Tag: pricing

10 Steps to Better Evaluating a Cloud Service Agreement | Blog

Comprehending a Cloud Service Agreement (CSA) can be difficult. With the increasing clout of hyperscalers, buyers need to fully understand a CSA to effectively negotiate with cloud service providers. Learn how to better evaluate these contracts in this blog.  

With the increased adoption of cloud services, Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure have come to dominate the public cloud space in recent years. The negotiating power of these hyperscalers has significantly increased, changing the dynamics of the CSA.

As the influence of cloud providers grows, customers need to carefully evaluate the proper terms and conditions in the CSA. First, let’s better understand the key terms:

  • Cloud service agreement (CSA) – a service level agreement (SLA) for cloud computing services between the cloud service consumer and cloud service provider
  • Cloud service consumer – an individual or a corporate enterprise end user accessing cloud computing resources and services from the cloud service provider
  • Cloud service provider (CSP) – third-party suppliers of cloud-based platforms, infrastructure, application, or storage services
  • Customer agreement – the relationship between the provider and the customer, including roles, responsibilities, and processes used by the CSP

The contract may be written according to the service delivery model selected, such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), or Software as a Service (SaaS). CSPs can modify their contract terms at any given time.

Based on our observations, many customers have difficulty understanding these contracts. With the growing portfolio of cloud services in every organization, understanding the nuances to better negotiate contracts with service providers is crucial.

Below is a practical reference to safeguard customers’ interests.

Ten Steps to Evaluate a Cloud Service Agreement

  1. Understand the roles and responsibilities properly
  2. Evaluate business-level policies thoroughly
  3. Understand service and deployment model differences
  4. Identify critical performance objectives
  5. Evaluate security and privacy requirements of the environment
  6. Identify service management requirements
  7. Ensure proper backup for service failure management
  8. Understand the disaster recovery plan
  9. Ensure an effective governance process
  10. Evaluate the exit process fully

For a detailed analysis of your contracts, please reach out to [email protected]. To discuss the cloud service agreement, contact Rohan Pant, [email protected], and Vaibhav Jain, [email protected].

Seven Best Practices to Follow During a VDI Implementation | Blog

Driven by the increasing numbers of mobile workers during the pandemic, VDI implementation has rapidly grown as a secure solution that provides flexibility and cost savings. While it’s a good fit with today’s steadily growing remote workforce, VDI must be implemented properly to avoid pitfalls. Read on to learn the challenges and benefits of implementing a virtual desktop infrastructure.

Workplace infrastructure is quickly evolving. While Virtual Desktop Infrastructure (VDI) transformation has been in the industry for some time, COVID-19 has spurred its increased use to manage IT consumerization and control costs.

The benefits of implementing a virtual desktop infrastructure for enterprises can be remarkable and include easier accessibility for users, device flexibility, increased security, and lower costs. However, if not implemented correctly, VDI can bring organizational challenges. Many projects fail due to improper design leading to performance issues.

Based on our experiences helping organizations understand and optimize VDI implementation to achieve the right model for their budgets and timelines, we identified the following seven best practices:

  1. Understand end-user requirements – Boot storms can be avoided by being cognizant of such details as the number of VDI users, end-user applications, and the times of day users will log in and access their virtual desktops
  2. Consider end-user location – VDI architecture and resources may vary for users at different locations. Bandwidth and latency also have a big impact on the end-user experience
  3. Choose the ratio of persistent or non-persistent desktops – The virtual desktop type can sometimes be determined by the user type, such as task workers, power users, kiosk workers, etc. Persistent desktops retain a user’s personal settings when they log off, while non-persistent virtual desktops do not
  4. Consider client device options – A desktop virtualization benefit is that nearly any device can have a virtual desktop client. Deciding the best mix of thin client devices, converting old personal computers into thin clients, and having bring your own device (BYOD) clients are key factors in VDI deployment. Maintenance requirements and ownership will differ for each case
  5. Design for high availability – While a problem with one physical desktop affects just a single user, an overall VDI failure has the potential to impact all employees. Design the underlying architecture to be highly available to avoid this
  6. Craft a BYOD policy – VDI lets organizations deliver a desktop experience to many types of endpoints and devices – even those owned by end users. Carefully design and distribute a BYOD policy indicating what users can and cannot do on their personal devices
  7. Factor in security – Do not overlook infrastructure security. All security best practices that apply to physical desktops/laptops also pertain to virtual desktops. Administrators should make sure to extend patch management operations to cover virtual desktops

For a detailed analysis of your VDI implementation, please reach out to [email protected]. To discuss further, contact Vaibhav Jain at [email protected].

Razor-sharp Solution Sizing for IT Services – How to Ensure Competitive Pricing | Webinar

ON-DEMAND WEBINAR

Razor-sharp Solution Sizing for IT Services – How to Ensure Competitive Pricing

There is clear intentionality as IT applications and infrastructure move to managed services, a shift that the global challenge to find talent across industries accelerated.

Pricing model asks are now moving from simple day rates to more complex pricing constructs, such as pricing for agile pods, weekly pricing, fixed fee, and output and outcome-based pricing. In such scenarios, getting the solution sizing right is often the difference between wins and losses in competitive deal scenarios.

Within a managed services model, providers will also need to correctly translate these underlying solution considerations and the value they bring to the client to ensure that the solution is evaluated for its true merit.

 

What questions will the webinar answer for the participants?

  • Why is razor-sharp solution sizing so critical?
  • What are the important parameters to keep in mind?
  • What are the common pitfalls to avoid to ensure a competitive fee profile?

Who should attend?

  • Service providers
  • Commercial leads
  • Sales leaders
  • Pricing team members
  • Solution design leads
  • Contracting leads
Gupta Prateek Refresh gray square 1
Prateek Gupta
Practice Director

Is Managed Detection and Response (MDR) the Holy Grail for Cybersecurity Services? | Blog

With the meteoric rise in cyber attacks and cybersecurity talent shortage, Managed Detection and Response (MDR) can help enterprises improve incident detection, investigation, and response without more staffing. MDR provides a winning combination of technology, analytics, and human intelligence to improve cyber resiliency. Read on for recommendations for an effective cybersecurity approach.  

The cybersecurity outlook has shifted from business and IT-driven to the C-suite. Enterprise investments are now geared towards establishing cyber resiliency programs with holistic threat advisory, comprehensive monitoring, and faster response as the key building blocks.

Let’s take a look at the elements enterprises want in cybersecurity.

Strategic enterprise priorities for running an effective cybersecurity program

Picture1 2

Picture2 2

The MDR solution

With the right building blocks, MDR is becoming a near-term remedy for major enterprise cybersecurity challenges and helping companies meet their strategic priorities for effective cyber security programs.

Sophisticated threats are becoming difficult to detect because they can evade traditional controls and detection techniques. MDR aims to improve the struggling enterprise incident detection, investigation, and response capabilities.

MDR leverages next-generation technologies to hunt and respond better. Further, MDR brings the perfect amalgamation of technology, analytics, and human intelligence to bolster the enterprise cybersecurity position.

Types of managed detection and response providers

Our recent assessment of MDR services for leading technology enterprises analyzed the evolution of MDR technology vendors. We looked at their evolution from providing Endpoint Detection and Response (EDR) solutions to adding greater value through different services.

MDR service providers take different approaches to solutions and pricing services and can be classified in the following categories:

Type A vendors: They primarily position their EDR offerings as part of MDR services and typically provide an as-a-service model that includes the necessary software along with services

Type B vendors: These multi-threat vector-focused vendors cover not only endpoints but also include cloud-based workloads and networks in their solutions. They propose as-a-service and pure services models depending on the customer’s requirements and investment into detection and monitoring software in the current environment

Type C vendors: They are primarily managed security services providers delivering end-to-end security services along with MDR. In certain instances, they create bespoke offerings depending on customers’ requirements. They are typically vendor-agnostic and offer both as-a-service and a pure services model

Points to ponder before embracing MDR

Bringing together existing capabilities with an experienced provider is the key to jumpstarting the enterprise MDR journey.

Below are some recommendations to achieve success when implementing MDR services:

  1. Start small
  • Add MDR capabilities to areas where your enterprise lacks capabilities or has an imminent need to scale existing capabilities
  • Consider starting with incident response and threat remediation, given the lack of skilled resources and the required tools and technologies
  1. Integrate with existing technologies
  • Undertake a comprehensive assessment to determine how the MDR provider’s threat containment and response approach can be best integrated with enterprise policies and business processes
  • Integrate with existing security technologies quickly and based on standards (e.g., Application Programming Interface (API), protocols)
  1. Choose the right MDR stack and vendor
  • Understand no single best MDR provider exists in the market. Select MDR providers that have experience in use cases relevant to the enterprise’s size, maturity, and industry vertical
  • Choose a technology-agnostic vendor with a proprietary delivery platform with log and data management, analytics, orchestration, and incident response capabilities

Once enterprises have kickstarted their MDR journey, they often can choose to combine overall cybersecurity and MDR services under one portfolio. In a few instances, we have observed the supply side proposing the convergence of the Security Operation Center (SOC) into the MDR solution to help enterprises save costs. Enterprises should leverage MDR in a way that complements their existing operations to essentially fill the gaps in their threat management strategy.

Managed detection and response pricing

MDR pricing models and structures are still evolving. For example, Type A or Type C vendors usually prefer going with per unit-based pricing models where EDR and other software might or might not be included depending on requirements. Bespoke offerings can further modulate the price based on service inclusions and exclusions. Thus, different pricing metrics are offered, such as per asset, per user, etc., which slightly complicates matters and makes apples-to-apples comparisons difficult.

Additionally, we have observed that service providers may command premium prices because of the delivery location and type of value-adds included. For example, in the government sector, we have typically seen onshore delivery because of compliances, regulations, and discomfort with offshoring. At the same time, we have seen a few other cases where vendors leverage offshore locations for functions such as 24×7 monitoring to improve price positioning.

High-end threat hunting and cyber deception services are niche skills in the market. The current talent war creates a void in enterprise threat management strategy. Managed Detection and Response, with its suite of services, has the potential to emerge as a market winner.

Learn how to we can help you benchmark prices and contracts for a wide array of services, from contact center service IT to business processes. Our price benchmarking catalogs cover competitive market pricing for the most prominent locations across the globe.

To discuss Managed Detection and Response and cybersecurity, please reach out to [email protected], [email protected], and [email protected].

The R-word and What It Means for IT Services Spending This Time | Blog

What factors make this economic downturn different, and is IT services spending recession-proof? Despite recessionary fears, digital transformation and post-pandemic demand will help maintain IT services growth with more cautious tech spend moving forward. Learn the three strategies service providers should take now to plan for the slide in this blog. 

By all accounts, it seems we are entering a cyclical phase of economic downturn. Gross Domestic Product (GDP) declined for the US, Italy, and Japan in the first quarter, while the UK, France, and Canada flatlined or deaccelerated meaningfully.

This has been visible a long way off, and the equity markets have adjusted their guidance for IT services stocks accordingly. However, we at Everest Group believe this is very different than past cyclical downturns.

To truly understand the nature of the impact on the IT services industry, we need to ask the following three questions:

  1. Is IT services spending truly discretionary?

Chart one tells us a few things:

  • During a downturn, IT services spending tends to follow a meaningful lag effect. Our channel checks reveal careful prioritization of fresh capital expenditure (CAPEX) items, but not cancellation of committed tech spend
  • Modern enterprises view technology and tech spend to transform their business and become more innovative and efficient. A downturn will sharpen the focus on pragmatic digitalization to create new revenue streams
  • A meaningful part of the inflationary pressures can be attributed to global fiscal expansion post-pandemic. This is not necessarily true for private businesses and tech spend. If anything, remnants of pent-up demand continue in the wake of pandemic-induced austerity

A combination of the second and third factors is leading to the divergence between the IT services and aggregated economic activity, as measured by the GDP.

Chart 1

Picture1 1

  1. How much has already been baked in?

Now, look at this second chart. Suffice to say that IT services stocks have taken a beating in 2022.

While some stock price erosion can be attributed to inflationary pressures leading to margin compression, a significant part is due to negative macro expectations.

Curiously, during the same period, consensus revenue estimates have continued to expand (Accenture, Cognizant, Infosys, Wipro, TCS), and book-to-bill ratios remain healthy (expanded Year-over-Year for Capgemini and IBM, with mild deceleration for TCS and Accenture).

Quite simply, this downturn was visible a mile off. All of us could see it, as could customers, economists, governments, central banks, and equity markets. And a little bit like seeing a slow train coming, we skipped the tracks and readjusted our expectations. Consequently, it’s unlikely we will see a trainwreck, but tech Return on Investment (RoI) will be increasingly scrutinized.

Chart 2

Picture2 1

  1. Are the usual lemons drying up?

Finally, we need to remember that the world is still coming out of COVID-19. Every enterprise made massive cost adjustments during the pandemic by automating routine tasks, moving to the cloud, and divesting non-core assets. In other words, many of the usual cost adjustment levers are already pre-adjusted, and one has to pause and ask – how much padding do we still have before we risk cutting too close to the bone?

What’s likely to happen – our prognosis

  • Yes, there will be a downturn in the IT services industry. But it is very unlikely to be severe. We forecast 6.7 % growth (organic, constant currency basis) as the base case for the year ending March 2023. This includes a set of very large supply side players with company-specific issues (e.g., Atos), while more resilient companies will comfortably beat the average. Irrespective, industry growth will be significantly above the pre-pandemic trendline. The reality is that we are in the midst of a decadal mega cycle of digital transformation, which will significantly counteract a slow-burning cyclical downturn
  • Enterprises will have to grow out of the recession through waste avoidance, innovation, and digitalization, and not through canceled tech spend
  • There will be limited manifestation of the usual downturn-linked opportunities (e.g., shared services divestments, vendor consolidation, etc.)

Three service provider strategies

Service providers will still need to readjust. Here are some recommended immediate steps to take:

  • Examine your portfolio: Not every industry and customer within the same industry will be impacted equally. Now is the time to critically examine your portfolio and evaluate every account. Ask yourself:
    • Which parts of my portfolio are critical to the customer’s business success? If they are not core, how can I gain share in business-critical categories?
    • Have parts of my portfolio already been adjusted for maximum efficiency during the pandemic? If not, what can I proactively do about this?
  • Focus on systems of growth: Systems of growth are digital platforms that help enterprises create new revenue streams and transform the customer experience. In a downturn where brute-force cost-cutting options are likely to be limited, having a robust strategy to help customers grow will be a true differentiator
  • Continue hiring: The talent market may move from “white hot” to “warm,” but the war for tech talent is not over by a long stretch. A temporary lull may represent a brilliant opportunity to attract and train differentiated talent. When the markets rebound, it will make a difference

What is your outlook for IT services spending? And how are you planning for the downturn? Please feel free to share your perspectives, email me at [email protected] or Contact Us.

To learn more about the increase and changing rates across the services industry, request a 30-minute briefing.

Request a briefing with our experts to discuss the 2022 key issues presented in our 12 days of insights.

Request a briefing with our experts to discuss our 2022 key issues

How can we engage?

Please let us know how we can help you on your journey.

Contact Us

  • Please review our Privacy Notice and check the box below to consent to the use of Personal Data that you provide.