MSP Day: Lessons for MSPs in new Barracuda report

Barracuda’s third annual snapshot of the industry finds some positive trends, particularly around the broadening of MSP security offerings, but MSPs still need to do more to keep pace with the challenges and opportunities of today’s unprecedented environment.

Brian Babineau, SVP and GM, MSP Solutions at Barracuda

Today is MSP Day! While the U.S. government has voted to endorse national days of celebration for everything from tacos to puppies, MSP Day is actually the invention of Barracuda Networks. They first launched it in 2018, with their first Evolving Landscape of the MSP Business Report. Today, they are issuing their third such annual report. It both provides a snapshot on the state of the MSP industry globally, and indicates both areas of opportunity and areas where MSPs need to pull up their socks – some of which are the same.

This year’s event, of course, comes under the shadow of the global pandemic, and Brian Babineau, SVP and GM, MSP Solutions at Barracuda, paid tribute to the way the MSP community has responded to the crisis.

“There’s a recognition that we are striving for during global MSP Day to thank the channel community for everything they have done to get people to a more productive state in a short period of time,” he said. “It’s not an easy time to knock on someone’s door and ask them to spend more money. They have done that in a respectable manner, because they are looking out for their clients. They have also done that under a lot of pressure. For example, our advisory council feedback at the beginning of May showed a  4 -10x help desk call increases in a short period of time, depending on the area.”

Explicit MSP responses to the pandemic were not specifically part of the study, since Babineau said it’s difficult to do that properly in a global study like this, which has input from almost 300 MSPs globally, from the U.K., the U.S., Germany, Canada, Ireland, Belgium, Australia and Spain.

“The pandemic impacts in some of these results, but this study is a snapshot in time, and the impact has been very different in different areas,” he said. “We’ve seen east coast MSPs go through far different things than those in the midwest and southwest in terms of moving customers to more remote workforce setups. In Europe, it has been very different country to country. European MSPs which support health care have been very busy. MSP with SMB-focused retail practices in the US have had a very different experience.”

A key finding of this year’s study is that MSPs seem to have a broader conception of the security services they need to offer this year. Endpoint Security [ranked second], Email Security [fourth] and Network Security [fifth] all made it into the top five services table in 2020 [ along with Backup, Business Continuity and DR, which was first and  Network Monitoring and Management, which was third]  Last year email security was the only security service to make the top five.

“MSPs have said for the last 24 months that security is important to them, and they want to get into the managed service component,” Babineau stated. “This data shows MSPs can’t be in one segment of security to have a full service offering. You can’t just have email security. This year we are seeing more MSPs move into endpoint security and more sophisticated endpoint security. What it means to be in security has changed. You can’t do just one thing well to help clients these days.”

The report found that 88% of respondents said that demand for security services was either ‘moderately’ or ‘significantly’ increasing, propelled by rising security concerns around Work From Home and a lack of in-house skills among end user customers. 79% of MSP’s felt customer security concerns were a good opportunity, particularly with the rise of remote workers. 72% said their customers’ lack of in-house security skills also created new revenue possibilities.

“One thing that we talk with MSPs about here in order to take advantage of these opportunities is not to define value as providing the most security for the lowest price,” Babineau said. “Real value is the ability to monitor and remediate issues when they occur, There is a lot more value around automated response and remediation. Yes, things like spam filters are needed, but you can’t wait for something to happen to tell you things are wrong. You need to invest in something that tells you what’s wrong, and gives you a button to fix it. MSPs can charge for that.”

Most common MSP services are heavily commoditized – no big surprise really, since there is an internal logic to that. Higher margin services like EDR also tend to get more customer resistance, because they are more expensive. Babineau said that the issue isn’t an insurmountable one.

“My perspective, which comes from the demand side, is around what drives the value of the offering,” he said. “Certain catalysts have spiked demand in the past to justify pricing. Ransomware several years ago created a catalyst for DP and DR for MSPs, when customers realized how valuable their information was. We haven’t had the same kind of substantial catalyst for end users to spend more since then. But we are now seeing COVID-19 related spearphishing attacks, around new drugs or a cure, appear very quickly. That’s a big issue.”

Another way to make the higher price tag of effective but more expensive services like EDR more acceptable is for MSPs to evaluate pricing models and the value assigned to them.

“MSPs historically charge on a per device basis, but I think that it is very much switching to a user-based model,” Babineau said. “If MSPs take the approach of adding value on a per individual basis around the data, it allows them to monetize things like cloud-based services as opposed to monetizing a file server.”

One finding in the report that Babineau considered a surprise was lower numbers from last year around MSPs selling cloud services.

“The cloud stats are a bit odd to me, given the timing,” he said. “We know there are far more cloud users since mid-March. I think some MSPs are missing an opportunity here around things like monetizing OneDrive protection, and moving servers off a physical location into a cloud. MSPs not having a set of cloud offerings that can allow them to grow with where the market is headed is necessary, and so many not having that was a surprise.”

Babineau also emphasized that MSPs need to rethink the way they conduct their business, to keep up with the transition that the pandemic is accelerating.

“MSPs typically like to feel and touch things that they manage, but as soon as the option went away where clients don’t have access to the office, a big barrier was removed there,” he said. “There aren’t a lot of people running back to put computers into the office. The need to feel and touch has been eliminated right now whether MSPs want to admit it or not.”

The full report is available at