Have you ever had the experience of coming in behind someone that did some really unethical stuff? Perhaps it was illegal licensing. Maybe used equipment sold as new. Maybe just the wrong technology for the job.
The solution is fine for the right situation, but this was not it. The investment was a total loss.
Not too long ago my MSP got a referral from one of our construction clients to a competitor of his. This business had been sold Gsuite and Chromebooks without regard for whether those IT services would function for their business or not. It didn’t. Their extensive and complex spreadsheets lost all functionality, no one could print, and other applications were not supported on the platform at all. The solution is fine for the right situation, but this was not it. The investment was a total loss.
If a licensed builder did something similar there would be a path to recourse that didn’t punish the victim by making them hire a lawyer but there isn’t.
Every week in the MSP Reddit forum someone writes about another horror story of IT service providers that won’t give up admin passwords, that have things in their name simply to hold the client hostage; they have stolen the intellectual property of clients, and more.
Every week in the MSP Reddit forum someone writes about another horror story of IT service providers that won’t give up admin passwords.
It’s embarrassing to be associated with these people but there hasn’t been anything we can do about it and the consumer of our services has no way to know if they are buying a good egg or a bad one.
Enter IT industry regulation
At the same time, the insurance industry is enforcing security requirements as a condition of insurance and not just cyber insurance, E&O, and business liability insurance too. One of them wants your client to sign off on every security recommendation that you make to a client that they decline to implement. I’m sure your clients will be happy signing a new acceptance of risk form every time one of your techs reminds them that we really should implement BitLocker or password tools, apply the latest OS updates today, or backup their kid’s photos.
States are starting to talk about cybersecurity in their legislative proposals.
States are starting to talk cybersecurity in their legislative proposals (you can find out here by searching for the word cybersecurity in your state) and some, like the Texas Department of Banking, are causing MSPs to file a list of their clients and services provided. To what end?
Recently the US Department of Defense updated CMMC to make it less difficult for smaller providers to comply by allowing self-attestation and reducing the CMMC level on some contracts. But at the same time they did that, they also required that any MSP working for a business subject to CMMC also be CMMC compliant themselves. Thus, raising the bar for MSPs who work for any client that might get a piece of a government contract.
MSPs are getting regulated without having a seat at the table.
All of these things are happening to us, without our input. MSPs are getting regulated without having a seat at the table. This is just the beginning of the trend. It’s going to take every single IT service provider company (MSPs and all other acronyms), IT professionals, and vendors in our industry, to work together to stake our claim and our right to representation.
This is why the National Society of IT Service Providers was founded.
The National Society of IT Service Providers (NSITSP)
In July of 2021, we were founded. We spent the first year with an amazing group of enormously talented and skilled IT professionals building up the infrastructure of a national organization. About 700 IT professionals joined us in this effort.
Now we’re shifting into action and we have committees with action plans:
>> Build a code of ethics
>> Teach individuals how to self-advocate to their local legislators
>> Develop position papers
>> Comment on pending legislation
>> Build an army of IT Professionals as a legislative watch force
Defining the IT services profession
We also have to consider what it means to be a professional in the IT industry. The consumer knows what it means when they hire an oil change shop or a master mechanic. They know there’s a difference between a bookkeeper and an accountant. They can find out if their lawyer is a member of the bar or has been dis-barred. What they don’t know, is the difference between you and anyone else in our industry.
What does that look like? We have no lack of educational opportunities in our industry. What we have is a lack of transparency. Who holds what certifications? Have you participated in continuing education and new technology adoption, or do you still think 2008 servers are good enough? Does your firm hold to ethical practices? No one knows, and ransomware and malware are costing the country billions of dollars of lost GDP, putting companies out of business.
There needs to be a clear career path with verification steps along the way.
There needs to be a clear career path with verification steps along the way, just like there is for every other type of profession. We like to compare our value to lawyers, accountants, and doctors. It’s time to prove it.
We need a seat at the table when decisions that affect our ability to work and the services we provide are being discussed. We can’t sit idly by and just let them decide for us. Do nothing and that’s what will happen.
We can’t sit idly by and just let them decide for us.
Please join the NSITSP. Help us build numbers to get noticed. Help us by serving on a committee. Help us by providing funds and skills. Please help us talk to every vendor in this industry that wants to see a rise in professionalism and have them join us too. A Professional membership is only $100.
Help us build numbers to get noticed.
About the Author
Amy Babinchak is a highly respected technology business and M&A expert, influencer, thought leader, and President of the National Society of IT Service Providers. Her companies have won many awards, and we are honored that she’s a member of the Modern MSP Community.