Managed Security Services 2021: Billing Botheration

Do you know how much money you spend delivering services vs. how much you bill out?

… different country and regional taxes and spiffs or rebates applicable to some services and not others. When you factor in the inevitably rising monthly, yearly and quarterly costs of delivering IT security services, the proliferation of different billing models can complicate the “cost per customer” or “cost per employee” calculation.

What really matters: Knowing how many hours and dollars it takes to service a customer.

This insight can bring to light problems that were once buried in spreadsheets. Maybe you are spending too many hours or too much money on one customer; maybe it’s time to look at a new product, employee, service or even sever some customer relationships to bring that input cost into line.

“Good customer service is all about consistency” — Jacada Autonomus CX

This service-delivery rule seems so simple in statement, but in my experience is the hardest thing to do in practice. No two customers are the same. If you are like most service providers, you have a range of hardware and software – some of it legacy – to support. As your services business evolves, you will negotiate one-off deals with suppliers and customers. It’s the nature of sales.

How will you deliver consistent service when you have inconsistent contracts?

I have seen service providers with between five and 10 customers fall prey to confusion, project-scope creep, inaccurate documentation, ad hoc billing and even not remembering what services are being delivered to a specific customer. It’s certainly true that more customers equal more problems, especially if you are not able to adapt. Translating yearly cost models or pay-as-you go SaaS solutions based on a customer or user count is also complicated and can result in an unending cycle of account credits and debits.

While reining in years of out-of-control billing processes is beyond the scope of this column, what you can do is decide on one model and stop digging the hole deeper. Strive for operational efficiency wherever you can instill it. Stop comparing apples to oranges in contracts. As you gear up to deliver security as a service for customer compliance, standardize the way you bill for those services. For example, waiting 30 or 60 days for a payment check on an invoice in an arrears billing model presents all sorts of problems for a growing provider who must maintain a positive cash flow to support an expansion of the customer base. With the huge diversification in payment options, from bank transfers to PayPal and leveraging direct credit card billing to gain loyalty points, there’s no reason for paper changing hands.

Ian Thornton-Trump, CD, CEH, CNDA, CSA+, is an ITIL-certified IT professional with 20 years of experience in IT security and information technology and a cybersecurity consultant with Harmony PSA. As the Cyber Vulnerability and Threat Hunting Team Manager for Ladbrokes Coral Group plc., Ian has an in-depth understanding of the threats small, medium and enterprise businesses face on a daily basis.