Listen to "All Things MSP" on Your IT Podcasts!
Justin Esgar (00:07):
What's up everybody? Welcome to the All Things MSP podcast. I'm your host Justin Esgar. With me always is my good friend, podcast producer extraordinaire Pirate and co-host Mr. Eric Anthony. What's up, dude?
Eric Anthony (00:19):
Just been pirating the seven seas. No, let's see. I mean, I cooked a brisket last weekend. I mean I don't get to do very often.
Justin Esgar (00:33):
I find that MSP, it's really funny because you're mentioning this. I find that a lot of MSPs tend to have a secondary interest of a very niche place. How many MSPs that are super into craft beers or craft whiskeys or barbecue or, you know what I mean? A very niche of a niche of a niche. Don't get me wrong, I'm in it too. I'm not saying I'm not in any way, shape, or form, but it's just really funny. I think that's our personality coming out in regards to the way we do things. We're very logical people. Therefore we like the logic of figuring out of the mathematics behind why this particular beer is more happy than that one. Or the mathematics behind How much, if I smoked the brisket for 15 more minutes using Hickory wood versus oak.
Eric Anthony (01:26):
Yeah, it's a thing. Totally a thing because we're very analytical about how we do things and so we do take that approach to even hobbies.
Justin Esgar (01:36):
Yeah, I think it's also really funny that I've made my niche in drinking liquid death on our podcast. Hashtag still not a sponsor. We have a guest today. I love it when we have a guest on because I get to come up with silly questions to make it sound like I know what I'm talking about. And let's be honest at this point, everyone who listens to this show knows I don't. But let's bring on our guest, Ali Mahmoud, the VP of Product over at Augmentt. Dude, what's up?
Ali Mahmoud (02:09):
Hey, great day. How are you guys doing?
Justin Esgar (02:12):
Good. Thanks for being here. All right, Ali, tell everybody, give everybody a two minute spiel on who you are and what Augmentt is and what's your favorite cocktail.
Ali Mahmoud (02:26):
I'll do that first. I'm, I'm a high school kid and still drinking rum and cokes. If I'm not drinking a beer, I can't get enough
Eric Anthony (02:36):
Of it.
Ali Mahmoud (02:37):
So yeah, a little bit about me. I worked at Enable for a few years in the RMM space, went to the enterprise, spent a ton of time in the IT channel and at Augmentt, we're trying to simplify Microsoft 365 management kind of enable and RMM are trying to do for device management.
Justin Esgar (02:56):
That's awesome. Alright, so let's get a little bit more into what that means. What are you doing, what are you providing with Augmentt that an MSP right now can't just do on their own?
Ali Mahmoud (03:09):
Yeah, I mean the idea is it's pretty straightforward today if you want to do anything in Microsoft 365, I have to log into the actual Microsoft portal and if I have 50 customers, that's 50 portals. And so there's no way to easily see everything across all my customers. So where do I even start? Does anybody have a problem today? Any alerts, any risks, and just being able to jump between customers or kind of zoom out and see problems. Then zoom into the one customer who's got an issue is the big efficiency time saver there. And then of course we want to automate everything and do cool stuff over time, but just getting started, that's a big leap forward.
Justin Esgar (03:47):
That's cool. So is it like a multi-tenancy portal or can I see every customer at the same time? Do I go in and out of customers from within your portal?
Ali Mahmoud (03:56):
So you usually start at the all customer view. And so if I want to see licenses, I want to see security settings, users, groups and things I have to manage. You usually start at the all company view and then you'll spot a problem. You'll want to zoom into someone who's got a really low secure score and go fix that.
Justin Esgar (04:16):
Right. Oh, sorry, go Eric. I was just going to say, so there's some kind of dashboard that you can see then that actually shows you, like you just said, a security score that allows you to at that top level kind of glance and see where the problems are and then zoom into those specific problems and remediate them.
Ali Mahmoud (04:38):
Exactly. And in my experience, MSPs, the security across all your customers isn't going to be super standardized today. That's the goal. There just hasn't been something that shows me the bird's eye view of everything. And even once you see that the squeakiest wheel doesn't always get the oil because that customer might not be paying for anything. So I might not focus on the customer whose environment's a little bit on fire, Hey, my top three customers are a little bit on fire and I'd rather set up some time there and go clean up that environment.
Justin Esgar (05:14):
What are you seeing in the regards to the needed things that MSP should be doing when it comes to security in this respect? What do you think the top three things that, because you said you're not setting up everybody the same way, and I would hope that there's some standardization at least within the MSP across all their clients. I'm not saying across all MSPs, but so what do you think are the top three things that people, they sign up for your platform they should be doing?
Ali Mahmoud (05:46):
So day one, you just want something that's monitoring risk. So plug in something that's going to alert you. If there's a risky sign-in, right? You're managing a small local business and there's a sign in from Eastern Europe, from Asia and nobody's traveling, nothing's going on there. Some bad guys in the environment right now. So day one, some sort of monitoring is really important. Most MSPs don't turn that on and Microsoft today because Microsoft just floods you with every single security event that's going on. And then once you have that, I would say you switch kind of more a little bit proactive. Let's clean this environment up and really it's MFA is number one, secure the account, then you, that's where MSPs will pick and choose what their next favorite thing is. So maybe something like turning off legacy authentication or just old school apps that can connect in and pull data down. That's a common way that people siphon data out of an organization.
Eric Anthony (06:44):
Now Ali, you and I both come from the RMM space and in the RMM space, one of the very traditional problems for every MSP is the noise that their RMM creates and filtering through that noise can be a problem. You just mentioned it with Microsoft having that same problem. So what does Augmentt do to dial down that noise so that you're actually attacking the important problems?
Ali Mahmoud (07:15):
So day one out of box, when you plug us in, if Microsoft has a thousand different security logs and events, we're only going to be setting up by default maybe 20 of them that will actually create APSA ticket. The rest of it, we're just tracking it. So you can log in, Augmentt, I can see all the noise and all the problems, but it's not creating live tickets. And the big problem with anything that creates live PSA tickets is no junior to intermediate tech is going to be like, ah, who cares about that alert? I'm not going to look into that. Nobody wants to be the guy who ignores the alert. That was the breach that's live happening. So they end up chasing down every single issue and it just kills everybody's productivity.
Eric Anthony (07:58):
Yeah,
Justin Esgar (08:03):
I have to be remiss to say that, Eric, you missed the opportunity to be like, what does Augmentt Augmentt for somebody? And you missed that. It was such an easy setup right there to just kind of get that one done.
Ali Mahmoud (08:15):
There's a funny story there, Justin, but when they named the company Enable, our founders are the founders of Enable, they wanted something that's a verb. So it's like we're enabling you to do this kind of service. And it's the same thing with Augmentt, Augmentting your managed services.
Justin Esgar (08:28):
See, look, I knew there was something there or something.
Ali Mahmoud (08:30):
They
Justin Esgar (08:31):
Lovey story. They love that stuff.
Ali Mahmoud (08:33):
So
Justin Esgar (08:37):
Office 365 is inevitably a horrible platform in my opinion. There's always attacking, there's always breaching going on there. What kind of assurances are you guys putting in place here where you're saying like, okay, we're helping the MSP to do all these things, but how we know, how do we know for sure that it's being done right? Are you guys providing some sort of guidelines for them to follow? Do you have white papers on, I'm new to the MSP world, but I know everyone uses Microsoft. I'm lost. I'm a puppy lost in a mill of everything else. So what am I supposed to be doing?
Ali Mahmoud (09:25):
I mean, it's a great point because some of our customers are one man shops. We have hundreds of employee MSPs, and it really doesn't matter on size, it matters on just how experienced you are with security and what the best practices are. And I have very large partners who are just getting started. So don't think that because you're a very small MSP, you're the untrained ones. Everybody is, this is all brand new. And so right in product, we're showing you the Microsoft Secure score. So if all else fails, you can kind of fall back on Microsoft's recommendation. The MSP favorite I would say is CIS. That seems to be the internet benchmark that everybody loves. And so if you care about neither of those and you want to define your own standard, go for it. But those are two pretty good ones to start with. And honestly, I have to walk MSPs back from the cliff all the time on this where it's like you're doing nothing today. Can we just turn on MFA tomorrow? That's goal number one. How many,
Justin Esgar (10:26):
Hold on. Hold on. How many MSPs are not doing MF? A
Eric Anthony (10:30):
Way too many. I
Ali Mahmoud (10:31):
Would say easily. Half of the MSPs I talked to have the vast majority of their customers not on MFA. And it's not an MSP doesn't get it problem. It's the end customer pushes back so hard and says, I don't care. I don't care if I get breached. I'm not turning this on. It's such a pain in the butt.
Eric Anthony (10:50):
But there's got to be, and I wish I could find somebody who's done this well who has said, I go into a customer and I tell them, if they don't turn on MFA, this is what's going to happen. And they turn on MFA. Somebody has got to have come up with that story at this point and come up with an effective way to do it. I'm
Justin Esgar (11:12):
Sure it's a lawyer, it's the lawyer who does work in Florida who's probably done this also. I would go so far as to
Eric Anthony (11:25):
Contractualize
Justin Esgar (11:28):
With my clients that you're going to turn MFA on and that if you don't, you've immediately null and verify the fact that my MSP is no longer responsible for any of your data. If you don't turn on MFA, I'll continue to work for you, but you cannot come at me at all. That's the way I would look at it.
Eric Anthony (11:49):
Yeah,
Ali Mahmoud (11:50):
And definitely last year we were seeing that the trend was cyber insurance companies were going after the MSP every single time there was a breach to the point where many MSPs are just not even going with cyber insurance anymore because they're going to deny your claim no matter what. They'll find a loophole that you didn't tick a box somewhere, but that is the best practice nowadays. It's all about liability. And it's here, Mr. Customer, here's an Augmentt security audit report. I recommend you do these five things. Okay, cool. You don't want to sign here that I'm not responsible. You're a hundred percent liable for a breach. And
Justin Esgar (12:25):
That's the recommendation. It's funny that you say that real quick because our lawyer friend in Florida says that a client will never sign that. So as long as you, and they don't. But if you send the email that says, I'm no longer liable, you received this email because you deny this based on this email, you've already covered yourself or something to that effect. But
Ali Mahmoud (12:43):
That's
Justin Esgar (12:44):
Good. Consult your local lawyers laws are different from state to estate.
Eric Anthony (12:47):
Well, yeah. The problem is whenever you have something like that, you turn it into a litigious situation, which doesn't work out for anybody. I mean, I think there's merit in if they won't follow a standard that you say you can't be their MSP anymore. Now I understand because I'm going to get heat for this, that not every MSP can afford to turn away business, but if you're doing it well, you can. And that's one of the things. Now I want to turn this around though, because we've talked a lot about the product. We've talked about how risk is important and risk comes up in these conversations all the time, but how does the MSP actually turn this into an offering that the client will buy and so that you're reducing risk, you're doing the right thing for your yourself as the MSP for the customer because you're reducing their risk, but you need to productize it. And Ali, I know you're a product guy, so how does the MSP productize this and make it part of their offering?
Ali Mahmoud (14:01):
Yeah, I mean every MSP business is a bit different. The most common things I see is take whatever you're paying on a Microsoft license. So you're paying 12 bucks for a business standard, 25 for a business premium, and let's tack on 50 to a hundred percent extra and now I'll secure it. So I've kind of seen that as the single siloed offering model, but I would say more often than not, the MSP has some grander goal of getting some legacy customer on a terrible old contract onto a more modern contract where my goal is to get a hundred bucks or 150 bucks per user at your business. And so they'll use this as the wedge to be like, oh, I'm going to do all of this. I have to essentially run a SOC and do all these audits and listen to alerts every day. And they'll use that as the wedge to finally push somebody across the line, especially if a customer's had a breach. So this is to me, a big lever to get them onto whatever premium offering you're already going for, and if they're there, then you could layer this on if you're still trying to capture the revenue as a dedicated 10, 15, $20 service.
Eric Anthony (15:08):
Yeah, I know I've seen a lot of pushback. People charge for 365 and for whatever reason they're happy with the markup that Microsoft gives them. And I'm like, no, you have way too much labor in managing that for the client to just be getting the markup from Microsoft. So if your clients have 365, you should be managing it and charging for that management anyway. Why not use a tool? Yes, it costs a couple extra bucks, I understand that, but it should create efficiencies from what you've told me to offset the labor cost, which is the biggest hidden cost for any MSP. If you can save hours and hours a month by using a tool instead of hours with a technician, especially when it's on managed services,
Justin Esgar (16:07):
You are
Eric Anthony (16:08):
Going to make out better in the long run.
Ali Mahmoud (16:11):
No, and the problem is MSPs can use Augmentt to be more efficient. So if a tech before could manage a hundred users or a hundred mailbox, now they can manage hundreds, 500 mailboxes per technician. So the efficiencies there, I don't think the cost of the platform is high at all. The biggest problem always comes down to how do I monetize it at the customer end? And to me, that's where migrating one legacy customer onto a modern contract and three X-ing the revenue off of that customer has just covered 90% of your costs. So that's the most important part is how do I migrate someone? How do I have it as a dedicated line item? How do I include it in every proposal? It's always that go-to-market piece. That's the most important.
Justin Esgar (16:55):
What I've been seeing a lot of recently also is people packaging it part of their quote, cybersecurity bundle. You may include labor as a line item. You might include your Office 365 license as a line item, and then you add another item called cybersecurity package. And included that would be something like Augmentt and dark web scanning and phishing scanning and spam filtering and all these other things. And you sell that as a product because whilst it may go up and down a little bit by the users, it's so little per user because some of those, if you're doing dark web scanning, at least with ID agent, it's just per domain that you can flat fee that and still cover up to 40 users or whatever it is, and then it goes up and then you sell that as a brand. This way. Also, if your client denies, they're not going to deny that entire bundle. They're going to see something that's in there and you're not going to break it into pieces. So it makes it a lot easier. So we talked a little bit about price. What does something like this cost an MSP?
Ali Mahmoud (17:59):
It's right on our website. I mean, we do the per seat model as well. So you'll see something like 80 cents per user to manage and secure them, but most MSPs don't go the, I'm going to secure one customer and 10% of the users at that customer. So most people are going the site license route, and right now it's 2 99 for a thousand seats or a thousand end users. So it becomes pretty affordable for a mid-sized MSP to cover almost every single customer for a flat fee. And that just lets you hit the ground running and lock everybody down.
Justin Esgar (18:36):
For
Eric Anthony (18:36):
Me, $299,
Justin Esgar (18:37):
And I assume you're talking about a month,
Eric Anthony (18:39):
Is cheap insurance these days.
Justin Esgar (18:43):
I think you guys need to up your pricing. I'm just kidding.
Ali Mahmoud (18:47):
For 3d, Justin, you already said the other offerings, right? So awareness, training, backup, we sell a bunch of add-ons as well. So the idea is to kind of get the MSP to secure all their customers. That's step one. Then go back to all your customers and get the backup revenue and get the training, get the email security and get all the other,
Justin Esgar (19:08):
Yeah, this is like what you said earlier, this is the wedge. This is that little like, I'm going to crack the door open and I'm going to stick my boot in there to hold it open. That's what this is. Because at 2 99 for a thousand seats, I mean the average MSP who's doing only, let's say $300,000 a year probably is only taking care of a hundred, 150 seats. You're covered. And then some. So for the $300 here per month, that's what two hours of billable work per month. And you're going to be able to cover all your stuff and then be able to upsell based on what you have found in here. Because if you go in here and you find that your Microsoft stuff is not secure, because it probably isn't, you can sell them on the right tools, if not other pieces that are inside of Augmentt to increase your offering. And then that entire line item just keeps going up and up and up. So I think for $300 a month, I think that's a steal. And you guys are probably giving it away way too cheaply. Do you guys do more than just Microsoft 365? Because I'm an Apple boy, which means I'm in the Googles, and a lot of people who listen to this don't like that, but we are a big Google shop. How would Augmentt work with Google?
Ali Mahmoud (20:20):
So there's a couple cool other things that we do. So one is discovery. So we actually have an agent, the preferred route is kind of integrate to Microsoft or Google Workspace as the primary integration. We also have a discover module that will go on the machine, check your browser history, check your processes that are running, and we'll track every SaaS application that runs across the business, tag it to an individual user. So that's just helpful from are we trying to roll out OneDrive and people are still using Dropbox and 18 other file sharing tools. And then on the help desk management side, using another module we have called Engage for user management onboarding, offboarding groups, licenses, et cetera. And that is Microsoft and Google Workspace. I've talked to MSPs all the time, and it's like, what's the third app outside of the productivity sweep? What is it? Is there some big construction app? Is it Salesforce? What is it? And no MSP can agree that anything really matters because the Google and the Microsoft House just needs so much work. They're like, I just need more automation there.
Justin Esgar (21:23):
Well, Eric and I both know that the third app is a file share collaborative app with that has a security and governing programs in it. And anyone who's listening, who gets this reference, leave a comment below. We know what it is. We all know what it's, so Ali, how could people get started with Augmentt?
Ali Mahmoud (21:45):
Yeah, go to the website, sign up for a 30 minute demo, see the platform in action. Tons of videos on YouTube, but it's pretty straightforward. And we do the easy integration to your partner center. So one integration pull in all of your customers, easy to deploy it everywhere. And then once you do that, the actual threat assessment, the cybersecurity risk assessment is free for life. So we don't make any money when you're not making money. So the idea is go out, prospect, a ton of your customers, convince them they have a problem and they need to buy something, then come back to us and buy some licensing.
Justin Esgar (22:17):
That's awesome.
Eric Anthony (22:18):
That's a great point that you actually allow them to use
Justin Esgar (22:20):
It as a prospecting tool.
Eric Anthony (22:21):
I know a lot of them want that right now.
Justin Esgar (22:26):
Yeah, anything that they can use to try to up their game, fighting at the bottom there for it. So Ali, this looks pretty awesome. People, check it out. Augmentt with two ts A-U-G-M-E-N-T t.com to find out more about Augmentt. Eric, any parting words before we finish this one up?
Eric Anthony (22:45):
Just that I think that creating a package as part of your offering for managing cloud services is an important part of every MSP stack because cloud services are here to stay. It's only going to grow from here as we rely less and less on the endpoint and more and more on the applications that are in the cloud. And we're just accessing them through whatever device happens to be in our hands on our desktop or in our laps at any given time.
Justin Esgar (23:16):
And I'm going to leave the listeners with this. When a cloud service goes down, why don't we call
Eric Anthony (23:22):
That a fog?
Justin Esgar (23:23):
That's Eric. I'm Justin. That's it for us. Bye.
Eric Anthony (23:35):
From your
Justin Esgar (23:35):
Host,
Eric Anthony (23:36):
Justin Esgar and myself, thank you for listening to the All Things MSP podcast. Join the All Things MSP Facebook group or follow us on LinkedIn, Instagram, and YouTube. The All Things MSP podcast is a biz POW LLC
Speaker 4 (23:52):
Production.
Eric Anthony (23:53):
And even though we drink a lot of it, this podcast is still not sponsored by liquid debt.