How to Evaluate Your Managed Service Provider

November 11, 2018

Business technology requirements are continuously growing and evolving. As your business expands, you may find that you need to outsource management of particular IT functions and employ the help of a managed services provider. An MSP can deliver innovative, secure and flexible technology solutions tailored to your business needs.

 

However, that means placing a crucial aspect of your business in the hands of a third-party. Before retaining an MSP, you need to perform your due diligence to ensure you are working with the proper IT partner who has the right experience, credentials, processes, expertise, and services. 

 

However, that means placing a crucial aspect of your business in the hands of a third-party. Before retaining an MSP, you need to perform your due diligence to ensure you are working with the proper IT partner who has the right experience, credentials, processes, expertise and services. 

 

SERVICES

First and foremost, define the services that you require before selecting and committing to an MSP. Do you need help running daily IT operations or end-user IT support? Are you trying to implement cloud security? Perhaps you’re just looking for infrastructure management support. Whatever the service that you require, make sure the MSP can deliver it!

 

  • What is the MSPs scope of services?

  • Has the MSP worked with businesses similar in size, scope and industry?

  • Do the MSP's solutions match your needs — both present and future?

 

IT requirements differ significantly between small, mid-size and large organizations. There are also compliance regulations that need to be followed according your industry, such as HIPAA, PCI DSS or FFIEC-IT. To remain in compliance, you may need to implement auditing/monitoring/reporting; ensure that your MSP can accommodate.

 

GENERAL

Check for demonstrable experience, like client testimonials, technical certifications or partnerships; some may even list awards recognizing exemplary services. 

 

  • How long has the company has been in business?

  • Does the MSP have a documented corporate organization chart, no older than 12 months? 

  • Does the company have client testimonials available?

  • Does the MSP have client references whom you can contact?

  • What technical certifications does the MSP hold? 

  • Does the MSP have established partnerships with other technology vendors? What are the details of those relationships? 

TERMS

Once you know the services you require and confirm the MSP can deliver, ask questions about service coverage and guarantees. 

 

  • Does the MSP clearly define Service Level Agreements (SLAs) and termination clauses? 

  • What does the contract cover?

  • What is the duration of the contract?

  • Do they have insurance? If so, what kind?

 

The contract and SLAs should illustrate the level of service that a customer should expect from their provider. This agreement details the areas of maintenance included, the speed of response to requests, the monitoring and reporting services and the punitive consequences for the provider not meeting SLAs, which may include reimbursement to customers. 

 

SUPPORT AND MONITORING

 

  • Does the MSP offer 24x7x365 support?

  • Will they offer a dedicated account manager or support manager for your business?

  • How many people do they have on their help desk?

  • What is the response time for IT issues? 

  • What is the guaranteed uptime? 

  • Ideally, an MSP can offer you zero downtime (99.99% availability), but you have to be prepared for the rare outage exception.
     

SECURITY AND DISASTER RECOVERY

In addition to bolstering your own internal systems, verify that the MSP has documented and tested security processes and systems. 

 

  • Do they offer penetration testing as part of their services?

  • Do they offer security awareness training for your employees? 

  • Does the MSP have a formal, documented cybersecurity plan?

  • What physical security protocols and systems do they have in place?

  • What network security protocols and systems have been implemented? Are they aligned with company requirements?

  • Does the MSP have documented internal security policies for employees? 

  • How often do patch and system updates occur? Is this an automated process?

  • What is the Mean Time to Recovery (MTTR)? This is an average of how long it would take to recover systems in the event of an outage.

  • Does the provider have a fully-tested disaster recovery plan in place? 

  • Additionally, verify that the provider will take the appropriate steps to mitigate risks to your infrastructure and that they maintain a robust security posture.

 

TRANSITION

Finally, once you’re fully informed about your MSP, ask if your top choice provides migration or transition services.

 

  • What does migration process/transition entail?

  • Will they be able to migrate necessary data or systems for you

 

Another factor to consider is if the MSP can continue to deliver services to scale with your growing business. Running successful IT operations and mitigating risk is complicated, and new requirements will arise as your organization evolves. Ensure that you select the right MSP who can provide cutting-edge solutions, and allow you to focus on strategic priorities.

While the due diligence process requires both time and effort, finding the right partner to meet your precise technology needs will make a significant difference. Reach out for a complimentary assessment of your organization and find out what you can gain from a trusted managed services provider. 

 

 

 

Share on Facebook
Share on Twitter
Please reload

Featured Posts

Protect Yourself from an Internal Cyberattack

August 1, 2019

1/8
Please reload

Recent Posts
Please reload

Archive