Most business executives are not especially fond of regulations. However, it turns out the need to comply with a myriad of regulations has been something of a boon to managed service providers (MSPs).
A survey of 50 MSPs conducted by Netwrix, a provider of tools for managing compliance, finds that 70 percent of MSPs who focus on compliance do so to help customers pass audits. Over half (51 percent) also cited an ability to enhance security and mitigate cyber threats on behalf of their clients, while a third are seeking to simplify manual processes such as user access control reporting.
Compliance mandates are creating the most opportunity for MSPs. In terms of the breakdown, more than three quarters (77 percent) cited the Health Insurance Portability and Accountability Act (HIPAA), followed by the Payment Card Industry Data Security Standard (PCI DSS) at 41 percent, the Federal Information Security Management Act (FISMA) at 32 percent, and the Sarbanes-Oxley (SOX) Act at 27 percent of the MSPs surveyed. Given the nature of these regulations, it’s not surprising to find MSPs targeting providers of professional (66 percent), healthcare (64 percent), and financial services (64 percent) to deliver managed compliance and audit services.
Compliance leads to a spending increase
The Trump Administration has made reducing regulations a priority. However, a separate survey of 536 business and IT professionals conducted by Hyperproof, a provider of a platform for managing compliance controls, finds 62 percent of respondents plan to increase spending on compliance in the next 12 to 24 months. More than two-fifths (21 percent) expect their compliance budgets to increase between 25 to 50 percent on an annual basis. Business expansion (38 percent), growth in the amount of data being collected (35 percent), and an increase in the number of applicable regulations (34 percent) were cited as the top factors driving those investments. A prime example of a new applicable regulation would, of course, be the California Consumer Privacy Act (CCPA).
The biggest frustration most organizations have when it comes to compliance is the time lost managing the process. The Hyperproof survey identifies searching through emails to find documents (57 percent), managing compliance documentation (41 percent), and training (41 percent) as activities that waste the most time. Over 70 percent of respondents spend more than 10 percent of their time on administrative activities related to compliance. The survey finds that compliance costs an organization between $100,000 to $5 million, on average.
Automating compliance work
Managed compliance services may not involve the most cutting edge of IT technologies, but it is a task that lends itself to automation. MSPs are in the unique position to aggregate the cost of automating compliance processes across multiple customers. MSPs should be able to deliver a managed compliance service at significantly less cost than any organization could do it themselves.
The challenge is determining the right price point based on both the size of the customer and the vertical industry they operate in. However, professional service firms are more willing to pay a premium for a service than, for example, the local dentist’s office.
Regardless of the type of customer, it is obvious that with the passing of each new regulation, the desire on the part of end customers to find someone to manage the process of complying with that regulation only increases.
Photo: Nicola Forenza / Shutterstock.
