MSSP Secrets to Customer Success: Got A Cybersecurity Implementation List?

Author: AlienVault VP Global Channel Sales Mike LaPeters

Managed Security Services Providers (MSSPs), like any other business, are a factor of its People, Process, and Product. Let’s assume you’ve just closed the first sale of your MSSP service, Now What? Implementation or as I call it “The Fun Part”, is the next step. So how do you know what to implement? Who’s responsible for which parts? How do I know it’s complete? The answer is a simple one: Make a List.

Besides the practicality of the list itself there are also many other advantages to this diligence. When you’re starting service with a customer, you’re also entering into what you hope is a long-term relationship. Setting the tone early on in this relationship is very important. If you act haphazardly or give off the impression of disorganization it could impair the relationship you need to survive.

Let’s look at the scenarios with and without a list:

With a List Without a List
  • No device or use case gets missed
  • Turn-Up process incrementally drives to completion
  • Engineer knows precisely what to integrate
  • The customer knows exactly what’s being monitored
  • Responsibilities are clearly defined
  • Tasks can be managed and assigned appropriately
  • Helps you scope the time needed for implementation
  • Customer wonders how you missed an event
  • Implementation never ends
  • Fingers get pointed
  • Audits may fail because data is missing (consequence of the above)
  • Operators have no clear guidance
  • No clear definition when service begins

Gathering this information is also useful for post-implementation activities. For instance, during your event review, your in house security analysts will already have some contextual information to use when performing their investigations. This will increase the initial fidelity of your service and bolster the customer’s perception of your service.

Lastly, this list should be something that is signed by you and the customer. This is especially important if your list includes an assignment of responsibility. The sign off process is a mutual agreement between you and the customer, clearly stating which aspects of the turn-up you and the customer are each responsible for. This has a similar significance as your Service Level Agreement and can be used for reference if delays are introduced.

To get you started I’ve created a sample list. Feel free to use it but most importantly modify it. The services you offer and your experience will influence the creation and the ongoing edits of the document. You may also want to consider translating this information into a wiki or similar system for each customer.

Download this MSSP sample checklist document (Microsoft Word format) for your team to customize.

Mike LaPeters is VP global channel sales at AlienVault. Read more AlienVault blogs here.

Return Home

No Comments

Leave a Reply

Your email address will not be published.