Government is tightening rules and regulations on data storage and security especially in regulated industries such as healthcare, and financial services. These sectors include doctor’s offices, banks, and credit unions, where sensitive information is collected and stored. Firms in these industries are leveraging the expertise of Managed Service Providers (MSPs) to setup and manage compliant IT environments. Hence, these providers are on the front lines ensuring data security and navigating a myriad of laws and regulations on behalf of their clients.
According to AMI’s Global Model, SMBs across the world are spending almost $63B on remotely managed services, this spending is forecasted to grow at 15% CAGR by 2021. SMBs in regulated industries such as Banking/Finance and Healthcare account for nearly 20% of this spending and is forecast to grow at 12% CAGR by 2021. This represents overwhelming opportunities for MSPs in these industries especially in providing specialized managed services such as security, storage and networking to mention a few.
MSPs serving these industries are handling responsibilities above and beyond handling managed services. The focus is not only on keeping people and systems working, but also on making sure they work in a legally compliant manner. These MSPs typically have a dedicated compliance and security department that stays on top of regulations such as the Health Insurance Portability and Accountability Act (HIPAA), and the Payment Card Industry Data Security Standard (PCI DSS). In case of a successful hack, investigators determine whether the victim organization followed all laws, had appropriate policies and procedures in place, and if the IT department was properly designed and capable of handling the security needs. The aim is to examine if the IT department was susceptible to that breach or hack. MSPs serving these industries need to be diligent and take an active role in encouraging their clients to update their policies and meticulously follow procedures.
A recent study conducted by AMI shows that MSPs are increasingly focusing on these regulated industries to expand their portfolios and customer base. Larger MSPs with more than $10M in annual revenues are forming vendor partnerships with the needs of their regulated industry clients in mind. The top of mind concern for these MSPs while partnering with vendors, be it an Remote Monitoring & Management (RMM) vendor or a Professional Services Automation (PSA) vendor or a hosting platform provider, is to ensure that they carry relevant compliance certifications and audit credentials. In addition, serving regulated industries and demonstrating vertical industry specific expertise allows MSPs to stand out in a crowded, commoditized MSP market. AMI’s MSP Study shows that MSPs focus on services such as Disaster Recovery as a Service (DRaaS), and Archiving as a Service (AraaS) especially in regulated verticals. It is imperative to store/archive historical data as well as to have systems up and running all the time with fast up time in case of an outage.
The stakes are high for businesses as far as security and compliance are concerned. Businesses are looking for ways to offload these cumbersome tasks on experienced partners in order to focus on their core missions. So, MSPs are increasingly targeting these regulated industries that cannot afford to be lenient with their security standards.
~Kunika Sodhi, Associate