Managed Services – doing it right

Taking on a Managed Service contract from another provider opened our eyes to the importance of the quality we deliver.

When we offer a Managed Service, we provide a quotation based on a quality UK-based 24/7/365 service implemented to the highest standards. That can lead to other firms providing lower quotes and occasionally we do lose business based on price.

So, what’s the difference?

Normally that’s hard to quantify but in a recent case we have had the opportunity to take back a Managed Service contract from a bid we originally lost. And it’s been quite an eye-opener.

The client runs a Smart Building with a Converged Network System (CNS) that Ideal designed and built. The CNS brings IT systems, building functionality, operability and cyber security together in one integrated system.

After completion, on time and to budget, the client opted for another firm to provide the ongoing Managed Support. Less than a year later, they asked us to take over the Smart Managed Service support contract and we have been really surprised at what we have found.

Finding a litany of vulnerabilities and miss-guided actions

As a Managed Services provider, we take a proactive approach to ensure our clients enjoy the highest level of security and operability – and we  take our responsibilities seriously.

Just some of the issues we discovered on taking over this contract were far from the standards we would expect, including:

• Firewall secondary circuits were not provisioned to the correct level, with the standby firewall not working at all.  This would have made the standby firewall redundant in the event of a firewall failure. It was preventing cluster patching/upgrades for serious security vulnerabilities, and it also presented the very real possibility of any breach causing a shutdown across the whole system.
• Self-certification on one of their Cisco identity service engine servers had expired meaning that the servers in the high availability pair would not trust each other, negating redundancy in operation and giving rise to another potential single point of failure.
• Virtual, VCentre (VM ISE and Prime) storage disk space was maxed out due to poor housekeeping or a lack of understanding of the service.
• Cisco Smart licensing lacked the proper documentation and root passwords had expired, which made the transition challenging.

Making reparations and deploying robust processes

After our initial audit, our first actions were to introduce a rolling patching schedule to bring the environment up to standard.  We then worked urgently to reduce the top risk impactors, which included Firewall fixes, AAA server, switch/APs and VCentre overhauls.

What does this tell you about Managed Services contracts?

The key point is that if you are making a Managed Services contract decision based on price, you need to understand the scope of what you are being offered. And how technically competent the people providing your support are.

In this case, it looks like support was being provided by a generalist IT team that didn’t really understand the complexity of a Smart Building CNS and the inter-connected complexities it presents.

The apparent lower cost is really a false economy in terms of the potential cost of security breaches or downtime issues and the client’s time needed to manage the operation.

What’s in scope is also an important consideration. For example, in this case, the incumbent wanted to charge an additional cost to install and manage a new SSID to cover another floor in the building. That was simply completed by us as a service request, due to a better grassroot understanding of the network.