Feel free to call us toll free at +1.800.357.1019.

If you are in the area you can reach us at +1.360.359.4400.

Standard support
6:30am - 4:00pm PST, Monday - Friday, Free

Premium support
If you own Townsend Security 24x7 support and
have a production down issue outside normal
business hours, please call +1.800.349.0711
and the on-call person will be notified.

International customers, please dial +1.757.278.1926.

Townsend Security Data Privacy Blog

Why Do MSP Customers Want Encryption of Their VMs and vSAN? [Part 1 of 8]

Posted by Patrick Townsend on Oct 19, 2020 1:15:00 PM

This is the first in a series of blogs on the topic of Managed Service Providers (MSPs) and VMware encryption. They are meant to be read in order as each blog topic builds on the previous topics, and leads to the next. 

Encryption & Key Management for VMware Cloud ProvidersAs an MSP, I hope you will take this journey with me about VMware encryption, the technical and business challenges you are facing, how Townsend Security solves these challenges, and the surprising business benefit waiting for you when you offer your customers encryption under your MSP service umbrella. 

Here is the complete topic list:

  1. Why do MSP customers want encryption of their VMs and vSAN (this blog)
  2. What has VMware done to help with encryption security?
  3. What are the biggest obstacles to offering VMware encryption to customers?
  4. How does Townsend Security help an MSP overcome the KMS challenge?
  5. KMS for multiple vCenter clusters and nodes
  6. As an MSP how do I ensure high availability for encrypted VMs?
  7. How can an MSP use encryption security to improve revenues and profitability?
  8. Some common questions and how to get started with the Townsend Security MSP partner program

Customers of MSPs read almost daily about data breaches and ransomware attacks, and are rightly concerned about the security of their data under the control of the MSP. MSPs are usually the lead security provider for these customers and bring a great deal of expertise to the deployment of security solutions. Let’s explore the some of the concerns and motivations of the MSP end customer:

Regulations, regulations, and more regulations:

In addition to the fear of a data breach, customers are also concerned about regulations like the California Consumer Privacy Act (CCPA), the New York SHIELD Law, HIPAA, PCI-DSS, GDPR, and many others. No one wants to be subject to compliance actions and litigation due to a data breach. It is natural for a business or organization to turn to their MSP for assurance that their sensitive information is safe and security meets compliance regulations.

Business secrets and intellectual property:

In addition to the regulatory concerns, many small businesses and organizations are concerned about the compromise of business secrets and intellectual property. We now know that a number of state actors are aggressively attempting to steal this type of information. While business secrets and IP are a different category of sensitive information, the loss of this information can be devastating to a business or organization. It can take years to develop new ideas and move through the IP protection process. The compromise of this information can destroy the value of a company, and years of work by its employees and investors.

Reputational risk:

Lastly, the loss of any sensitive information can harm the reputation of an organization. If your value to an end customer involves managing aspects of their sensitive information, losing that information can cause irreparable damage to customer trust. We can all think of retailers, credit reporting agencies, government agencies, and many others who have had large data breaches. It affects consumer behavior and can exact a financial penalty for many years. No one wants to suffer reputational damage from a preventable data breach.

A data breach can be an existential event. According to Cybercrime Magazine about 60% of small companies close within 6 months of a data breach. This is an astoundingly high number. If you think about it, the surviving 40% of companies probably experienced a lot of distress recovering from the data breach. How much lost opportunity was there? 

For MSPs, the takeaway is that your customers are concerned about encryption to protect their sensitive data, business secrets, and look to you to provide solutions. How can MSPs turn that into actions that are based on security standards and which provide a justifiable business opportunity?

Stay tuned.



More Reading

Part 1: Why Do MSP Customers Want Encryption of Their VMs and vSAN?

Part 2: What Has VMware Done to Help with Encryption Security

Part 3: What are the Biggest Obstacles to Offering VMware Encryption to Customers

Part 4: How Does Townsend Security Help and MSP Overcome the KMS Challenge?

Part 5: KMS for Multiple vCenter Clusters and Nodes

Part 6: As an MSP, How Do I Ensure High Availability (HA) for Encrypted VMs?

Part 7: How Can an MSP Use Encryption Security to Improve Revenues and Profitability?

Part 8: Some Common Questions and How to Get Started with the Townsend Security MSP Partner Program


Encryption & Key Management for VMware Cloud Providers

Topics: VMware, MSP

On a Journey with Managed Service Providers (MSPs) for a Better Encryption KMS Solution

Posted by Patrick Townsend on Aug 10, 2020 3:30:31 PM

Every now and then something completely unexpected happens that changes your life. No, I’m not talking about the COVID pandemic - that’s a completely different story. What happened for me is that in the course of my work in business development of our key management server (KMS), I met the CEOs of two different Managed Service Providers (MSPs) and they welcomed me into their world. With grace and patience, they helped me leave behind my preconceived notions about software sales and introduced me to how their world works. Neither of these two CEOs were obligated to mentor me and to give me their time, but I am so grateful that they did. It opened a new vision for me and our team here at Townsend Security.

If you work at an MSP firm, I hope you will read on. I will tell you how I turned my lessons into real benefits for the MSP.

VMware Cloud Providers & MSPs - Win New BusinessManaged Service Providers are varied in what they do, but at the core of their business is the desire to provide IT expertise, hosting facilities, business continuity and disaster recovery, and lots of other IT services to small and large organizations. They do everything from fixing user PCs to deploying top-end servers, security, and cloud services. Expertise is at the core of the value they provide to organizations. During the COVID crisis, they are on the front lines of trying to help everyone migrate to work-from-home and they are trying to secure that environment.

They are just some of the quiet, hidden heroes who don masks and rush into data centers and offices to keep us all operational. They provide great value to organizations especially in the current crisis. These MSPs taught me about their business and about the difficulties they have with key management vendors. In a time when security is top of mind for their customers, they struggle with a KMS industry that is stuck in the past. We were definitely one of those. As we talked, the light came on for me. All of the problems they were having with KMS vendors were problems that we could solve! All it took was a commitment from us, and a change in our business practices.

Here are some things I learned from my MSP CEO mentors:

  • Their businesses run on a usage-based model. For example, they might host a VMware environment for an end customer and charge them on the basis of the number of Virtual Machines (VMs) or vSAN storage they manage on a monthly basis. They provide immediate, on-going value to their customers and they prove their worth on a day-to-day basis.
  • They deploy third-party software solutions to help them accomplish their mission. They prefer to use software solutions that match their business model. For example, some of the common backup solutions like Veeam can be deployed by MSPs on a per-month, per-VM basis. It’s great when an MSP can deploy these types of solutions on a usage basis. It is how they run their business and greatly reduces their risk. KMS vendors are not helping.
  • MSPs live in a complex technical world, and they have special needs from their software vendors. They probably deal with more technical complexity than any other IT segment. Hardware, software, Windows, Linux, security, networking, cloud, smart phones – where does it end? This means they need software solutions that are easy to install, deploy, manage and report on.
  • An MSP deals with a lot of software “vendors”. What they really need are software
    “partners”. A software vendor sees the MSP as a resource (money) extraction
    opportunity. A partner is someone who saddles up and goes into battle with you. With a partner, you will either win together or lose together. This is an incredibly important distinction to the MSP, and a really big challenge to the software vendor.
  • The MSP needs more than a software solution from a partner. With all of the complexity of the services an MSP delivers, the MSP needs help from the software partner to sell the solution, to support the solution, and to be a trusted advisor. Can the software partner help with sales collateral? How about with joint sales calls? Can we do joint webinars and podcasts that help build confidence in customers and potential customers?

Here at Townsend Security we live in the world of data security. We have encryption and key management solutions to protect data at rest. We have a number of MSP customers. Before I had the conversation with our MSP mentors, we approached each of our MSP customers the way any legacy software company would. We offered the basic perpetual and subscription licenses. We have always been very price competitive, but it was basically a take-it-or-leave it approach. We charged for each key manager that we sold.
We were a perfect example of the “vendor” problem the MSP experiences. So, we set out on a journey to see if we could align our business with MSPs and become the “partner” they want and need. It meant changing a lot of our assumptions and business practices. You will know when you have a true partner when they lean in with their marketing and technical teams to make you successful. Our goal is to be that partner!
Here are some of the things we’ve done:

  • Adopted a Pay-As-You-Go model for MSP partners. We now charge a very small monthly fee for each encrypted VM or database. Gone are the perpetual and annual subscription licenses. Scale up or scale down as you like. We get paid when you get paid. Full stop.
  • Dropped all upfront fees or annual minimums. We are aiming for perfect cost and
    revenue predictability for your MSP business.
  • Stopped counting the number of key management servers the MSP runs. The MSP
    deploys key servers in the way that makes sense. Multiple physical hosting sites, on-premise deployments, Disaster Recovery as a Service (DRaaS), encrypted storage? We don’t care, we are all in.
  • We trust the MSP to deliver their services and expertise on their hosting or cloud
    platform, and on their customer’s premises. MSPs conduct their businesses in a variety of ways. If we achieve true partner status you will feel that we are fully behind you and support you and take the risks with you.
  • We train the MSP on how to deploy our solution. We have video, on-line
    documentation, and one-on-one training to help you get up and running quickly. We don’t charge for training; we just lean in to help you get the job done.
  • We support the MSP with 24/7/365 business interruption support program at no extra charge. Support is built right into the low monthly fee.
  • Provide sales support by doing joint customer calls, answering security questions, and providing guidance on meeting compliance regulations. We don’t charge for helping you close a sale; we will win the deal together.
  • Provide sales collateral that includes sell sheets, educational material, joint webinars and podcasts, and much more. We don’t charge for sales and marketing collateral.

I feel like I’ve been on a fast learning track and have gained some great new friends. They are sharing with us what they need, and we are leaning in to help them be successful. It is an immensely rewarding experience.

Here is what one of our MSP customers said:

“You said the magic words of MSP and Low cost, consumption based! We’ve struggled to find a KMS solution we can properly price and sell to our customers to do VM encryption. Solutions like XXXXXX are prohibitively expensive. Your low cost per encrypted VM per month is very reasonable. I’m glad those MSP’s helped you understand our market and that you were able to see the opportunity. You NEED to be marketing this. You’re solving a problem that MSP’s a) don’t think they can afford to fix, and b) are just ignoring the compliance of because it’s “too hard and too expensive.” I highly encourage you to get the word out through marketing to MSP’s. Thank you, Patrick. You made my day.”

If you are an MSP we would like to “make your day.” You can start your journey here

Evaluations of our Alliance Key Manager are available at no charge. We provide technical
support through the evaluation at no charge. Let’s do this together!


Encryption Key Management for VMware Cloud Providers

Topics: Partner, Hosting Providers, MSP

The Definitive Guide to AWS Encryption Key Management
Definitive Guide to VMware Encryption & Key Management


Subscribe to Email Updates

Recent Posts

Posts by Topic

see all