Choosing a managed service provider to match your current and future plans can be complex. Here, trusted specialists Helen Barge (Risk Evolves) and Mark Dodds (Compex IT), provide their insights into some of the most important qualities of a reliable managed service provider (MSP).

All businesses, regardless of size, are part of a larger network of partnerships and collaborations, but not all partners are right for you.

Finding the right fit when choosing a managed service provider can be a daunting task, especially in the ever-evolving landscape of technology. From artificial intelligence (AI), augmented reality (AR) and autonomous vehicles, technology is evolving at an unprecedented rate, offering organisations greater possibilities. But with those possibilities comes an ever-growing set of risks.

Let's introduce Managed Service Providers

A Managed Service Provider, commonly known as a MSP, is a third-party company that provides services and support to other businesses’ operations, particularly IT, which we will be focusing on here.

Providing independent support and expertise in a cost-effective way, is of particular benefit to small- to medium-sized businesses that do not have the resources to maintain systems in-house.

According to a recent Government study, there are around 11,492 MSPs working in the UK, generating an annual combined revenue of £52.6 billion and employing an estimate of 294,340 full-time staff^[1], making them an integral part of the UK economy.

Digital exploits and partnerships

With more than 80% of all UK fraud cyber-related^[2] – and businesses increasingly digitising services – choosing a managed service provider to help your business navigate short-and long-term needs is key.

“Partnerships are about building a relationship with another business.” explained Mark Dodds, co-owner of Birmingham-based Compex IT.

“The building of trust comes from having open communication with clients to help them strategically plan their budgets and requirements. This dialogue provides everyone with confidence and overall peace of mind, especially when dealing with IT security and protection.

“At Compex IT we work flexibly, supporting people first, technology second.”

Forging a successful relationship with your MSP

As cyber threats become more advanced, staying on top of digital and regulatory changes has become a full-time job, which is where a MSP really shines. But with more than 11,400 providers, how do you ensure that you are choosing a managed service provider you can trust?

MSPs should act as an “extension of your team, anticipating needs, optimising technology and enhancing security”, according to Helen Barge, Risk Evolves MD.

“Collaboration and partnerships are essential for every organisation to achieve their goals. It is critical to partner with like-minded businesses, who are proactive and take pride in ensuring requirements are met and surpassed to the best of their ability.

“The very nature of our service is to enable all businesses to gain the same competitive advantages as bigger businesses through risk management and business compliance.”

Choose wisely

But not all managed service providers are created equal.

Helen recently uncovered two MSPs who let down clients and reinforced her belief that due diligence is always key when choosing a service provider.

The first MSP had failed to advise a client their devices were out of support, while the second did not adequately maintain security patches.

So, how can you avoid the pitfalls and ensure the partners you chose are the right fit?

Below are some of the key areas a good IT MSP should cover for all clients and what clients should be discussing with their MSPs.

What good MSPs should provide to clients:

Data and device security and compliance with regulations
Continuous monitoring and incident reporting
Responsive communication
Identify and recommend appropriate hardware and software changes or upgrades
Conduct planned strategic reviews
Proactive scenario planning and contingencies

What clients should be discussing with MSPs:

Communication
Being responsive and acknowledging issues in good time is essential. Ask about the planned frequency of updates and ensure the organisation you are dealing with has proper systems in place to keep you informed.Remember, communication is a two-way street. External agencies need clear and detailed instructions. While you know your business inside out and upside down, it is important not to assume knowledge and understanding. When it comes to expectations, transparency is essential and the first step in trusting a MSP.
Experience and training
Qualifications and accreditations are essentials. Do they have case studies and examples of their work? Does the MSP have the skills and experience to deliver what you need? With the evolution of technology advances and threats, a motivated approach is needed.Find out what experience and ongoing training the provider is involved in, including Cyber Essentials accreditation, IASME Governance, ISO certifications and other schemes and regulations relating to your business.
Monitoring and review
Your business systems need to be constantly monitored, maintained and reviewed. Verify your partner’s proactive threat management and response strategies. Do they have systems for real-time monitoring and how do they monitor and report performance?In today’s digital world, it’s important to be cyber smart – how often will they conduct security reviews? And how flexible are they to adjusting services based on your feedback and reviews?
Support and solutions
One size doesn’t fit all and your needs in month one may not be what you require in month six or 12. MSPs should be able to anticipate and address potential issues before they start to impact your business.Does the partner organisation have the skillsets and scalability to support your business growth? What is their support availability and response times – often referred to as an SLA (Service Level Agreement)?
Innovation and change
With the constant change in technology and regulations, it’s essential to have a partner working with you to prepare for business continuity.Find out how a potential MSP will keep your technology current and compliant. Do they have a service roadmap to align IT strategies with your business goals?
Communication
Yes, you may have spotted this is a repeated theme and that’s for a very important reason – having an open dialogue with any partner is essential. Communication is not just about asking questions (although please do!), it’s also for listening. Make sure the MSP backs up the technical jargon with real talk.

While these lists are by no means exhaustive, they do cover key areas to consider when looking for a new managed service provider.

Take the first step forward

When you have chosen your preferred managed service provider, commit.

Helen explained

“A trusted partner will act as an adviser, providing solutions to issues you may not have even considered,” hey know what it’s like to run a growing business, because they run one too.

“We [Risk Evolves] practise what we preach, following our own risk management and business continuity advice. We steadfastly adhere to our protocols, safeguarding the trust and confidence of our valued clients and partners.”

When you have agreed on what services are required, a service level agreement (SLA) will provide clear expectations of the partnership before it starts.

Mark said:

“Ask questions about the SLA – what is the timeline to get things fixed? How would urgent work be prioritised? It’s about ensuring the MSP you chose can handle what’s required and for you to get to know their team and how they work.

“A partner actively spends time looking at new ways to improve your network, your data security and your infrastructure. They won’t be working rigidly to a one-size fits all mindset.

He added:

“I always think that what makes us [Compex IT] a little different compared to a bigger company, as a small business owner, I understand what business owners think about because we’re in the same boat.”

^{[1] UK Government Department for Science, Innovation and Technology, Research on UK managed service providers 2024}
^{[2] National Cyber Security Centre (NCSC) Annual Review 2023}

We'd love to help

We have a great library of articles and blogs as well as pre-recorded and upcoming webinar sessions to support businesses across all sectors, including the critical link between GDPR compliance and robust cyber security measures, FAQs on Cyber Essentials, demystifying ISO Standards with Risk Evolves’ guide for UK businesses, and embracing risk to evolve.

If you’d like to know more about how Risk Evolves can help you prepare to meet the challenges and risks inherent in today’s business, please get in touch for a free, no-obligation consultation.

And don’t forget to share your thoughts with us on LinkedIn.