Wednesday, June 09, 2021

Exclusive Webinar: Transforming Our Industry Into a Profession

Transforming Our Industry Into a Profession

 A webinar for SMB IT consultants.

Recently, I have blogged about the Nine Pillars of moving our industry from where we are to a true profession. This includes a discussion of the challenges we face, and some ideas about how we can answer them.

I've collected the blog posts into one single PDF. You can download it here:

(No registration required. No email. Just download.)

I hope you'll take a little time to download that and post any questions or comments on my blog (or email me).

And then I hope you'll register for my webinar on this topic on June 30th. Here are the details:

Transforming Our Industry Into a Profession

with Karl W. Palachuk

A discussion of the biggest challenges facing the SMB IT industry, and some thoughts on what we need to do about it.

June 30, 2021 

9:00 AM Pacific Time (US and Canada)

Register in advance for this webinar:

Note: This is absolutely NOT a sales pitch of any kind. I'm interested in engaging in a discussion to change the nature of our business, help you to be more successful, and address some of the greatest challenges we've ever faced.

Please join me June 30th.

And I would greatly appreciate it if you would repost this invitation for others in your professional circles.

Thank you.


Sunday, June 06, 2021

Manifesto for a Modern IT Consulting Industry - Part 5

On The Transformation of an Industry into a Profession

This is Part 5 in a series on transforming our industry into a profession. Here are the previous installments:

Transformation of an Industry into a Profession - Part 1. Profit. Maintenance-Focused Support.

Part 2. Education. Core Values / Statement of Ethics.

Part 3. Ransomware and How We Handle It.

Part 4: Legislation and Insurance

To recap the nine pillars, very quickly:

The First Pillar: Profit

Profit is not the only measure of success, but it is a necessary one.

The Second Pillar: Maintenance-Focused Support

Backup and Maintenance are the foundation of all IT service.

The Third Pillar: Education and Certification

Education and certification are central to professionalism and continual renewal.

The Fourth Pillar: Core Values / Statement of Ethics

Ethics and principles ultimately define an industry and build the path to the future.

The Fifth Pillar: Defending client systems 

Defending client systems and data is an ethical imperative.

The Sixth Pillar: Response to our greatest challenges

A strong profession begins with a consistent, effective response to our greatest challenges.

The Seventh Pillar: Regulation and Protection

Recognition as a profession includes both statutory requirements and limits on liability.

The Eighth Pillar: Cooperation and Alliance with the Insurance Industry

A mature profession works with other professionals to safeguard ourselves and our clients.

All of which brings us to the future - which we'll need to create. 

Whether or not you agree with the definition of Managed Services or professionalism that I've outlined here, one thing is true: There is a never-ending flow of people entering our industry. And, as far as we can tell, that will go on forever.

Again, when I talk about "this" industry, I mean SMB IT - not enterprise. Not big business.

For about the first fifty years of our industry, there were two common ways that people got into SMB IT. Either they worked for a larger organization and decided to get out while they could, or they started out as a tinkerer and fixer who figured out how to make a living with IT. It took a long time before SMB IT shops started having employees.

Most people who haven't been in the industry for more than fifteen or twenty years may not know that multi-tiered companies  (with at least two layers of management) are a very recent phenomenon in small business IT. And since this aspect of our industry is so new, there is no established apprenticeship process.

In most industries, there is a somewhat standard path from newbie to seasoned professional. And we have a bit of this. But our industry has not defined paths for new entrants to gain experience and education that lead to specific job titles. The closest we've come is a series of technology-specific exams. Take a few exams on SQL Server and you can become a SQL administrator.

Ultimately, such technology-specific paths can never become professional paths. I have Microsoft certifications that go back to Windows 3.1 in 1995. A handful of that knowledge is still useful, but virtually all of it is time-bound and obsolete. Even the MCSE and Small Business Specialist certifications that were so valuable to my company ten and twenty years ago are just proof of knowledge once possessed.

If a modern IT business is maintenance-first and focused on a "managed service" model of service delivery, then we should be able to define requirements for both the specific technology of today and the more general business model for delivering that technology successfully and profitably.

The Ninth Pillar: Building a Path to the Future

A successful industry must build a path for newcomers to grow and thrive, constantly creating the next generation.

One of the ongoing problems I mentioned in the first part of this series is that IT professionals continue to sell based on the promises of managed service, but they continue to deliver break/fix. This happens, in large part, because they don't embrace the managed service business model. Perhaps they're unaware of what it entails; perhaps they just like the recurring revenue and don't really understand how to do all that maintenance-first profitably.

When industries are not professional, people just sort of "fall into" a certain job or business. Because they didn't take a path to the industry, each person comes from different experiences and education. They might be very, very skilled at what they do, but there's very little in common that could become the basis for a larger, professional approach to the industry as a whole.

Time and time again, when we find ourselves talking about books that changed our business and made us more successful, people say things like, "I wish I had found this when I first started my business." I heard that exact comment last week on a call. The book (not surprisingly) was The Emyth Revisited by Michael Gerber. I'm proud to say I've heard the same thing about Managed Services in a Month.

What we need is not a definitive library that everyone should read, but a general acceptance that there are some core concepts that define our profession. And here I begin to see the profession as something defined by some core business knowledge on top of the current technical knowledge.

Here's an analogy: Accounting. Lots of people figure out how to run QuickBooks, balance a checkbook, and keep track of income out expenses. They are amateur accountants. With enough practice in a specific area of accounting, they might become really good amateurs. But without proper training, they will not become professionals.

Accounting professionals take a certain course of training. They don't necessarily all read the same book. Each takes an Accounting 101 course that has SOME primary reading material and delivers the core concepts that introduce the student to the profession. Some of that knowledge is how-to, but it also includes a bit of ethics and a lot of practical advice.

Following this analogy, I am not advocating that a specific book or existing class be required for our discipline. I am advocating that some level of education on business philosophy for IT be included in training for our profession. We will always need technical training, but that will always become obsolete over time.

The non-technical training should define the current business models one might choose from. Break/fix and managed IT are both good, solid, profitable options. And anyone managing a professional IT consulting business should understand what each of these means, as well as the consequences of embracing one model over the other.

Finally, let's look beyond the technician. We all acknowledge that we've reached the point where we'd like to find an attorney who has worked with managed service providers before. They simply understand our business a little better. And we'd love to find an accountant who has worked with IT professionals before. And, in the 2020's, we're realizing that it's great to find an insurance agent who has worked with IT professionals. 

When you look at it from that perspective, there are many element of our industry that are different from the rest of the service industry. We have specific challenges and skillsets. We have good, better, and best ways of operating our businesses and delivering services.

Now let's look internally. It would be great to hire an office manager who has worked with IT professionals - especially in managed services. It would be great to fine a service manager who understand the managed service model. The same is true with sales people, administrative assistants, and (of course) technicians.

We are now at the point of our professional evolution that someone could enter a managed service business and find that there's an advantage to understanding our business model, and competing business models. One great way to acquire that knowledge is through formal training. 

We need to embrace formal training in IT services and managed services as an important path to creating great job candidates and building successful businesses. And, through that process, we will continue to grow as a true profession.

-- -- --

This has been a lengthy series. Thank you to anyone who has read most or all of it. I would sincerely like to discuss next steps with anyone who wishes to move this profession forward. Agree or disagree: Let's have a conversation.

I am honored to be part of this industry. And as it makes its inevitable way to becoming a profession, I look forward to assisting in any way I can.

Please post comments and questions. And stay tuned for a few proposals to apply these nine pillars going forward.


Wednesday, June 02, 2021

Manifesto for a Modern IT Consulting Industry - Part 4

It's Time for IT Consultants to Take a Step Up

This is Part 4 in a series on transforming our industry into a profession. Here are the previous installments:

Transformation of an Industry into a Profession - Part 1. Profit. Maintenance-Focused Support.

Transformation of an Industry into a Profession - Part 2. Education. Core Values / Statement of Ethics.

Transformation of an Industry into a Profession - Part 3. Ransomware and How We Handle It.

Part 4: Legislation and Insurance

For context, please see the previous posts. The first six pillars for an IT profession are: Profit; Maintenance-Focused Support; Education and Certification; Core Values and Ethics; Defending client systems; and Response to our greatest challenges.

Basically, we've been building a collection of actions that can help us all take a big step up from being an industry to a profession. The biggest problem we have is not ransomware per se: Our biggest problem is liability. We are stuck between evil programmers and insurance companies.

There are four major players in the SMB IT equation: 

  • You
  • Your Client
  • The Government
  • Insurance Companies

By "you" I mean the SMB (small and medium business) IT consultant. You might call yourself an IT pro, a reseller, a VAR (value added reseller), a managed service provider, or other name. By "you" I do NOT mean large, enterprise-level consultant or IT-outsourcing companies.

Why the distinction? Well, there are three primary reasons. First, those very-large outsourced IT companies are really in a very different business. They are generally large, well-funded, with layers of management. And, to be blunt, they can take care of themselves.

Second, those large outsourced IT organizations do not have the same service model. As a rule, they sell IT-as-a-service to very large organizations, including companies with offices all over the country or all over the world. My first consulting gig involved working for one of these mega-corporations. Every year, the company buying tech support would put out bids worth many millions of dollars. And every year, IT outsourcing companies would bid to provide the most support for the lowest amount of money.

As a bit of a side note: Such companies tend to provide overall horrible support. They are the stuff of Dilbert cartoons and TV sitcoms about IT consultants. Their service model is almost opposite of SMB IT in all ways.

Third, those large outsourced IT organizations place very little (or no) value on the client relationship. Someone in the sales department cares about getting the client to renew a contract. Someone in management wants to meet performance targets so they get their bonuses. But pretty much everything else in the organization is designed to beat the metrics and close tickets without regard to making the actual end-user clients happy.

Yes, that's all my opinion. And one might say it's inaccurate. But I'd be happy to have that argument on stage in front of ten thousand users supported by those companies. 

My point here is that SMB IT is different and distinct. We are not in the same profession as those folks. Even mediocre IT consultants at the small end of the market are almost obsessed with customer service. To be honest, we don't talk about this as much as we should - just for bragging rights - because we are all hyper-focused on keeping clients happy. In fact, if you go back to Pillar number one, profit is often sacrificed in favor of customer service. 

So, there's you. And then there's your client. Again, by definition, we are in the SMB market. As a rule, we don't support 30,000 desktops across fifty different offices. We tend to support between one and one thousand users in one to five offices. There are outliers, but the 1-500 seat clients probably make up ninety percent of all our clients. I'm sure Jay McBain or someone at Forrester knows the number. But you understand who your clients are.

Next there's the government. And, for most of us, that's a state- or provincial-level government. There are few federal or national level laws governing what we do. So far, most of the national level regulations have been around privacy data and financial data. But more laws and regulations are coming.

Most regulation and legislation is a step closer to home. State and provincial governments are actively looking around to see what they can do. Eventually, these things will work their way up to the national level, but for now we are seeing lots of proposed legislation at the state level. This is common with many areas of law, so we're gradually seeing a very normal evolution of regulation.

Basically, it's our turn. 

Legislators read about companies and state agencies being attacked and brought down by ransomware and other cyber attacks. Of course, most legislators are from professions other than technology, so they have only a passing knowledge about what's actually going on. But it's their job to defend their constituents, their districts, and the tax payers' interests. So legislation is inevitable.

Finally, there are insurance companies. Believe it or not, insurance companies are more or less caught in the middle as we are. They wrote policies for problems they could foresee and measure (e.g., business interruption due to hard drive failure, or backup failure). They were not prepared for the massive growth in ransomware payouts in the last few years. Numbers are all over the place, but here's one: Bitdefender's Consumer Threat Landscape Report shows a 485% increase in ransomware in 2020.

Insurance companies are scrambling to respond. The requirements for a ransomware payout are becoming stricter. And insurance companies are pushing training for their clients. I have been pleasantly surprised at all the resources my insurance company makes available to me for cyber security training.

With this framework in mind, let's look at the seventh and eighth pillars for turning our industry into a profession.

The Seventh Pillar: Regulation and Protection

Recognition as a profession includes both statutory requirements and limits on liability.

I am a "minimalist" when it comes to regulation. I have a Master's Degree in Political Philosophy, so I could write a book on the appropriate role of governments in civilization. But sometimes you just have to face reality. And right now, for our industry, legislation is coming. The number changes every day, but I believe twenty-one states have proposed legislation that affects our industry.

We have a very simple choice to make on this front: Either jump in and try to influence the regulation as it comes, or do nothing and let that regulation happen to us. Given that choice, I strongly advocate jumping in and participating in the conversation.

Remember: Legislation goes both ways. That's why companies spend the effort to lobby governments. Given the Pillars I have addressed so far, we can identify some "gives" and some "gets" that might be included in government regulation.

[For this discussion, I will talk in terms of a US State legislative body. Similar processes would need to be followed in Canada, the UK, the EU, Australia, etc.]

First, and foremost, the SMB IT industry should be identified as a legitimate profession. That means there are some requirements. It also means there are some protections. The simplest way to be identified by name is require that a specifically identifiable group be registered with an appropriate state agency. Depending on the state, this might be the Secretary of State, Secretary of Commerce, Consumer Affairs, the Contractor's License Board, or some other entity. Each state is different.

Give: We register with the state. There would probably be a small fee for this.

Get: The state should maintain a database of registered IT Service Providers.

Second, the state may then regulate the industry. Specifically, I foresee that a state would require that all companies who do business with a registered IT Service Provider be required to sign a contract, enforceable by the state. This contract would then require that backup services be offered under every contract. And, of course, it would require that cyber security incidents be reported to a specific state agency or regulatory body. Again, this then becomes publicly accessible data.

Give: The state regulates us. This puts some limits on what we must offer.

Get: We have contracts with all clients, no matter how small, and there is an enforcement mechanism with the state government.

Third, the state should provide a way for a client to opt out of data recovery services, but also provide that doing so relieves the registered IT Service Provider from liability or responsibility related to a cyber security incident. Note: It should not be easy to opt out of backup and disaster recovery services. But if the client just plain refuses to buy such services, the IT Service Provider is not responsible for the consequences.

Give: We have to offer the services and educate the client enough that they understand what it means to opt out of such services.

Get: If there is a cyber security incident and the client has opted out of the appropriate protections, we cannot be sued by the client or their insurance company. (Note, also, that the insurance company can use this same legislation to deny or limit cyber security coverage to the client.)

We need to get ahead of this issue. We need to participate in our own well-being. There could be lots of details, of course, regarding the size of deals that must be bound by this legislation. But at least we'll all be playing the same game and everyone will know what the rules are.

The Eighth Pillar: Cooperation and Alliance with the Insurance Industry

A mature profession works with other professionals to safeguard ourselves and our clients.

Insurance rates are skyrocketing, primarily because the insurance companies don't have any choice. On the issues of addressing ransomware, cyber security, and insurance payouts, we find ourselves very much aligned with the insurance industry.

After all, insurance companies have seen ransomware payouts go from a few hundred dollars to several million in just a few years. Attacks are serious, sophisticated, and very highly focused. Insurance companies want to provide reasonable protection to us and to our clients. But when you go up against the essentially unlimited resources of the Russian government, it's hard to figure out how to win.

If we partner with the insurance industry, we can propose solutions that limit liability when client cannot or will not protect themselves. If we had a system like the one described above, it would allow us to be properly insured. Our clients would fall into three categories: 1) Not regulated, 2) Opted into backup and disaster recovery services, and 3) opted out of backup and disaster recovery services. 

Those not regulated would also not be allowed to come after us or the insurance company. One obvious example of this: A client who only buys a phone system from you, the total cost is under a specified threshold, and they are not required to have a backup and disaster recovery system with you. So they might have one with someone else, but not your company.

Those who are regulated have a relationship now regulated by law. If they opt into backup and disaster recovery services, the insurance company and you both accept liability and insurance rates can be set. If they opt out of backup and disaster recovery services, then both you and the insurance company are protected from lawsuits that might arise from a cyber security incident.

I'm not a lawyer, a legislator, or an insurance agent. There are lots of details to be worked out. But I believe there's a big picture in which the IT Service Provider industry and the insurance industry have a lot of common ground and some powerful reasons to work together.

As with any professions, there may be times when we're on opposite sides of an issue and times when we're on the same side. In this case, I believe there is great value in being on the same side and partnering up to protect more small businesses, create a reasonable balance of liability, and keep insurance rates at a reasonable and sustainable level.

-- -- -- 

Next time: Building a Path to our Professional Future

Please post comments, questions, etc.!

-- -- -- 

Here are links to the entire series:

Part One - Profit and Maintenance-Focused Support

Part Two - Education and Core Values 

Part Three - Ransomware and How We Handle It

Part Four - Legislation and Insurance

Part Five: Building a Path to the Future


Tuesday, June 01, 2021

Say Hello to Gradient, the World’s First Intelligent PSA Data Hygiene Solution Designed for MSPs

I received this press release from Gradient MSP on their new offering.

- - - - -

Say Hello to Gradient, the World’s First Intelligent PSA Data Hygiene Solution Designed for MSPs

Offered at no cost to MSPs, Gradient’s freemium software seeks to give back and “level up” the IT channel by providing actionable cleaning recommendations that help drive smarter business decisions, solve administrative challenges and create a better experience for everyone. 

CALGARY, Alberta, June 1, 2021 – The wait is over. The highly anticipated arrival of Gradient MSP’s new and intelligent Professional Services Automation (PSA) data hygiene solution for Managed Service Providers (MSPs) is here. Click to view demo. 

Available now to MSPs worldwide at no cost, the freemium software from Gradient MSP breaks new ground in the channel, taking the first step in bringing forward a wave of knowledge that stands to benefit the entire IT channel ecosystem. 

Developed by channel veteran and entrepreneur Colin Knox, the Gradient platform enables MSPs to make better business decisions by generating and optimizing granular, clean and actionable data derived from the tools they use to manage their business. Once set up, the software sifts through the core records in the PSA and analyzes them, identifying any dirty records that are distorting the true view of the business.

“MSPs typically have a substantial amount of dirty data hiding within their PSAs — outdated or erroneous records, for example, which can dramatically impact how the MSP runs their business, both from an operational and financial standpoint, as well as how they engage with their team and their customers,” said Colin Knox, CEO, Gradient MSP. “Our intelligent data hygiene solution is unique to the industry in that it gives MSPs the power to make better, more informed decisions because they have a clear and realistic picture of what is actually happening in their business.”  

To keep it simple and easy to use, the Gradient platform integrates with leading PSA solutions from ConnectWise, Datto, Kaseya, Syncro and Tigerpaw, with additional integrations coming online soon. “Using data to make better business decisions and plan for the future is not a tactic reserved for the enterprise or for companies with money to burn,” notes Knox. “With the introduction of the Gradient platform, we’ve made data hygiene actionable and affordable for the MSP—and in return, given rise to a healthier and smarter channel ecosystem.”

“Bringing data hygiene to MSPs of all sizes really speaks to our mission to help raise the entire MSP industry,” Knox adds. “We love MSPs, but we know that data management is often a challenge.  Automating administrative burdens, and bringing about data equality in the MSP space, is the core of the data hygiene module, and the next modules we’re releasing as well.”

“Gradient has helped us clarify our data,” says Patrick Murphy, Vice President, ISG Technology. “This has allowed us to have true knowledge of our business, as well as a voice to state the facts since I no longer have to wade through all the excess irrelevant data in my PSA.”

Pricing and Availability

Gradient MSP’s data hygiene solution is available now and at no charge to MSPs. Learn more at

About Gradient MSP

Established in 2020, Gradient MSP offers the IT channel ecosystem a data intelligence solution built to help MSPs work smarter and serve better by learning from the data they already have in play from PSA platforms. Founded by technology and business entrepreneur Colin Knox, Gradient solves for one of the IT channel’s biggest challenges and greatest opportunities, making data analytics actionable. Available at no cost, Gradient’s data hygiene module is designed to empower all MSPs, regardless of size, cleaning data in real time to allow for clear and accurate insights about their business and their customers. In return, MSPs can make smarter business decisions, elevate the experience and grow more profitably. To learn more, visit