| |

The Promise and Peril of SaaS Security

Among our most prized assets at Channel Mastered is our 45,000-strong community of engaged, experienced MSPs. When we ask them questions about the state of the industry, they give us unvarnished, insightful answers.

Most recently, over 2,800 of them participated in a study we conducted on behalf of SaaS Alerts about the state of SaaS security. Headline finding: while phishing and business email compromise attacks are (predictably) the top two threats MSPs say their clients face at present, the third is not ransomware. It’s cloud vulnerabilities, and not by a slender margin. Ransomware placed a somewhat distant fourth.

Screenshot

There are a number of specific cloud vulnerabilities worrying MSPs too, and the top among them—centralized, correlated visibility across multiple applications from different vendors—isn’t one that old-school, endpoint security solutions can address.

Screenshot

A few other compelling results from the report:

  • SaaS security is dangerous. Nearly half (49%) of the MSPs we surveyed have over five customers who experienced a SaaS compromise in the last year, and 22% have over 10.
  • SaaS security is a growth market. 67% of MSPs expect to see higher recurring revenue from SaaS security services in 2024. And they’re already doing pretty well. 65% of respondents to our survey collected at least $50,000 of incremental MRR from SaaS security in the prior year, and 44% collected at least $100,000. Those sums are even more meaningful when measured against the $250,000 to $1 million in total MRR that 65% of MSPs in our polling sample billed over the same time span.
  • SaaS security is dangerous. Nearly half (49%) of the MSPs we surveyed have over five customers who experienced a SaaS compromise in the last year, and 22% have over 10.
  • SaaS security is time-consuming. About 40% of MSPs we surveyed spend five or more hours a week on it, and 12% devote at least 10 hours.
  • SaaS security is costly. Those weekly monitoring and management hours get expensive in a hurry. Given that the median hourly wage for techs is roughly $32.50 an hour right now, according to Glassdoor, an MSP dedicating eight hours a week to SaaS security pays employees $260 for that work 52 times a year, which amounts to $13,520 annually. So if they’re bringing in an extra $70,000 a year on SaaS security, they’re losing almost a fifth of it to administrative overhead.

I’d be remiss if I didn’t let SaaS Alerts crow a little about further findings from our study showing that their partners report far fewer account compromises than other MSPs, are far likelier to project higher MRR this year, and are far more confident about their security toolset and abilities.

There’s a lot more worth poring through in the report, which you’ll find here. And we’d be happy to ask our responsive MSP community any questions you have on your mind too. In fact, I’m writing this post during a break from completing a study for a different client about the state of SaaS management. You’ll have to wait a little while to hear what we found, but I think you’ll find it interesting.

Similar Posts