Every year Kaseya surveys IT professionals from midsize companies to get a feel for what’s happening in the market and gain insight into the issues and priorities of these corporations. With five years of historical results, we can not only take a current snapshot, but also compare it to previous years and spot key trends for IT organizations and MSPs.

Here are some of the most interesting results from our 2019 Kaseya State of IT Operations Report for SMBs and how those translate into opportunities for MSPs.

The top three priorities for SMBs are security (57% of respondents), reducing IT costs (35%) and delivering higher service levels/IT service availability (24%). Luckily, MSPs have much to offer in all three of these categories.

Cyber security and data protection are major challenges for 62% of companies as they try to combat and defend themselves against increasingly sophisticated cyberattacks. During the past year, ransomware attacks hit 12% of respondents, while 10% suffered at least one security breach. Among companies reporting a security breach, 61% had two to four outages, as well.

Asking an overtaxed internal IT department to keep up with the multi-front battle against security threats isn’t reasonable for most SMBs. MSPs bring expertise, enterprise-class tools, and dedicated resources to the table and significantly augment company defenses while aggressively upgrading protocols and procedures to mitigate risk.

Although everyone in our industry knows it’s imperative for companies to install patches and protect systems and devices from known security threats, many businesses still aren’t taking this seriously.

Only 42% of respondents are currently automating patch management or plan to do so, and the same goes for monitoring third-party software and applying patches within 30 days. For operating systems, things are a little better, as 65% of businesses are applying critical OS patches within 30 days. But there is still massive room for improvement.

Monitoring and automating patch management is low-hanging fruit for MSPs and an excellent way to break into an account. With so many companies ignoring this critical preventative procedure–and so many great solutions available to MSPs for offering this service–there’s no excuse for leaving this integral defense mechanism unaddressed.

Compliance is a lucrative security niche for many MSPs. With GDPR going into effect last year, more businesses than ever are subject to at least one form of regulatory compliance. Whether it’s GDPR, HIPAA, PCI or something else, meeting the rigorous standards of these privacy regulations in today’s environment can be overwhelming for SMBs.

Some may be stalling, ignoring or barely meeting their requirements, but as very expensive fines for infractions make the headlines, these businesses will be forced to scramble to comply. MSPs can come to the rescue in these cases by educating customers on what’s required and taking care of many aspects of these regulations on their clients’ behalf.

Compliance can be a way into a new account or a nice bit of incremental revenue for existing clients. Developing some in-house expertise and leveraging the tools and templates offered by vendors to MSPs makes this an excellent opportunity for increasing MRR and adding additional customer value.

Like many lines of business, IT departments are being asked to do more with less. The problem is that everyone else is leveraging solutions IT must implement and support so they can do more with less themselves.

For companies facing budget constraints in the face of an increased workload, MSPs can help them cut costs by outsourcing essential IT services to reduce their overhead. And by introducing automation to the IT environment, an MSP can free up a company’s in-house resources from repetitive manual tasks so staff can become more strategic and proactive.

Although most companies fully acknowledge their reliance on IT solutions to execute their business operations, most don’t have IT departments with the operational maturity to support current business activities, let alone facilitate and lead transformative shifts to new technical solutions and platforms.

Thirty-five percent of IT departments are still in their most juvenile phase and simply react when problems or issues arise, with an additional 21% having graduated to an efficient level, where they can maintain the status quo independently. This means more than half of IT departments haven’t yet reached the ideal state of being not only proactive, but also strategic and aligned with the overall business.

By supplementing or replacing in-house IT functions, MSPs can give SMBs the jumpstart they need to attain operational maturity by providing scalable additional resources, subject matter expertise, and the tools and best practices that a modern IT operation demands. Most of these companies simply won’t get there on their own–at least not any time soon–and these businesses can’t wait around for IT to catch up.

3. Improving Service Levels

Despite service level agreements (SLAs) being on the decline, delivering higher service levels remains a priority. This is largely due to the operational immaturity of many SMB IT departments–they simply lack the discipline and expertise to create and adhere to a formal SLA.

MSPs can seize this opportunity to win business by collaborating with prospects to draw up SLAs to give clients peace of mind, and then provide the resources and manpower to enact and enforce them.

Although 90% of respondents are backing up their servers, only 29% are doing the same for their SaaS applications, despite businesses increasingly relying on these cloud-based solutions. The issue here is primarily one of education; many SaaS apps offer backups of the only the most recent 30 days of data, with the rest remaining the responsibility of customers.

Given how much operations now depend on SaaS applications for core business functions, ensuring adequate backup of all data–and not just the most recent–is essential. Not only is it important for any type of disaster recovery, but it may also be a requirement for compliance purposes or legal protections in the case of a dispute or audit.

Understanding which SaaS apps customers and prospects are relying on and finding out each one’s backup policies is a helpful service MSPs can offer—and it sets the table for providing longer-term backup and recovery services for these applications.

Where MSPs Are Today … and Where They Can Be Tomorrow

In today’s dynamic business environment, where disruptors abound and threats are omnipresent, MSPs have a vital role to play in helping companies focus on their core business while knowing their IT needs are in the hands of trained professionals.

Today, only 35% of businesses are outsourcing IT management to MSPs, and there’s actually been a year-over-year decrease in many industries. For those companies that are outsourcing, backup and security are the top two functions offloaded to MSPs (at 40% and 39%, respectively).

With only a fraction of total companies outsourcing at all and even fewer outsourcing any particular item, a massive untapped market remains. Packaging offerings that address security, costs and service levels is the obvious way in, but any point solution could be the entry point into a new account if it takes a pain point off a prospect’s plate.

To learn more about these opportunities, download the 2019 IT Operations Survey Report.

Joining Kaseya in 2012, Miguel Lopez brings over 20 years of experience to his role as SVP, Managed Service Providers (MSPs). In this position, he consults daily with MSPs to help them solve their clients’ business problems with technology solutions. Prior to joining Kaseya, Miguel served as the director of consulting services for All Covered, a nationwide technology services company that is a division of Konica Minolta Business Solutions USA Inc. In 2008, All Covered acquired NetCor Technologies, a leading MSP that Miguel founded and managed since 1997. NetCor specialized in serving highly regulated industries such as healthcare, CPAs, law firms and retail companies.

This guest blog is part of a Channel Futures sponsorship.