“Managed services” can mean different things to different people, especially when you are just embarking on a quest to find a provider. To understand what you need, what a provider is offering – and whether they’ll be able to deliver – Community IT Innovators developed a list of basic questions to ask.

Join Steve Longenecker, our Director of IT Consulting, and Johan Hammerstrom, our CEO, for an in depth discussion on avoiding common pitfalls and getting the right level of service for your nonprofit.

Listen to Podcast

Like podcasts? Find our full archive here or anywhere you listen to podcasts: search Community IT Innovators Nonprofit Technology Topics on AppleSpotifyGoogleStitcher, Pandora, and more. Or ask your smart speaker.

How to evaluate an MSP?

In our two decades serving the nonprofit IT community, we’ve heard lots of confusion over what an MSP does and how to evaluate one for your nonprofit. We used our experience to develop this list and podcast of 12 questions for nonprofits to use to vet any managed service provider as you evaluate how your needs fit their services.

Download the white paper here: 12 Questions Nonprofits Should Ask to Evaluate a Managed Service Provider (MSP)

You don’t need to be an IT techie to understand your outsourced IT provider. We are big proponents of cutting out all the lingo and jargon and talking about the partnership you expect to have.

“I think of in terms of job interview questions. There’s not necessarily a right answer here.  It’s just a way to hear more from the MSP, that helps explain who they are.  There’s not any answer you’re looking for but the answer that they give, and if they can’t give an answer, that’s a big red flag.  But if they do give an answer, it helps you get a better feel for who they are in a way that can be very helpful.”

Steve Longenecker, Director of IT Consulting

12 Questions

“That’s the kind of thing that you have to look out for with MSPs. You want to make sure that they’re really forward-thinking and embracing the future of technology in helping you embrace it … you want to make sure that your MSP is capable of engaging with other stakeholders, whether with another firm or with other people in your organization, around strategic topics, and that they can … think ahead to what the organization might need in three years, and that they can assist with technology decision making, that keeps in mind all of the different needs that the business might have over an extended period of time.”

Johan Hammerstrom, CEO

Presenters

Steve Longenecker


As Director of IT Consulting, Steve Longenecker divides his time at Community IT between project managing client projects and consulting with clients on IT planning. Steve’s appreciation for working at Community IT Innovators is rooted in respect for the company’s dream and vision, and for the excellent colleagues that the dream and vision attract. Steve is MCSE certified. He has a B.A. in Biology from Earlham College in Richmond, IN and a Masters in the Art of Teaching from Tufts University in Massachusetts. 

Steve loves helping nonprofits avoid mistakes and draws on a long career in nonprofit IT consulting for this webinar. This podcast of 12 questions for nonprofits to ask MSPs was a chance for him to pass along advice from his long career consulting with clients.









Johan Hammerstrom’s focus and expertise are in nonprofit IT leadership, governance practices, and nonprofit IT strategy. In addition to deep experience supporting hundreds of nonprofit clients for over 20 years, Johan has a technical background as a computer engineer and a strong servant-leadership style as the head of an employee-owned small service business. After advising and strategizing with nonprofit clients over the years, he has gained a wealth of insight into the budget and decision-making culture at nonprofits – a culture that enables creative IT management but can place constraints on strategies and implementation.

As CEO, Johan provides high-level direction and leadership in client partnerships. He also guides Community IT’s relationship to its Board and ESOP employee-owners. Johan is also instrumental in building a Community IT value of giving back to the sector by sharing resources and knowledge through free website materials, monthly webinars, and external speaking engagements. He was happy to lead this podcast on 12 questions for nonprofits to evaluate an MSP.



Transcript

12 Questions Nonprofits Should Ask When Evaluating an MSP

Johan Hammerstrom:  Good afternoon. Today we’re going to be talking about 12 questions that nonprofits should ask when evaluating a managed service provider or MSP. 

Steve Longenecker: I’m Steve Longenecker. It’s good to be with you all today. I’m the director of IT consulting at Community IT. I’m glad to be here.

Johan: My name is Johan Hammerstrom.  I’m the President and CEO of Community IT.

So at the outset, I really want to emphasize that the goal is not to sell ourselves first and foremost, nor is it to say that there is a one size fits all managed services provider. We firmly believe that we’re a strong business; we provide great services to the nonprofit’s that we work for. We’re a good fit for a lot of organizations. We also firmly believe that we’re maybe not the best fit for every organization. There are a variety of different managed services providers out there, many of whom are excellent. We really feel that these questions are going to help you identify the MSP that’s really the best fit for you as an organization.  

The questions are really intended to accomplish two things.  

There’s 12 questions, as I mentioned, and we actually have a white paper on our website, which also goes through these 12 questions. You can go to our website and download the white paper if you’re interested.

The 12 Questions

The questions that we’re going to run through today, and we’re going to talk in a little bit of detail about each one are:

We’ll go through each one of these one at a time. Hopefully, at the end of this, you’ll have a better sense of how to evaluate managed services providers.  

References

Start with references and it’s pretty straightforward. Specifically, you want to make sure that they’re providing you with references to other nonprofit organizations. We work exclusively with nonprofits, but there are a lot of MSPs that work with a lot of nonprofits in addition to other types of organizations. We feel in our experience that nonprofits are pretty unique. It’s important to find an MSP that has that nonprofit experience. You can get a lot of information by talking with someone who has worked with the MSP, who understands the nonprofit context.  

Obviously, when you ask for references, you’re going to get good references. Chances are, you’re not going to get organizations that are unhappy with the service that they’re receiving. 

If you have an honest conversation with the reference that you’re talking to, you can ask them (about the MSP), what are they good at? What are their strengths? What are some areas where maybe they could improve where they’re not as strong? That can help you to understand fitness more completely.

Who Answers the Phone

The next question is who’s going to answer the phone? There are a variety of possible answers to this question.  What you want to find out basically, if the primary way of getting in touch with the MSP is through a help desk, or if it’s through some other method. Some MSPs have a full service help desk. They prefer that their customers call that help desk. Other MSPs will have you call an office manager, and then they’ll route the call to a technician.  

If they’re relying on a helpdesk, then there’s some follow up questions that you could ask to get a little bit more information. You could find out how many technicians are on the help desk, is the call going to go to a technician? Or is it going to go to someone who’s in more of a triage role and will assign the ticket to a technician? 

You can ask them things like: What’s your first call resolution rate? How many issues are resolved by the first person that picks up the phone? How many times do issues have to be escalated to other people on the help desk? 

You can also ask them if their help desk is staffed in-house or is outsourced. We’ve had a lot of experience with both, we have an in-house Help Desk, but we know other MSPs who used outsourced help desks. There’s some great firms out there that provide outsourced help desk services to MSPs who then resell it to their customers. So outsourcing isn’t necessarily a bad thing. You want to understand that from the outset. Are you going to be working with someone who’s part of the company or you’re going to be working with another firm?

On-Site Support

Do you want to talk a little bit about on-site support Steve?

Steve:  Sure. Who is going to come when you need help on-site? How long does it take before – if it’s an ad hoc request for service – what is the service level agreement on how long it will be before dispatch can be arranged? What’s the average time? What’s the committed limit on the time? Is it going to be a junior technician or a more senior person? Those are all good questions to ask about ad hoc dispatches.  

Then Community IT also has plenty of clients that have recurring onsite support. If you anticipate that being one of the ways you’re going to interact with your managed service provider, first of all, if that’s important to you, you want to make sure that an MSP provides recurring onsite support. Then you want to find out who provides it. There are different ways to handle this. There’s not supposed to be a lot of judgment about one way is better than the other. 

It’s back to that fitness question of: What fits with the way you operate?  

Community IT has a dispatch team. So a team approach to dispatches. Who you get depends on who has time at that moment, earliest in their schedule.

When you have a team approach, you need to have a commitment to best practices, you need to have a commitment to good documentation. Because I don’t know you, so I need to be able to easily and quickly find out what I need to know about you as a client in terms of your technology. What kind of firewall do you have? How old is it, where is it located, all that stuff should be documented. So when you find out that onsite support is provided by a team where there’s a team approach, there’s some strength there.  

On the recurring side, we actually do a modified team approach. We like to have the same people coming out if you’re getting support from us, four days a week, we probably have two people because that gives us more redundancy, and it’s a more robust system. I get to know one technician, there’s a lot of strength there.  You get a relationship with someone, your staff gets to know that one person, they really get to know who you are as a client, both your technology but also who you are culturally, and it fits.  

There’s pros and cons to all these things. These are things that you’d like to know. It gives you a sense of who the MSP is, whether they’re going to have a more team-oriented, or a more single technician-oriented approach about who comes to you and whose face you actually see, when onsite support is needed.

On-site v Remote Support

Johan: You could ask them about the balance between onsite and remote capacities. There are MSPs that just want to do everything onsite, and there are other MSPs that they’re only really set up to provide support remotely that works great for some organizations and for other organizations, it’s not as good a fit. So, the balance between on-site and remote support is something that’s good to ask about and also to ask references about.  

Staff Tenure

Steve, we’ve been at a time of unprecedented, an incredibly low unemployment rate and I’ve heard within the MSP industry that unemployment among IT professionals is actually a negative unemployment.  It’s been a very tight labor market for the last year or so, or more, and just curious: is it important to ask prospective MSP about their staff tenure?

Steve: It’s definitely worth asking that question. It’s an important question. I do think what you just said is true, and it’s impacted Community IT also.  

I think what you’re saying, Johan, just points to the fact that expectations have to be tempered, particularly I think with a more junior staff, who are sort of getting their career started. I think it’s just natural in this labor environment, there’s going to be a certain amount of bouncing around. “What is your staff tenure?” is a question. It’s an important question. 

I think it speaks to perhaps the morale and overall job satisfaction of the staff that you’ll be working with, and those are certainly important things to consider when you’re outsourcing your IT. 

You want the people that are serving you to be people that are happy in their jobs and glad to be there. You just want, if you can, the highest level of retention by your MSP is the better, because it means that they’re not constantly training staff and transitioning staff into new jobs. Everyone does their job better once they’ve been doing it for a while. I think Community IT really stands out in this regard, even Community IT has had probably more turnover certainly than we’re used to in the last three or four years.

Johan: As with many of these questions, it’s something that the MSP should know about their business and should be able to communicate to you.

Pricing

Another question you want to ask is pricing. How does your pricing work? Which seems like an obvious question, the reality is that every MSP has a slightly different approach to how they price their work. Chances are, if you were to get the invoices of three or four different MSPs, you’d end up with three or four unique ways of pricing service. It can be frustrating. I understand that when you’re trying to compare your options as you’re evaluating MSPs to have such wildly different approaches to pricing. 

We’d encourage you to ask who you’re looking at to explain their pricing to you, and they should be able to explain it to you in a way that makes sense. 

There’s basically two different dimensions to look at pricing around.  

It’s really a matter of bundling, like, what time is bundled and what services are bundled.  

Partly because we work with nonprofit organizations, we have a pricing approach that is flexible. We have three different pricing options. We’ve found that having those different options works really well in the nonprofit sector, because different nonprofits have different funding sources. They can pay for things in different ways. It just gives them the flexibility they need to purchase exactly the amount of service that they need, not any more than that. 

So that’s something to ask about. I think that, as clear as it is in our proposal, we really appreciate the opportunity to just walk through it with any prospective clients that we’re talking to. We find that that conversation is always an eye opener, for them, so we encourage that to be a topic.

Ask: How does your pricing work? Then the other dimension, if you will, the services that are included or not included. Is spam filtering included as an option? Is backup included? Is email phishing training included? Different MSPs have very different approaches to what services they make optional and what services they include by default as part of their package.

I do think most MSPs should be able to give you a good ballpark estimate for what they think a monthly price is going to be for supporting the organization. Information that can really help them put together a better estimate would be if you have any data on the number of tickets, or support requests that are currently being submitted on a monthly basis by your organization. That information really helps to come up with an accurate estimate.  

Then also the state of the network, if you will. Are most services in the cloud? Is it a lot of old hardware that might need to be replaced? Are there funny problems that seem to keep coming up on the network that might need to be addressed? That information also is very helpful in putting together an accurate estimate. 

An MSP should be able to give you a ballpark figure for what they think the monthly cost would be for supporting the network and if they can’t, then it would raise concerns for me about their ability to anticipate what the support requirement is.

Onboarding Process

Want to ask them about their onboarding process. Part of the reason for this is that it just gives you a bit of a window into how they deliver service overall.  

Onboarding sometimes can be a little challenging to cover how service is going to be provided. Obviously, some of the basics of, how the helpdesk is run, and so forth, can be explained in advance. But oftentimes, certain details about what the experience of working with an MSP is going to be like, are hard to communicate in advance.  

Onboarding is one process that essentially, the MSP has complete control over. When you sign the contract… here’s what happens next. Here’s what happens after that. We’re going to come meet with you. We’re going to install the software. We’re going to deliver this to you after this amount of time… That’s a process that the MSP has control over. So, it gives you insight into their ability to develop and run effective business process.  

Other MSPs may say: “We assign an engineer to you send that person in, and they collect information about your network, and then you’re good to go,” which again, is not necessarily a bad answer, but it just again, gives you insight into how they’re going to operate long term in terms of their service delivery.

How Will You Work With Us?

Johan:  Once you ask them about the onboarding process, you can also ask them: “How would you work with us over time?”

Steve: Some key things you can ask. We already talked about the help desk and who’s staffing it and how it works, who answers the phone and stuff. “If I have a ticket, if I have a service request, what are the different ways I can submit that service request?  How will I know it’s been acknowledged? Do you prefer that I use the phone? If I use the phone will it be answered within a certain amount of time? Or will I be on hold? Or do I need to leave a voicemail and wait for a callback?” 

None of these things are good or bad because everything that you like might cost more money to deliver. You have to balance costs against benefits. But those are things that you should know.

Another question to ask is: What is expected from us/ me in the organization? Do I need to have a primary contact identified and what does that primary contact need to know? So, when the managed service provider wants to send an alert to its clients about a security vulnerability that Microsoft has identified in Windows, who does that email gets sent to? What’s the responsibility of the person who gets it? These are questions that you want to know, because it’s going to impact how you work with them.

You can get into more processes; you can certainly ask questions about how projects are delivered. That’s worth asking if you anticipate doing any kind of project work. Questions that you might have would be also about, how do you onboard a new staff member? “So, if I hire someone new, what’s that process look like? What does my HR department need to do in terms of interacting with the managed service provider and what can I expect from the managed service provider in terms of getting that newly hired person into the IT systems?”  

These are all questions that you can ask. It’s also a good time to bring up technologies that you have that might be outside the cookie cutter box, like email and print and file sharing and stuff. “By the way, we have this really strange database that someone custom built for us 10 years ago, and really, no one knows much about, how can you help us with that?” These are questions you should definitely draw out at this time as well. 

Reporting

Johan:  Related to that is the question: “How will you report on your work?”

To us that is central. We feel very strongly that managed service providers should be held accountable by the organizations that they’re providing service to, but we also understand that there’s a challenge in that because the reason you’re hiring a managed services provider, by and large, is because you don’t have inhouse IT expertise. You’re outsourcing that to someone else.  

It’s important for the managed services provider to be able to explain their work to a nontechnical audience. Generally, the nonprofit organization will have somebody who’s managing the vendor relationship with the MSP, and we refer to that person as our primary contact. We do our best to help the primary contact to understand the work that we’re doing.  

We have a lot of different tools in place that help us communicate the work that we’re doing. That includes a recurring monthly meeting with one of our IT business managers. In that meeting, we have a series of reports that we can use to explain the state of the network, the number of computers, their patched status, their age, that can show the number of tickets that have been submitted, the types of issues that those tickets have related to, the responsiveness of our helpdesk to responding to those issues.  

We do our best to hold ourselves accountable, and then share that accountability with our customers. That’s something that managed services providers should have a process in place for and should be prepared to do. This is something that I know that the MSP industry as a whole has really made a lot of progress in this area. I go to a lot of MSP events and talk with a lot of peers in the industry.  

I know that this is something that has become really critical over the last five or six years: finding ways to share accountability with customers, so that it’s not a black box so that it’s not, a complete unknown to them, the work that they’re doing.  

I think related to that, it’s really important to find a managed services provider who can explain technology and technology decisions to you effectively, and that’s something that can start the process of asking them those questions in the interview process in the review of the MSP. “We have this going on in the network. I don’t completely understand it. What does this mean to you?” or, “What would you do in this situation?” 

They should be able to both understand the situation technically, but also explain it to you in a way that makes sense.

Vendors and Technology

We’ll just move right along. Vendors and technology. This is related to the previous point to some degree, you want to ask them, “What vendors do you work with? What technologies do you support?” 

The jargon for that in our line of work is “stack.” What technologies stack is the MSP working with and are they flexible? Are they inflexible in terms of the type of technology that they support?  Steve, why is it important to ask that question of an MSP?

Steve: First of all, let’s say that half of your users are on Mac OS computers, you need to know that this MSP is going to support the Mac OS as fluently as they support the Windows operating system. That’s right from the start, some of the things that are almost like part of your culture or that aren’t easy for you to change.  

If you’re not anticipating that you’ll be able to change you need to know that your MSP can support the way you operate. 

That said, when you transition to a new MSP, it may be that there are things that you’re somewhat agnostic about that you don’t quite align with the MSP in terms of what stack they support or prefer, versus you know what you have in your technology stack, whether it’s because of choices that previous service provider provided. 

Maybe your brand of firewall is not the brand of firewall that another MSP prefers. Let’s find that out. Does that mean that you need to buy a new firewall or that part of the cost of switching to this new managed service provider is, in one way or another, paid for with a new firewall that’s in the MSPs preferred stack? That’s kind of what you were getting at Johan, with the degree of flexibility.  

I don’t think it’s ideal to have a managed service provider who says, “Oh, we support anything. We don’t care at all.” 

With technology, there’s just so much to know, that to me, knowing that an MSP has its preferred solution set that it’s most comfortable supporting means that they’re going to have a greater degree of proficiency and expertise in that solution set. It’d be nice if it was aligned with the solutions that you were using in your organization, knowing that you can change too over time.  

So, we frequently bring in clients that don’t have the firewalls that we recommend. We don’t insist that they replace that firewall, until that firewall has aged out of its regular, like a five-year life cycle for a firewall. It’s a three-year-old firewall, we might anticipate that we’re going to support that firewall for two more years, even though it’s not our preferred solution. That’s okay, we’re generalists, we can make it work, but it’s not our bread and butter. It’s not the thing that we’re super comfortable in. So, in two more years when you’re getting a new firewall we’ll help you. We’ll recommend that you replace it with a firewall that matches our preferred stack. Hopefully that’s okay. That’s a question about flexibility.  

Now I have heard of MSPs that say, “Hey, look, when you sign up with us, everything’s going to be our way and it’s going to make it for a super-efficient service because we know our way so well that it’s going to be, like a really, really, like great experience for your staff and also for our staff.” Those efficiencies are so great that the cost of all that switching is going to be worthwhile and that’s a direction to go. It is expensive to make all those switches immediately, but it could work. 

VAR/Value Added Resellers

One other thing that I would say on this is: most MSPs these days are sort of recommending solutions based on their perception of what the best solution is for the cost to the client. 

But there was a day not that many years ago – in technology time it was like, two generations ago –  but in real life, it wasn’t that long ago where there were value added resellers and that’s a business model that preceded the managed service provider business model and they still are around, you definitely want to be aware of it.  

It doesn’t mean that a value-added reseller is bad. But you want to know that if the reason this provider wants you to buy, I don’t know, Watchguard firewalls is because they’re going to sell them to you and for every Watchguard firewall that they sell to you for $800 they’re going to pocket 150, that Watchguard is going to give them. If that’s the reason that they want you to buy a Watchguard that compromises, in a way.  

It’s like the doctors who are prescribing pills where they’re getting taken out for dinner by the drug companies. It doesn’t mean that the drug is bad, but it’s certainly – you’d like to know that this is being recommended simply because it’s the best. But if it’s a significant part of a provider’s business model, you need to be aware of that.  

Then I also think that you want to be careful not to get yourself into a technology stack, that there’s not an easy exit from. So, this is not something that I think is as common as it used to be. It made for some very efficient management tools. But it meant that when you wanted to leave that managed service provider, you had a lot of vendor locking in front of you.  

Another place where that can happen is if, I hope no one is doing this, but if you’re buying from your provider what I call “white label computers,” where it’s not a Dell, it’s not an HP, it’s just a computer that your provider actually built. Those can be really solid machines and your provider might have a lot of expertise in building those. But if you leave that service provider, you stop working with them. Who supports those computers? You don’t have a Dell manufacturer’s warranty on it. What you have is your former service provider’s warranty on it and your service provider doesn’t work with you anymore. It’d be nice if you weren’t locked in by any provider in terms of your own technology stack, you’d like to be independent.

Resell Buying from the MSP v Nonprofit Pricing Direct from Vendor

Johan:  I think related to that, if you’re a nonprofit organization and you’re on Office 365, you should be purchasing your Office 365 licenses directly from Microsoft using their nonprofit pricing program. 

That’s not standard with for-profit organizations, because with businesses, in many ways, it’s often more efficient for them to purchase the license directly from the MSP. So, a lot of MSPs that work with businesses are set up and their default is to include Microsoft Office 365 licenses as part of their managed services. Then you’re paying full freight for a license that you can get a deep discount on if you go directly to Microsoft. So that’s another thing to ask about and look out for when you’re evaluating MSPs.  

The one thing I’ll add in terms of the VAR, the Value-Added Reseller, is that what we’ve observed is that it’s not so much a problem at the beginning. Back five or six years ago, there were a variety of firewalls: Fortinet, Sonicwall, Watchguard, more or less all doing the same thing, all created equal. 

The problem with technology lock-in with a vendor isn’t that they’re necessarily recommending bad technology, but they oftentimes will get stuck on older types of solutions. Meraki is a cloud based, cloud-managed firewall, which has a lot of advantages over the more traditional type of firewall. If a vendor is locked into a certain type of firewall, it makes it harder for them to move on to newer technology.

Steve:  You’re locked in because it’s an important part of their business model..

Johan:  Exactly. Not because it’s necessarily the best technology solution now, for an organization.  

Buyer Beware Trendy Lingo

Actually, we have a quick funny aside, this company went out of business a long time ago. It’s called Zenith Infotech, and they provided hardware solutions to MSPs back in the 2000s – 2008, 2009. I remember at the time, a lot of MSPs and a lot of VARs in particular, were very concerned about the cloud because the problem was, once your clients move to the cloud, they’re not going to be buying hardware from you anymore.  

So, Zenith released this product called the Zenith Cloud. I remember we got emails about it, and we were looking into it. We’re like: this Zenith Cloud, it looks like just a rolling half-rack of servers that you put into your closet. That can’t be right, because if it’s in your office, in a little rack, that’s not the cloud! Like that’s the opposite of what the cloud is. This thing they were calling the Zenith Cloud! And we looked into it and sure enough, like it was literally a cheap server that they sold you that they called “the Cloud.” No wonder that they went out of business pulling stunts like that.  

That’s the kind of thing that you have to look out for at times with MSPs. You want to make sure that they’re really forward thinking and embracing the future of technology in helping you embrace it, as well as an organization.

Steve:  I mean, maybe we should bottom line this. The bottom line probably is that: you do want an MSP that has a preferred stack, I can’t tell you what that stack is, Microsoft or Google for email or, whatever. They tell you what they think their clients should be on. Yet, a certain amount of flexibility is probably also important for nonprofits that they can support what you have, even if it’s not in the preferred stack, allowing for the fact that over time you’ll try to match what you have in your environment with what the MSP prefers as their stack over time.

Cybersecurity

Johan: Question number 10 is about Cybersecurity. It’s a critical part of service these days and there’s a range of solutions around Cybersecurity.  

Every organization nowadays needs some level of Cybersecurity protection. If you’re an organization that’s being targeted, maybe you’re focused on international issues,  you’re doing work that would make you a target of nation-state actors, then obviously you need to seek out an MSP that’s got more advanced experience with Cybersecurity. 

But every MSP should be able to be conversant with Cybersecurity threats and explain how they protect their customers against those threats.  

At Community IT, we have a core set of required services that we provide as part of basic Cybersecurity and then we have a pretty extensive set of optional services that we talk through with our customers.  

We’re not big into fear mongering, we know that there are threats out there, but we also understand that the threats vary widely depending on the nature of the organization and the work that they’re doing. We really like to sit down and talk with our customers and find out specifically, what threats they’re facing and help come up with an appropriate Cybersecurity solution.

Steve: I’ll temper that a little, we’re not into fear mongering and I’m not going to turn around and start doing it. 

Being targeted by a nation-state is a whole different animal than just being on the internet, which every organization is. They are, therefore, all potentially a target for opportunistic hacking, where it’s just more a matter of not having managed MFA on your Office 365 accounts: not having multi factor authentication on your office 365 accounts and not having a training so that your staff uses passwords for their personal life. They use the same password for everything that they do and it’s not a very difficult password. Their Netflix account gets compromised and that password then gets used to get into Office 365.  

Cybersecurity is a real thing and even the small nonprofit that just does some community events could easily be a victim of a cybercrime, as compared to someone who’s doing analysis of nuclear warheads and who-has-what and might be targeted by a nation state. I don’t want to undersell this either. 

You need to have an MSP who can talk about Nonprofit Cybersecurity very intelligently.

Johan:  No, that’s very true. Good clarification.

Strategy and Planning Capabilities

The second to last question is just asking the MSP: just use the word “strategy” in a question, basically. 

We frame it in our white paper as: “How will you help my organization strategize for the future? Do you assist with strategic planning? What’s your capacity to engage with us strategically? However you want to frame the question, you just want to make sure that the MSP is capable of thinking about business strategy broadly, and is capable of helping to connect technology solutions to business needs.  

It’s probably not reasonable to expect a managed services provider to also be an extensive strategic technology planner. There are large IT support companies that can offer managed services and then they have another division that provides strategic planning services, so that does exist.  

But generally, the way that you need to organize a business to effectively deliver managed services is different from organizations that focus on strategy, even IT strategy and strategic planning. 

But you want to make sure that your MSP is capable of engaging with other stakeholders, whether with another firm or with other people in your organization, around strategic topics, and that they can help you put together a three-year budget and technology plan. They can think ahead to what the organization might need in three years, and that they can assist with technology decision making, that keeps in mind all of the different needs that the business might have over an extended period of time.

How Do You Deliver Value

Johan: The last question is: “How do you deliver value?” I think that’d be a good question to end with when you have an interview with an MSP –  How do you deliver value? 

It gives you a glimpse into how they see their own role, and it gives you a glimpse into how they see their business. That’s, it provides a nice summary of all the other things that we’ve talked about in this webinar. How do they see their role in delivering value to your organization? 

This is a particularly important question if you’re talking to an MSP that’s not that familiar with nonprofit organizations. Because the MSP that typically works with for-profit businesses is going to take a certain approach to talking about the value of technology, talking about making decisions around technology solutions, and if they’re not familiar with or comfortable with working with nonprofits, they may not understand the very different dynamic that occurs within a nonprofit organization where revenue generation is concerned. 

Fundraising is critical, obviously. But maximizing profit is not really a concept that is useful in a nonprofit setting. If that’s how the MSP thinks about the value that they deliver, it might be a struggle for them to really relate to the organization as a nonprofit.

Steve: I’d say that also this goes back to what I think of in terms of job interview questions. There’s not necessarily a right answer here. It’s just a way to hear more from the MSP, that helps explain who they are. There’s not any answer you’re looking for but the answer that they give, and if they can’t give an answer, that’s a big red flag. But if they do give an answer, it helps you get a better feel for who they are in a way that can be very helpful.

Thank you very much for joining us today. Steve, thank you for your time, have a good afternoon.

Steve: Thank you, Johan. Okay, bye folks


Ready to get strategic about your IT?

Community IT has been serving nonprofits exclusively for twenty years. We offer Managed IT support services for nonprofits that want to outsource all or part of their IT support and hosted services. For a fixed monthly fee, we provide unlimited remote and on-site help desk support, proactive network management, and ongoing IT planning from a dedicated team of experts in nonprofit-focused IT. And our clients benefit from our IT Business Managers team who will work with you to plan your IT investments and technology roadmap, if you don’t have an in-house IT Director. When you need technology change management, our ITBM team can help you communicate what the change is, why your organization is doing it, and discover who it will impact.

We constantly research and evaluate new technology to ensure that you get cutting-edge solutions that are tailored to your organization, using standard industry tech tools that don’t lock you into a single vendor or consultant. And we don’t treat any aspect of nonprofit IT as if it is too complicated for you to understand.

We think your IT vendor should be able to explain everything without jargon or lingo. If you can’t understand your IT management strategy to your own satisfaction, keep asking your questions until you find an outsourced IT provider who will partner with you for well-managed IT.

If you’re ready to gain peace of mind about your IT support, let’s talk.