Rake in Revenue with M365 Security Reporting

How Security Navigator reporting opens the gates to compounding revenue for MSPs

It can be tricky to profit as an MSP in the area of M365 security. Data protection is that, despite heroic efforts by an MSP to secure an M365 tenant, success is mostly silent to customers.

Today, the vast majority of businesses vow to invest more in securing their data and protecting end users from cyber-attacks. But it can be difficult to sell a customer on security, to deliver security, and to show them the value of your ongoing services to retain ongoing business.

It is up to MSPs to not just deliver security, but to continually show customers the value of the services being provided.

Reporting is key for MSPs to achieve these three pillars of managing customers and growing their cloud practice. But doing so efficiently and in a standardized way presents its own challenges and costs.

With years of feedback from top MSPs focused on security as a service, SkyKick is excited to announce the next solution for delivering what MSPs need: Security Navigator.

Security Navigator is a robust new reporting tool included with SkyKick Security Manager. With a single click, it provides many reports all rolled up into one professional, customizable, customer-facing presentation. It was designed specifically to empower MSPs to have valuable security consultations with customers, with little preparation cost.

In this blog, we’ll dive into the features and reason how the new Security Navigator is helping MSPs rake in revenue.

Challenges with bringing security reporting to customers

Typically, generating a customer-facing report regarding their security can be a time-consuming process. It can be difficult to know where to begin, even for professionals who have experience compiling MBR-quality presentations. Should your report be standardized across every type of customer? Should these follow the same format month-on-month, or vary based on security activity? And given the work it takes to generate an informative, professional presentation, how often can an MSP realistically provide their customers visibility?

Customers want to invest in security, but it can be busy to get them to commit to actually meeting to discuss their security on a regular basis. One technique which helps them accept that meeting is providing a pre-read on the security topics. However, that requires an MSP investing the time to put together such a report, without the guarantee that this effort will even be noticed by the customer.

It can take days or even weeks to complete a professional-grade reporting presentation that is insightful and comprehensive. Thus, if an MSP is trying to meet monthly, or even quarterly, once the meeting has taken place, it can already be time to begin preparing for the next meeting with the same customer. This presents a scale challenge in growing the number of customers under security management.

Additionally, there is a logistical challenge with scheduling monthly or even quarterly business reviews with customers. An MSP can only begin to pull the data once the time period is in the past. But if it takes a week or two to generate all the reporting you need, your meetings will always be long after the time period in question. This can reduce down a customer’s interest in that previous time period. It can also appear to them that it is difficult for their MSP to provide them visibility on their security in a timely basis.

And if there had been a cyber-security incident but it took time to compile the report, a customer may view this as poor reaction time.

And in addition to the time challenges with reporting, an MSP and their customer-facing personnel should try and deliver a consistent experience to all their customers, and to each customer from meeting to meeting.

MSPs told SkyKick that there needs to be a faster, automated way to generate professional yet customizable reporting to facilitate security consultations with their customers.

Security Navigator Reporting: Designed for MSPs

Working closely with top MSPs who focus on security management, SkyKick designed Security Navigator to enable Partners to efficiently produce insightful reporting perfect for consulting with customers.

The reporting interface allows full customization of the aesthetics and content within the report. There are dozens of reports which you can select from, however based on feedback and best practices, the default full report recommends 11 areas of security data to be aggregated into your customer-facing report:

Default Security Navigator Report:

Together, these topics have become best practice for top MSPs to drive an efficient, insightful, and comprehensive security meeting with their customer.

Today we’ll focus on just a few of these security areas which are included in the Security Navigator report which help MSPs do just that.

The Security Summary page appears by default at the beginning of the report, as it is a great overview for launching the security conversation. Key security indicators include current M365 secure score, max score, secure score changes, email security posture. Additionally, using AI, the customer’s Secure Score is benchmarked against their industry’s averages, allowing the customer to understand how they compare to similar businesses.

Displaying how their scores have changed over time shows customers that these consultations will have a consistent format and will track key metrics in order to make progress in increasing their security – and to prove to others that they are doing so regularly.

This visibility can be used to earn them better insurance rates, more clientele, and a premium on the services they provide.

This report alone can go a long way to motivating customers to take action or invest in a deeper level of your security services to improve their security. The consistency of these reports makes subsequent meetings easier and more efficient. This all encourages customers to participate in this consultation on a regular basis.

Security Navigator reporting is perfect for ongoing customer engagement as we deepen the security relationship. The change log aspect of it allows us to show them incremental changes we’ve made to improve their Secure Scores and their security posture over time. That builds trust and allows us to deepen customer buy-in

The Security Support Activity Summary highlights security incidents and alerts generated by Microsoft regarding their M365 tenant. Reviewing recent incidents and threats is an essential part of providing security services. But this report also demonstrates to your customer your command over continually monitoring their tenant for the most common security incident types.

Additionally, this shows them the action that was taken in order to combat those incidents because of the security management you provide. Partners say this is invaluable in conveying the value of your services, reminding them that the threats are real, but so are your security solutions.

The Security News section focuses on security topics related to the customer’s specific industry and can reinforce to them how this report is comprehensive and customized specifically for their business.

This section can help inform what areas of the customer’s security posture require attention, and helps customers contextualize their investment in security against the risks in the world. Many partners state that this section is excellent for goal-alignment and the right-sizing of planning for the upcoming period with respect to the security improvements that you will deliver.

This section provides context for the value you provide against an up-to-date assessment of the recent news in security.

How the right reporting increases MSP revenue

MSPs who review Security Navigator’s reports, news, and insights are able to win more customers, charge more for their services, and retain more business.

For the price of a cup of drip coffee, many partners sell the report as a standalone offering. Customers can justify this expense as checking a box on performing regular security reviews for any compliance or customer obligations they strive to uphold.

Many MSPs report that many customers are more likely to subscribe to deeper security services due to these reports. Studies have shown that over 70% of customers do not have MFA configured correctly, and even more customers have been the target of phishing attacks. The dangers are real, and Security Navigator reports help remind customers of the importance of investing in security.

These partners project upwards of $250k+ increase in revenue per year across their customer base due to increased customer investment via Security Navigator reports.

Lead the customer by the hand

Hopefully the above information about just a few of the features of Security Navigator reporting has been useful. Having excellent reporting and insights greatly facilitates customer conversations, which yields more revenue for MSPs.

These reports are all fully customizable in just a few clicks, and yet there is one other feature which is allowing partners to deliver rock-solid security services: The scheduler.

Customers are busy, MSPs are busy. And while many strive to have Monthly or Quarterly security reviews, the truth is these are often taking place long overdue, or even fall by the wayside altogether.

With Security Navigator, you can schedule the reports to be sent on a regular basis, specific to each customer. This serves as a reminder that a security review is due and shows the customer that you are on top of providing this information consistently, reliably, and punctually. This security heartbeat through the Security Navigator scheduler allows partners to take their customer by the hand and lead them into a future of continual attention to security.

Security Navigator reporting opens the door to engaging customers in their security regularly. It demonstrates the value of your services and increases their willingness to invest more in your security services long-term through continual, consistent, reliable reports.