ChannelPartner Workshop: Successful with managed services around Microsoft 365
The message from Microsoft is clear and precise: When using Microsoft 365 (formerly Office 365), the group takes care of the operation, security and availability of applications, the underlying operating system and the physical infrastructure. This relieves his customers of a lot of work compared to running the software on their own servers. However, he expressly rejects responsibility for security, archiving, data protection, compliance and backup of the data. Users have to take care of this themselves. This is regulated in the Modell der “Shared Responsibility”. Microsoft is by no means alone with this classification. Other large SaaS providers – such as Salesforce – proceed in a similar way.
With Microsoft 365, however, this fact has not yet reached many companies. “Many companies have tried to switch quickly to Microsoft Teams. First of all, it was important to keep productivity high, and the focus was not so much on security,” reports Mischa Rohleder, Cloud Security Consultant Controlware as part of the ChannelPartner workshop on Microsoft 365. “But if the security is low, the attackers know that too. It is then easier for them or the inhibition threshold is lower – and the profit potential increases. Therefore, a certain amount of time was clearly visible that the number of attacks has increased. In the meantime, however, customers are gradually becoming more aware that they need to improve security. ” This is exactly where system houses and IT service providers can start. Michael Watzl, Director Channel Sales DACH, provides the figures Mimecast.
“Regardless of which Microsoft Exchange Online Protection license a company uses, additional solutions are still important: We tested with the most extensive license model, E5, and even with that, 22 percent of spam and malware still get through – and that is a very high proportion With our quality and customer feedback, we are so far advanced that we can offer every customer a standard SLA that includes 100 percent antivirus performance and 98 percent detection performance for spam with a false positive rate of less than 0 , 0001 percent assures. “
“There are both companies who rely on having all worries out of the way with a contract for E3 or E5, and those who know in advance what Microsoft can and cannot do and plan accordingly,” reports Mimecast spokesman Watzl from his experience.
“We try to calculate the individual added value for each customer,” says Channel Manager Steven Kugler, explaining the approach of Avepoint. “We do this together with the partners by explaining the options and the possibilities of our solutions to partners as extensively as possible and pointing out the pain and the problem areas that we can fix.” However, Kugler admits: “However, none of this is applicable if the customer does not have this pain or does not feel it or simply has no budget for it.” These aspects would of course have to be taken into account before an extensive analysis and go through with the customer first.
Controlware also relies on an initial check-up of the security configurations in Microsoft 365 before the start of a project or contract. “This usually results in around 80 recommendations,” explains Patrick Benesch. In addition, “a lot of facts would be uncovered, where the customers fall off the stool in shock.” An example of this is when customers see that their employees, who have been using Microsoft Teams for a year and a half, have granted access rights to dozens of third-party applications – that is, third-party services are granted access to e-mails and company data. Such shocks are beneficial – and raise awareness among companies that they should be dealt with by someone who is familiar with security and compliance in this environment.
Barracuda SME also insists that insight comes from insight: “As a basic product, we offer a remote monitoring management tool that enables complete visibility of all devices in the company. It enables weak points to be identified, patch management to be carried out and service plans to create “, summarizes Kay-Uwe Wirtz, Regional Account Director (DACH) at Barracuda MSP.
“Since everything is developing in the direction of software-defined and automation, we of course also provide the interfaces to well-known companies such as ServiceNow, which can be used to automate everything and add a ticketing system. About our offer for e-mail security in turn, many other connections are possible, not only to Microsoft 365 customers, but also in all other areas – ultimately up to SASE or Zero Trust Network Access, “says Wirtz, showing partners prospects for expanding business with existing customers.