How MSPs Can Successfully Integrate CPaaS Solutions

By Derek Handova

To expand business processes across mobile apps and enterprise applications, MSPs can integrate CPaaS (communications platform as a service) solutions. CPaaS is rapidly expanding as a sector of the cloud computing industry. Many end customers are using them to integrate voice, messaging and other conversational interactions into their mobile apps and enterprise applications. MSPs must know what to look for when integrating their services with these DIY, developer-centric solutions. 

“From a technology standpoint, to integrate CPaaS has become trivial,” says Shikhir Singh, director of product innovation, TeleSign, a trusted CPaaS provider to leading cloud companies like Salesforce. “For instance, you can send an SMS or voice message to nearly anyone in the world in less than 10 lines of code. As a result, the quickest way to get started is to focus on use cases for SMS to send out alerts, reminders and notifications. Once SMS is well integrated, MSPs can focus on integrating newer CPaaS technologies such as anonymous SMS and anonymous voice calling.”

Beware Variation in Order to Integrate CPaaS

In the process of working with third-party APIs, MSPs should be aware of variation in order to integrate CPaaS solutions, in the views of internet connectivity experts. The underlying throughput infrastructure functions best when CPaaS services have a uniformity to them, as they see it.

“One gotcha MSPs must consider to integrate CPaaS as an offering is the fact that customization—whenever possible—should be minimized or ideally avoided,” says Jay Akin, CEO, Mushroom Networks, an SD-WAN vendor for IP networks. “The communication solutions providers integrating CPaaS usually make an assumption about the glue that ties various services together, and the more variation in the types of communication services that the MSP offers, the higher the risk the glue falls apart.”

For example, if a cloud-based PBX service is offered over a CPaaS solution, the PBX provider will naturally assume IP connectivity to office IP phones (i.e., softphones) will be clean and high performance. However, that theoretical assumption may not work so well in the real world, according to Akin.

“Therefore MSPs need to focus on strong glue: the APIs, the transports and the fabric that ties all the components together,” Akin says. “So have that glue well tested and ideally limited to a small number of variations.”

Do More Than Just Integrate CPaaS to be Another Uber

During their contemplation to integrate CPaaS solutions, MSPs must go beyond the core technology offering and consider the technical support structure. And in order to be the next Uber, your application must be capable of more than just sending SMS messages.

“To successfully integrate CPaaS solutions for MSPs comes down to API documentation, support provided by the platform company and the requirements that the enterprise has for deployment,” says Joe White, CTO, Brightlink IP, an IP communications provider delivering carrier-grade voice, messaging and application-based services. “Many companies embark on the CPaaS API communications journey with the idea that if Uber can use these APIs to hail a car, then certainly they can build the next great app for their enterprise.”

And while that may be true, not every legacy IT platform can easily integrate with REST APIs, according to White. “And not everything needs to send a text message,” White says.

A lot of deployments require customization and unique development work, so understanding the level of effort is important, which is where choosing the right CPaaS provider is critical for success. Pick a provider that not only has good documentation but also real people and engineering resources to assist the MSP and end customer.

“Having a CPaaS company that does more than point you to its wiki and some sample code is a big differentiator in that ecosystem,” White says. “There are good CPaaS companies—ours included—that provide sales engineering support and development support all throughout the project.”

Security a Shared Responsibility in Process to Integrate CPaaS

With the use of any computing service—including in the process to integrate CPaaS—MSPs and their customers have to consider cloud security. If the service were a full application from Oracle, SAP, Slack or even a desktop as a service, end customers might think that security is the responsibility of the provider. And they do provide all the tools needed to protect the application, MSPs, customers and user data. But to integrate CPaaS, the number of points of failure is increased, and it’s up to everyone at each stage of the integration to share responsibility for the security of the SaaS infrastructure.

“As businesses shift to the cloud, the most misunderstood and misconfigured element is security,” says Todd Bernhard, product marketing manager, CloudCheckr, a provider of public cloud security verification tools. “Cloud providers use the Shared Responsibility Model where they provide all the technology needed to lock down a user’s cloud, but it is up to the client, or MSP, to enforce security.”

For example, consider the following analogy: a strong lock, a strong door, a strong house. However, if the homeowner or renter fails to lock the door—or even leaves the door wide open—the strength of all the foregoing is moot.

“Even so-called experts, like Accenture, Deloitte and others are making the same mistakes when it comes to securing Amazon Web Services S3 Buckets and Microsoft Azure Blob Containers,” Bernhard says. “How can an MSP hope to keep their cloud and their customers’ clouds secure if breaches happen to the big guys?”

To check on cloud storage security, MSPs can use two complimentary tools to see if their associated CPaaS integrations are indeed secure: one for AWS S3 Buckets and another for Azure Blob Containers.

Others will use a two-factor authentication (2FA) solution to integrate CPaaS securely to other cloud services. While still others are still figuring out multi-factor authentication solutions.

“We integrate CPaaS to enable two factor authentication for our end users when they log in to Windows desktops in the cloud,” says Amol Dalvi, senior director of product, Nerdio, provider of IT-as-a-service solutions. “It was important for us to have a service that automatically called the user if she didn’t respond to text messages. An easy-to-understand and easy-to-implement API with lots of code samples, along with International SMS and voice support for our growing customer base were critical decision factors.”

Best Practices to Integrate CPaaS

While endeavoring to integrate CPaaS solutions into their cloud workflows, MSPs can become very focused on their own procedures and protocols, but may not take enough time to understand the accumulated sector best practices.

“A developer always knows their systems best,” says Brant Williams, vice president, Americas, Whispir, a cloud communications software company. “But what they don’t know is the mountain of guidance and information that can be gleaned from industry-wide best practices of software providers in the space.”

So if MSPs coding their own connections to CPaaS platforms cannot take advantage of these best practices, they might want to consider software that solves similar issues for other IT infrastructures.

In the end, when looking to integrate CPaaS solutions, MSPs should consider the entire platform of services offered by the provider. Make sure that the MSP end customers get everything they need and at the highest possible level of service, regardless of cost.

“Because each CPaaS vendor has different types of customers, quality varies quite a bit,” says Shikhir Singh, director of product innovation, TeleSign. “For example, some vendors specialize in quality while others specialize in price. Make sure you choose the best CPaaS for your clients’ use case.”