Speaker: Reid McConkey, CEO-Resolved IT
Could you describe a time that FortMesa helped you?
Reid McConkey: Hey my name is read from resolved I. T. Um We're a small little MSP in Vancouver founded in 2020 we've got about seven people on our team to give you an idea of the size of our organization. So we're very much uh MSP focused focused on delivering I. T. Services firm up until this point. Um about three months ago Kel had reached out to me on linkedin at the time, I thought he was in another you know annoying sales guy. I think he sent me four or five messages before I finally replied. Um and I'm very glad that I did end up replying. So I had I connected immediately with Carolina phone call and he sort of just explained the GRC platform and vulnerability management as a service and at the time I thought I had a really good understanding of of what it was and you know what vulnerability management should be. Um You know I had worked as a manager in a number of I. T. Firms and even as a management consultant before I started my own firm and so I felt like I had a really good understanding of all the services that we could deliver. But Khaled actually educated me and he let me know that what most MSP s deliver and what all the MSP. S that I had worked with in the past. We're delivering was vulnerability management on a quarterly or an annual basis. Right? With some sort of tool, like a rapid fire tools type of tool set. You run a one time scan, you show the audit to your customer and then you remediate some issues and you use the scan to sell some projects and um you know it's just sort of a sales tool Where collide sort of helped educate me in the value of vulnerability management as a service and educating the customers on on what it actually is. So so the difference between vulnerability management as a service and just traditional vulnerability management is that as a service of course it's it's 24/7 and it's in real time and there's somebody manually remediating or automatically remediating in some situation all of the vulnerabilities as they pop up rather than just doing it on a quarterly basis. Um As you guys know as I. T. Professionals I'm sure right you run a vulnerability scan, you run the same vulnerability scan another few hours on the same endpoint after it's got patched or something and there might be a new one that's cropped up. Right? So imagine after three months the level of change that's occurred in your environment and the vulnerabilities that have cropped up. Right? So what I've done is I've changed my entire sort of way I've approached the service right? I'm no longer selling myself as just an I. T. Support company. We are in an I. T. Support and a cyber security company and we deliver both within a single suite of services, a single plan. Um So we've tallied originally um you know he asked me to walk him through my my service plans, my pricing um and he sort of said, hey, you know, there's a lot of opportunity to get more margin here and more value, more revenue flowing through your business by doing some cybersecurity services um and so through educating me and teaching me how to use the platform and how to deliver vulnerability management as a service properly um and compliance as a service. I've been able to build out three different tiers of plan with collides help. And he he said that that's the and I tend to agree that's the way to maximize revenue opportunity. Um And so we've got a silver gold and platinum plan. Now the silver being sort of more targeting the traditional MSP customers with some of the baseline cybersecurity offerings and then our our golden our platinum plan involving vulnerability management as a service and compliance as a service. Now, our silver plan being the sort of line up with our current plan is 25% more expensive than our current pricing. Our gold plan is 50% more expensive and our platinum plan is 67% more expensive to give you an idea. So I've had a significant increase in margin um and flexibility to deliver my services with that. Um and so with with Khalid's help and and maths help to really identify where the opportunities are, how much it's gonna cost to actually deliver my service and and all of the sort of due diligence that a lot of MSP. S fail to do prior to selling their services. I feel like I'm set up a lot more for success and and to deliver services with a much higher margin and frankly with more value as well. So I see it as a win win and yeah, I can't I can't say much more. I can't recommend working with Fort Mason more if you're looking to expand your central security offering.
How did FortMesa Transform your MSP Offering?
Reid McConkey: so when Khalid first reached out, one of my main concerns was, you know, I don't have enough time. That's actually why I was reaching out to find the TRC platform is, you know, I need to automate some of the tasks that I'm doing. I was delivering compliance as a service manually at the time, which you can imagine was very time consuming. Um So Kallen walked me through, sort of how I would, you know, save time and all these things, but he also gave me the authority, you know, I'm a young guy, I'm in my mid twenties, I have only been an I. T for less than a decade, right on paper, so prospects on occasion will go, hey, you know, what are your qualifications like you've got a baby face? Right? That's just a unique problem that I face, but you know, all MSP s need to establish themselves as an authority in the cybersecurity space. Um and the way I've done that is by leaning on matt and by leaning on salad and Fort Mesa. Um and their certifications in their trust mark tools that they've made for us. Um So whenever somebody asks me about my, my authority in the cybersecurity space, you know, I'll say I've gone through the training and I've been educated by, by Fort Mesa, which has, you know, the cybersecurity background in this formal education and their platform is gonna hold me accountable, um and and give me the tools that I need to make sure that I'm delivering compliance as a service properly and vulnerability management as a service properly. Um and that we're doing our due diligence and we're actually delivering on the service. One of the nice sort of pieces to this platform is you have transparency with your customers, right? They can log into the portal and see the work that you're doing and see the controls you've implemented and all of the plans that you have in place. Um, That's something I really struggled with was perceived value of the service with customers. And so between that and the education and the authority that they're going to give you by referencing them as a partner. I think that they're a fantastic place to be for for compliance as a service in GRC.
