that sense. The good news is there’s growth and it is bigger than the gross domestic product [GDP] rate, which is positive,” he says.
Slowly yet surely, managed services is becoming a bigger part of the whole economy and of all IT deals. Customers are learning it is not necessary to have IT functions and infrastructure in-house, delivered by their own staff, so more functionality is being offered as a managed service of some kind as time goes on.
That makes sense up against the big picture, says Jester. In future, Gartner believes most IT will get delivered to customers as a utility. “It’s early days for that, but we’re seeing the early signs,” he says.
Global giants like EDS, IBM and HP have all announced various services that move delivery towards the utility ideal. Meanwhile, many small providers are tackling individual applications that can be provided to businesses more cost-effectively from an outsider.
“For example, similar marketing solutions can get delivered across the internet as an application utility,” Jester says.
Once upon a time, it was all too new and specialised for that to be possible. Today, just like with the invention of mass production methods in the 19th century, IT and IT services in particular, are going beyond commodisation and have started moving towards industrialisation. It is turning from being a craft, cottage industry into something more about scale, capital and investment, yet it works and is reliable, he says.
“That is a very strong trend, the industrialisation of IT,” he says. “And by definition, it means it’s more standardised. You can’t have the Model T [Ford] in any other colour than black any more and that will turn out to be a good thing.”
While people who want their IT services in a unique shade of pink may be inconvenienced, most users would find the commonality of more commoditised services a boon, Jester suggests.
“Both companies and players are learning the discipline more and more, getting better at defining what they’re selling and buying, understanding and managing that and the risks and how to mitigate them,” he says.
“I say it’s the future of business as well.”
Brave new world notwithstanding, it seems indeed that managed services have been proving lucrative for resellers, and more providers, as a result, are beefing up their offerings accordingly.
Brett Oberstein, national business manager for managed services at integrator Dimension Data, says the integrator has been getting busy in managed services. Recently, Dimension Data has launched managed IP telephony, SQL, incident management and response, digital rights management (DRM) and storage services.
“It’s grown from what was initially a maintenance base. Originally, we built and grew a very large maintenance business and we broadened our knowledge and expertise into a broader set of IT services,” he says.
Oberstein says managed services probably account for some 20 percent of Dimension Data’s business. New ideas, such as managed DRM, are proving popular with its customers wanting to better manage content such as SharePoint portals or email.
“That’s useful for financial or health providers, or anyone with intellectual property that needs to be protected,” he says.
One big issue, he concedes, is the ongoing investment in the resources needed to deliver the right managed services. Dimension Data partners with 30-odd vendors to get the knowledge it needs.
Further, service level agreements (SLAs) have substantially evolved since 1998 when Dimension Data started doing managed services. The integrator has fine-tuned the ways it could optimise and enhance what it provides. And key performance indicators (KPIs) have become mutual.
“We now have some fairly complex contract structures,” Oberstein says. “It’s not about managing the infrastructure but managing the business service.”
Nick Verykios, marketing director at Firewall Systems, says managed security provision is a top example of the ability of managed services to provide sophisticated, complex services that a customer would find very difficult to do itself.
“Without continued, invisible and comprehensive tuning of threat management devices and applications, all businesses are vulnerable,” Verykios says.
Firewall Systems therefore offers “complete” threat management combining a suite of managed services with best-of-breed technology.
“These services are only available through our reseller partners and are developed in association with our vendors,” Verykios says. “We are doing this for Network Box, Check Point, Resilience, Trend Micro and WatchGuard.”
“We must continually prepare for threats that haven’t even been thought of yet!” he says.
Data security has jumped to second place after budget considerations for many IT managers. “It’s no wonder that the Yankee Group predicts that virtually all larger companies will outsource security by 2010,” Verykios says.
However, Verykios believes resellers need better skills and should seek partners to help them meet customer demand for threat management solutions that secure the networks, systems and applications -- maybe even the ones they already sell.
“For those channel players prepared to evolve and adapt, these are new opportunities,” he says. Perpetual investment in IT security knowledge in-house can bankrupt a reseller. So partnering a non-competing provider that already has that specialist knowledge can be an answer, suggests Verykios.
It seems the competition is getting hotter. Seccom Networks has just inked a managed security services deal with SonicWall. Seccom Networks is also seeking resellers to manage the network security of corporate and SMB customers.
Colin MacKenzie, chief executive at Seccom Networks, says the partnership let it provide 24x7 technical support and rapid replacement services to new and existing SonicWall clients, while expanding its ability to offer broad-based security to larger clients.
“Many of our customers are demanding this type of solution,” Mackenzie says.
Seccom is providing managed security via two FortiGate-300 systems and FortiReporter software to the Australian Rugby Union (ARU).The ARU’s system holds sensitive data -- registration details for 160,000 rugby players.
Under its previous arrangement, the ARU could “see” traffic from its security supplier’s other customers. It is possible they could read ARU messages as well. That has stopped, and Seccom has curbed the downloading of large files from the internet, such as music, videos and pictures, as well.
Now, Seccom looks after the network at a high level while the ARU controls the desktop, which makes the ARU much happier.
“That transparency is important to us,” says ARU network manager Greg West. “Much of the IT network security industry tends to operate on a ‘you don’t need to know’ basis. It all blows out traffic costs, which we need to keep to a minimum.”
About 70 percent of Seccom’s customers have network security problems, such as virus outbreaks. Yet MacKenzie says Seccom has seen MSSPs fail in trying to manage a multi-vendor environment. Even those with lots of staff find it difficult to master and manage multiple platforms, MacKenzie claims.
Where perimeter protection is not appropriate, Seccom partners ISPs to provide “clean bandwidth” pipes to the ISPs’ customers. By supporting virtual domains, these larger systems allow an ISP to offer full security services to multiple customers from single devices, MacKenzie says.
Some resellers are taking a more diversified approach. Drew Arthur, director at NSW-based franchise management software developer and managed services provider Micronet, says his company has been working on its hosted business model since 2000.
Micronet’s vision is to let SMBs, retail franchises and corporate buying groups divest themselves of servers, application software, backups, intrusion detection, anti-virus and overall data management.
“Most SMBs, for example, don’t invest significantly in infrastructure and end up with sub-standard systems that prevent IT developing as a strategic part of their business,” Arthur says.
Micronet has worked with the likes of Pirtek and Amber Tiles. It develops and deploys inventory and accounting offerings. “Micronet manages the process with its customers and enables more complex implementations in a faster cycle,” Arthur says.
“This reduces the need to go shopping for a variety of outsourcing arrangements from niche suppliers and then trying to combine them into a practical desktop.”
Networking gear vendor 3Com has just unveiled a VoIP, security and infrastructure managed services strategy targeting enterprise and carrier customers. It sees the move as taking advantage of a growing market.
Managed service providers would use 3Com products to automate implementation, service configuration and support offerings.
Bruce Claflin, chief executive at 3Com, says few vendors are actually enhancing products specifically for managed services.
“The capabilities we’re building into our products through our managed services will enable both managed service providers and enterprise end users to streamline, secure and automate their business processes,” he says.
Meanwhile, Sun Microsystems has partnered managed services provider Frontline Systems in a three-year deal to support an electronic messaging system for shipping companies Patrick Corporation and P&O Ports.
A Solaris-based 1-STOP shipping industry-specific managed service is expected to cut data hosting and cargo management re-engineering compliance costs by half, eliminate most paper transactions regarding cargo and cut network downtime.
Shipping, like many industries, is under pressure from new regulatory stipulations. Recent cargo management legislation means stevedores must comply -- a task that gets ever more onerous.
Steve Murphy, managing director at Frontline, says the new managed service gives the Melbourne dock 55,000 extra minutes of trucking time. The next development for 1- STOP will be developing a common, internet-based vehicle booking system platform for Patrick Corporation and P&O Ports.
“This is an exciting project to host, as 1- STOP is propelling multiple entry systems into the 21st century and helping to eliminate both double entry and human error,” Murphy says.
There are caveats. David Taylor, regional director at NetIQ, says any organisation setting up a managed services business must consider at least two fundamental elements.
“Firstly, the staff and processes must be in place to deliver a very high level of client service. Secondly, technology tools must be in place to ensure they can deliver on their technical SLAs,” he says.
These tools must be aligned with the service to ensure application and network availability and uptime, Taylor says.
Printer maker Lexmark provides managed printing and output solutions. “For many years, Lexmark has been helping organisations develop output strategies of which printer fleet management is an integral component,” a Lexmark spokesperson says.
“In Australia and New Zealand, organisations have been using a managed print service (MPS) to control the ongoing costs of a distributed fleet, to drive down costs to improve their bottom line.”
Lexmark says the MPS market has been estimated as growing at 25 percent a year.
Lexmark’s “distributed fleet management” MPS has resulted in 20 deals with some of Australasia’s larger companies. “Lexmark and its partners have 40,000 devices under maintenance and management contracts,” the spokesperson says.
Printing is growing, while copying and faxing -- and possibly scanning too -- are in decline.
Organisations, however, are continuing with their large fleets of devices, which must be configured and deployed according to actual work practices.
That opens up a chance for the MSP, the Lexmark spokesperson says.
Managed services are a form of outsourcing -- a go-to-market strategy that has copped rather a lot of flak. Gartner has predicted that, by 2008, 70 percent of all outsourcing deals will face serious problems that could cut the contracts short. Ten percent will break down completely. Only half will persevere with a solution.
Linda Cohen, a US-based managing vice-president at Gartner, says the main causes of failure include a “not-strategic” approach to problems, a lack of innovation or atrophied IT environment, blame-shifting, customer dissatisfaction with price or results and bad management.
Providers should watch for “deal paralysis”, she says. That is a situation where unpredictable deal costs lead to unpredictable service and delivery models. Also, vendor “tunnel vision” can lead to poor internal or external collaboration between service providers.
The picture can be bleak, she says, but many problems are avoidable and even reversible.
Cohen’s prescription is to ensure the “right people and the right processes” are in place, guaranteeing a disciplined approach to multi-sourced service provision. Providers must also clearly articulate how the service meets defined business goals and strictly adhere to a management and governance model.
“The third stage involves choosing the right deal to achieve the desired outcome based on an efficiency, enhancement or transformation model,” Cohen says. “Should this be a customised deal, or a standard one?”
David Blackman, national VAR sales manager at Symantec Australia, has some very specific tips for selling managed security services.
Resellers must make sure they team up with the right vendors. A vendor with offerings across various platforms and who specialises in managed security services might be best, he suggests.
“By only supporting one vendor’s platform you will be missing out on incremental revenue opportunities,” Blackman says.
Mid-market customers are stretched when it comes to their resources. But he says it is a big mistake to pitch on price. “You need to confidently be able to describe the true value-add. Managed security service costs are not inexpensive,” he says. “Pitch the benefits of outsourcing.”
Managed service providers should offer options on pricing, such as longer term contracts, tiered pricing offerings that can be matched with IT spend, or monthly payment programs, he says.
“[But] beware of long sale cycles. Forecast sales well in advance,” he says.
Resellers should also seek out verticals where regulatory pressures have intensified, and target them. Managed security, for example, can help organisations protect their information assets, Blackman says.
According to analyst Frost & Sullivan, Cybertrust is leading the Australian managed security service market with 25.5 percent market share. The global company has done well in Australian government deals, specialising in managed authentication and public key infrastructure services.
“By combining the right mix of people, processes and products, Cybertrust has taken the lead not only in Australia, but around the world,” says Paul O’Rourke, Asia-Pacific general manager at Cybertrust.
John Mobbs, chief executive at criminal records specialist CrimTrac, said Cybertrust secured its internet, email and web hosting services via a DSD-certified gateway. “We also use Cybertrust’s VPN service to provide secure remote access for key staff and it is a major enhancement to the way we previously struggled with this capability,” Mobbs says.
Ric Benjamin, enterprise sales manager at Southern Cross Computer Services (SCCS), has been working with managed security vendor Network Box for about a year. Customers were getting keener on enterprise data security, he says.
“We had expertise in firewall, anti-virus, web content filtering and so forth but we technically only had part of a solution,” he says. “Customers were asking us to provide more and more support.”
SCCS approached Network Box with a view to developing a more whole, complementary service offering. Network Box gave SCCS access to economies of scale for efficiently delivering managed security services, Benjamin says.
Instead of tailoring a specific solution for each customer, SCCS resells one of Network Box’s offerings to maximise its return. It has worked well so far and is definitely a growing part of SCCS’ business, Benjamin says.
SCCS warns that customers are not necessarily expecting third-party involvement. The big thing is developing a trusting relationship among all parties, he says.
“We lead the deal but Network Box assists if necessary,” Benjamin says. “That might include taking the customer out to Doncaster [Melbourne] and giving them a sense of what it would be like to engage with Network Box.”
SCCS works with Network Box to ensure the products are properly configured from the start. "We rack-mount it and connect it up and ensure it’s working but once that’s finalised, they really then deal directly with Network Box,” Benjamin says.
Andrew Tune, director of Network Box, says few vendors have taken a unified, streamlined approach to security services provision. Keeping costs down is key, especially for smaller customers. Many providers have offered services with a price tag of $20,000 or more every month -- a cost totally unaffordable for most SMBs. Network Box can do similar stuff for around $2500 a month, he says.
Network Box’s global reach means resellers get the best chance of making decent recurring revenue. “We’re like Foxtel,” he says. “They sell you a set-top box in order to provide a service. But there are five different boxes.”
Managed security lets users get updates faster and more cheaply. Customers choose the type of SLA they require, the response time and maintenance options they need. And the model works: Network Box claims customers with anywhere from one to 210,000 users, including Nintendo, Toyota and Amnesty International. And that is all done through channel partners, Tune says.
Tim Dickinson, country manager at SonicWall, says SMB demand for managed security is booming. “The worldwide market for managed security services is estimated to reach over US$20 billion by 2007,” he says.
When considering this model, resellers must take stock of their own capabilities and security expertise. They need to invest in infrastructure and staff to provide the high quality of service customers are now demanding, he says.
However, any reseller can still partner an existing SonicWall specialist managed security provider. SonicWall will also help resellers choose what best suits the individual company and offers ongoing training.
“More customers are requesting SLAs that bundle the ongoing cost of the DSL connection with management and licensing of firewall appliances and services,” Dickinson says. “Time and again, we’re hearing them say ‘make it easy for us’ and ‘keep the cost down’.”
SonicWall has developed a global management services console that it believes helps resellers manage and update large numbers of appliances remotely from a central location. Rather than take a “one-size-fits-all” approach, resellers should offer various options and tailor their offering, he claims.
“It is all about recurring revenues at high margin to ensure a sound return on investment,” Dickinson says.
“The internet has clearly changed the competitive landscape for businesses of every shape and form. This explosion has led to the widespread use of intranets, extranets, application service providers (ASPs) and business-to-business exchanges, creating a tremendous need for networking services.”