Convincing a client to rely on a third party for mission-critical services is a tough sell for any company, but managed service providers (MSPs) have an especially high hurdle to clear.
Not only do they ask customers to trust them to prevent downtime or loss in important aspects of their operations, but the information that passes through their hands is often confidential and highly sensitive.
Add to that the industry's relative youth and that many MSPs are themselves small and midsized businesses (SMBs), and it's no wonder potential clients sometimes hesitate to hand off critical functions like network or email management, security or data backup.
But the MSPAlliance, an association of more than 330 MSPs worldwide, is trying to boost customer confidence in the industry. One way is by accrediting members that can document their financial strength, business practices, technical capabilities and other factors that can help customers identify which providers have the capacity to live up to their promises.
Another is a new code of ethics, which all members of the Chico, Calif-based association will be obliged to accept and abide by once it goes into effect on Jan. 8.
The code largely concerns protection of a client's data, forbidding members to share it with third parties, for example, except with the client's permission or when required by law, according to Charles Weaver, president of the MSPAlliance.
The code's purpose "is first to inform non-members [about ethical standards] but specifically to members, we will use this as a guideline; and should we see anyone stepping outside of this significantly, I think the ultimate punishment eventually would be ejection from the membership," he said.
The MSPAlliance is not planning to levy fines for violations of the code, however, he said.
Unlike in law, medicine or accounting -- fields in which members must adhere to standards set down by central governing bodies or risk losing their licenses and other legal sanctions -- membership in the MSPAlliance is voluntary. So excommunication, while a black mark, wouldn't put an MSP out of business.
The code may be a nice idea, but whether it will actually boost potential clients' confidence in MSPs is another question, according to Jeff Kaplan, managing director at IT consultancy firm THINKstrategies Inc., in Wellesley, Mass. Simply kicking a member out of the MSPAlliance would not be enough -- the alliance would have to publicize not only any disciplinary actions, but the ethical rules it has established and which of them a member has violated before being sanctioned.
"I think there's still a lot of apprehension in the marketplace about the entire nature of services," Kaplan said. "[Customers] are a little uncertain about whether they can trust a service provider to manage aspects of [the customer's] business, especially if it's a remote relationship. Anything the Alliance can do to boost the confidence of customers is a good thing."
Weaver said that the idea of a public ejection has been brought up by a member of the board before, and while a decision on such a policy has not been made yet, it's a strong possibility.
"Maybe that public ejection would hold some teeth. So that's definitely on the discussion table," he said.
Another problem the MSPAlliance faces, Kaplan said, is brand recognition. While the Alliance is well-known within the industry, "the group itself has very little visibility with customers," he said. The effectiveness of any code of ethics is limited if customers haven't heard of the organization that is enforcing it, Kaplan said.
But Roye, who is also on the MSPAlliance's board, said the MSPAlliance "is being pretty universally recognized as our industry association."
He acknowledged that the code of ethics may be perceived as toothless at first, but said that will change with time.
The MSPAlliance accreditation Invision.com carries is one of several credentials Roye said he presents to clients to prove his bona fides, including SAS-70 type II, an accounting certification standard.
"It's nice to have an industry association that we can point to that you can say, 'not only are we the real deal, but we have an accreditation from our trade association that says we are,'" he said.
Mike Backers, CEO of Altoria Systems LLC., a Cincinnati-based training, remote access and security provider, said the accreditation program has already had an impact.
"What it has done for our organization is give customers a nice understanding of the different things we were evaluated on, and most times, the customers are impressed with the breadth of what's looked at," he said. "I think it's helped us win clients."
Backers said the code of ethics is just a first edition, but that it will set an ethical standard for MSPs generally, and -- for MSPAlliance members at least -- it will definitely have teeth.
"I think there's enough value in membership that kicking [violators] out is a pretty bad punishment," he said.
The year-old accreditation program carries weight with those customers partly because it certifies a whole company, rather than an individual, according to Backers, a member of the MSPAlliance board who helped draft the ethics code.
The accreditation process currently includes analysis of a company's facilities, methods and customer references, but the MSPAlliance is now upgrading it to include an on-site visit to ensure MSPs have the equipment, skills and procedures they say they do.
Weaver said he sees the code of ethics as being in the same line as the oaths lawyers or doctors take. The MSPAlliance has rarely had to eject members, he said, but "we're working towards self regulation before we have too many bad apples out there."