- MSSPs are having to invest more in improving their service quality, as customers get more critical
- The solution could be better overall customer support and more security outsourcing
Reviewing the latest Q3 2011 financial performance metrics, a common trait is emerging: many service providers (carriers like Verizon and IT service providers like T-Systems) are investing a lot of their revenues into improving the quality of their managed service delivery – which has put a dent in Q3 profits. Some are making the investments defensively because customers are complaining; others are doing it proactively to avoid future grief.
On the managed security service provider (MSSP) front, vendors are feeling the heat on two fronts. First of all, the sophistication of their security services has been bumped up to accommodate the wave of virtualization, while the emergence of the cloud service delivery paradigm and the explosive growth in mobile data and mobile devices. Another driver is the shift in the type of SLAs that MSSP contracts contain – deals are transitioning from point security performance-focused agreements around tactical areas such as firewall performance, toward SLAs that are much closer to customers’ own key performance indicators (KPIs) (e.g., e-commerce site down-time due to DDoS or other attacks). These are parameters that customers actually monitor closely, whereas previous SLAs around firewall performance over an extended period of time were next to impossible to monitor on the customer side. Of course the much better customer portal services have also improved service delivery transparency, and made it easier for business people to assess service provider performance.
Given that the service providers all view managed services as a core growth opportunity, they have no choice but to bite the bullet – while trying to figure out how to monetize their increased efforts. Some like BT Global Services and IBM are linking higher levels of security services with better overall customer support services hoping to increase stickiness with the customer and taking over more service areas. Recent research has shown that company security investments have begun to lose momentum and that more companies are willing to run higher risks to conserve capital. So can the two trend lines cross each other: internal IT security resources coming down and outsourced security going up? Can the MSSPs profitably engineer their security offerings, such as in identity management to provide visible internal savings while improving the customers’ security stance? Certainly the demonstrated efficiency of cloud services coupled with their strong security record shows promise.