Skip to main content

How do you know you're working with a bad MSP?

What are some traits of bad MSP's?

The most common complaint I get from new or potential customers;
"Whenever we need something, we can never get a hold of them."
As a customer that relies on your MSP partner for day to day operational support it can be frustrating when you feel expectations aren't being met, and you are left to deal with the aftermath.
"I don't feel like my current provider is taking the security of our data very seriously."
I can tell you we recently on-boarded a customer who's firewall was configured to forward all the needed ports for file sharing, remote application licensing, etc from anyone on the internet to the customers servers by another MSP. Needless to say that even for small businesses there is a better way to support work from home users that doesn't involve risking the clients infrastructure. Click here to learn how you can check your own infrastructure with your cellphone for security risk. 
"He's charging us X for Y products or services do these prices seem expensive"
Sometimes the wrong solutions are implemented so rather than pay premiums for enterprise level services, we'll work to find enterprise style solutions meant for the size and scope of your organization. 

What should I be asking my future MSP?

Here are 9 questions to ask your future Managed Service Provider and our answers to these questions to help make the decision easier:

  • What is your Service Level Agreement (SLA) for tickets or requests that are made?
    • SLA's for us range from 15 minutes to 24hrs depending on the severity of the issue.
  • Can you provide on-site support in all the cities we have offices?
    • We have technicians available in over +150 cities nationwide and growing
  • How long does it take to have someone show up on site if there is an issue?
    • We can usually provide on-site visit's within 1-2 hours.
  • Do you include remote support? If not what's the additional cost or circumstances associated?
    • Remote support is included with all our plans.
  • What Line Of Business (LOB) hardware and software do you provide support for?
    • We provide support for all LOB hardware and software.
  • Do you provide up time monitoring for the office or our web properties?
    • We monitor the up time of your internal office infrastructure and web properties.
  • Do you use security best practices when providing deployment and implementation services?
    • As hackers security best practices++ is our approach to security for small business.
  • How are passwords dealt with?
    • We do NOT manage your passwords, we teach you proper password management that gives us custodial access when we need it.
  • If we decide to go with another provider how does the hand-off work when we switch providers?
    • We understand sometimes we're not always going to be the best fit for everyone, so any and all data that was collected about the specifics of your infrastructure, notes about how to manage it, and the different pieces that make up business operations. And we provide you a PDF with all of that data including any pictures and network diagrams that might be associated. 
If you're in Los Angeles looking for a MSP that will treat you and your team right click here to learn more and schedule a consultation. 


Popular posts from this blog

Why traditional Pen Testing is dead.

Annual, bi-annual, and quarterly penetration testing schedules will be a thing of the past.  The advent of sophisticated cyber threats has necessitated a paradigm shift in vulnerability management. In this transformative digital era, the static, once-a-year model of traditional penetration testing is becoming increasingly obsolete. Instead, it's time for businesses to embrace a dynamic model of continual vulnerability detection and mitigation - Penetration Testing as a Service (PTaaS) by Xcape, Inc. This innovative service combines the precision of automated remote pen testing with the strategic oversight of seasoned penetration testers, creating a comprehensive solution for the latest cybersecurity concerns. The Case for Internal and External Network Testing In a conventional cybersecurity setup, the focus is often on safeguarding the external network, the so-called perimeter. However, this perimeter-centric approach, while essential, is not sufficient in today's threat land

How secure is your SMB's domain name?

Studies show that small businesses are being targeted now more than ever in cyber attacks. ( Forbes: Small Businesses Are More Frequent Targets Of Cyberattacks Than Larger Companies ) When cybersecurity professionals discuss two-factor authentication, domain registrars or DNS hijacking is often not the topic. (Think 2FA for GoDaddy , NameCheap , and SquareSpace , to name a few. Take a moment and use these links to setup 2fa for your domain, or google "How to turn on 2fa for name of provider .") Surprisingly, even in 2023, some providers still don't support this essential security control.  However, your domain name controls an organization's corporate website and email exchange records. And suppose an attacker were to get control of it. In that case, they could recreate your email addresses, and password reset their way to control all the accounts owned by an organization.  A few of the recent incidents we've responded to involve attacks where the attacker obtains

Revolutionizing Security: Embracing PTaaS for Agile Risk Management and Maturing Security Programs

Organizations face constant threats to their information systems and data in today's rapidly evolving digital landscape. Traditional quarterly pen testing, although valuable, may no longer be sufficient to safeguard against emerging vulnerabilities adequately. This article explores the concept of Pen Testing as a Service (PTaaS) imagined by the team at Xcape, Inc. , and its potential to revolutionize how organizations manage risk and strengthen their security programs. PTaaS offers a proactive and continuous approach to vulnerability management and risk mitigation by establishing a collaborative relationship between information security teams and IT leads. The Limitations of Traditional Quarterly Pen Testing: Traditional quarterly pen testing has been a staple in organizations' security strategies, providing valuable insights into vulnerabilities and weaknesses. However, the rapidly changing threat landscape and evolving attack vectors render this periodic approach inadequate.