Distrusted Cloud Processor Agreement

We’re all familiar with the nirvana of the Trusted IT Advisor.

In an effort to leap over the Grand Canyon that is the legal liability of a solution MSPs don’t manage, many are trying to find ways around it.. Terms like “Cloud Broker” or “Cloud Integrator” seem to enter discussion from time to time so I wanted to offer you both an opinion and the way we handle this at ExchangeDefender (we offer Hosted Exchange, SharePoint, Lync, hosted encryption, compliance archiving, etc through a worldwide network of partners and even directly through the agent model).

Whose Fault Is It Anyhow?

It’s the fault of the person that makes the transaction.

The end.

But suppose you don’t have a very sophisticated services contract, suppose you’re just copying someone else’s copied template that doesn’t fit your business, your offering and your local laws. Suppose you’re just a good guy. How is the cloud sold?

#1 Cloud is about efficiency. If your pitch for the cloud solution says that the client should consider it because it reduces overall management costs, reduces hardware investment, reduces eventual migration costs.. but then turn around to sell a whole bunch of stuff on top of it and bundle it in with your stuff.. you’ve just bundled in a ton of liability.

#2 Cloud is a building block. If your pitch for the cloud solution says that the client should consider it because it makes technical sense and you’re recommending a technical solution that is prone to some failure and your option is the only one you’re willing to support.. you’re doing this right!

Option #1 often fails not because it’s a bad idea but because you’re leading down a path that naturally has the client choose the cheapest possible solution. When you are pressed to make a compromise on the price (because they shopped around and found a solution without antispam, without mobile access, without SharePoint, without backups, without a phone number, etc) you too might follow them down to the gutter of choosing something horribly inadequate to their risk portfolio.

When Option #1 backfires, they will blame you. You know how people don’t want to pay for a real server, real RAID controller or even spend $200 more for another hard drive.. but when the said single point of failure blows up they are suddenly finding $ in the budget to send it for a $2,000 Hard Drive Data Recovery Lottery, Inc? Option #1 is that, except with the 100% guarantee of complete data loss.

At ExchangeDefender we offer 2 factor password authentication for the hosted Exchange. The number we’ve sold? 0.

We also have an off-brand solution at CloudBlock for a $2.99 Hosted Exchange that doesn’t even have a phone number for support. It sells around the clock like the last call for at the 4-for-1 bar. Appropriate too, because you’d have to be friggin drunk to put your business on it but I know, budgets are tight and email is not that critical and..

Note the difference.

Two solutions. Two very different experiences.

When it comes to cloud.. you have to make them choose: Do you want a solution we stand behind and support or do you want to roll the dice?

I always tell my partners to present both. No matter if this is the first or last sit with the lead, if you lead with the ultimatum (“This is what we recommend and this is the best offering and the only one we will ever offer”.”) they have no choice but to consider an alternative that may be prettier to look at than you (physically|financially|cosmetically) you will not just lose that subscription business but any other solutions they may need from you down the road. If they invited you into their office do not leave until you’ve taken some money or at least some office supplies – even if you have to take the extra roll of toilet paper from the bathroom.

But do not.. never ever never.. cross-pollinate your recommendation with ill-conceived risk tolerance of technology they do not understand that you do not control.

So what do you do?

When you go through your sales process your prospect is buying the dream of everything you are selling them… at the price that they have in the mind (which is naturally always lower than the one you’re proposing). So when they attempt to reconcile it, they still think they are getting everything and just paying less.

Never make that compromise.

Price is the price, recommendation is recommendation, pick and choose. No, you can’t have a Big Mac meal for the cost of a happy meal because the McDonalds register doesn’t do discounts – but I’ll throw in an extra few fries and let’s make a deal! Your compromise is on additional services, not at the core – because you don’t control the core.

Partners ALWAYS come to me looking to get Hosted Exchange for less than $10 or less than $8.. and tell me they’ll have to consider building it in house if we can’t work something out.

If they are nice, I pull out Excel and do the math for them – this is what it would cost you to build a comparable solution and this is the number of seats you’d need before you stopped losing money (assuming your Exchange and support worked around the clock for free)

It’s much easier for you to knock off a $1 or $2 off your $125/hr labor rate than it is to shave off the cost of a complete solution.

Now, note the consistency here.

There is a strict separation of service and solution. The liabilities must always stick with the service provider, never with the overall solution. You cannot, in all good conscience and common sense, assume the liability of a third party service or entangle yourself in it any more than you would put your business on the line of a Made in Taiwan hard drive.

So remember – as an advisor, you warranty your advice and they pay for it. Beyond that (and I don’t care what you call it) you’re pretty much processing a third party transaction. Break it up, get plenty of signatures and continue to remind them that you know better.

P.S. This is one thing that most MSPs seem to miss out on but our most successful partners constantly do – just because they bought something that got your foot in the door doesn’t mean the sale ends there. Continue to remind them what they should be using and what the risk happens to be. Every time yet another service provider blows up and downs their cloud, tell them that ExchangeDefender Hosted Exchange is the only major player with infrastructure spread across multiple data centers that doesn’t suffer from a single-point-of-failure issue. Every time a major cloud provider has their authentication compromised, data stolen, data lost – remind them of more stuff they need to take into account. So many people focus on selling to the blue ocean of leads they haven’t sold a damn thing to – and don’t invest in their own existing client education (read: upsale).. and I will never understand why.