Microsoft 365 security best practices case study: Peters & Associates

Microsoft security solutions provide a competitive advantage

Security is a top concern for nearly every business, but many lack the in-house expertise and resources to handle today’s threats. These customers are receptive to partners who can assess vulnerabilities and deploy a broad range of security solutions, especially solutions that provide a demonstrable and immediate return on investment.

In the Chicago area, Peters & Associates is using Microsoft security solutions as a key component in the transformation of its IT consulting practice. As a long-time Microsoft partner with multiple Gold and Silver competencies, they’re positioning themselves as leaders in the security space, and showing both existing and prospective customers how Office 365 Enterprise E5 can help them better identify and address security vulnerabilities.

Thought leadership drives growth

Recently, Peters & Associates has focused on developing content, hosting events, and creating a social media presence to reinforce its leadership position. These efforts are all tied to specific topics that leverage their expertise.

For example, as more companies become victims of ransomware, Peters & Associates has published a series of blog posts that provide advice on everything from whether to pay ransom demands to proactively opening a Bitcoin account to get a three-day lead in case customers decide to pay the ransom. Of course, the key message is to take the necessary steps to ramp up security and prevent attacks.

The goal of Peters & Associates' content strategy is to open conversations that ultimately lead to a security assessment.

Security assessments are the launching point

“Everything always starts with an assessment,” explains Bruce Ward, Vice President of Business Strategy. “It’s a truism around our organization that you pretty much can’t do anything until you know something about the client, and you have assessed their vulnerabilities.”

Office 365 Secure Score is an important part of this process. “When Microsoft first released Secure Score, we were right in the middle of a manual assessment for a large banking client. Secure Score made the process easier and more graphical,” said Ward.

“Now it’s part of our security assessment and it’s an element we use to judge things that have moved from ground to cloud.” Security assessments have helped them land several new customer accounts, and opened other opportunities that are currently on the table.

Extending Customer Engagements

One of the ways Peters & Associates is addressing customer demand is through what Ward calls “bundling on steroids,” using security solutions that can be packaged as new services to establish and extend Customer Engagements.

Bundling security tools dovetails perfectly with Peters & Associates' desire to shift from project-based services to managed services that improve their competitive positioning and deliver higher margins. “Now we can say to customers, for a set fee per-user per-month, your desktop is covered. That includes the products, plus all our services to install, monitor 24/7, and handle incidents,” Ward explained.

Ward highlights Microsoft’s Advanced Threat protection (ATP) as one of the key launch points for bundling opportunities. “ATP is selling like hot cakes, it’s number one on our list,” Ward said. “We call it Managed ATP, because ultimately what we do is bundle our pricing so we give them onboarding assistance, licensing assistance, and user training support. Bundling our services around ATP is something smart to do.”

Establishing managed services and security

Ward explained that security is one of the key components reshaping their practice. “Security sells, so we’re transitioning from managed services to managed services and security, and we’re taking our customers with us,” he said. “People are very focused on security. So, while we might have been monitoring the health of their servers before, now they also want us to monitor the security of those servers. To do that, we’ll need all sorts of capabilities.”

As examples, Ward pointed to Office 365 Advanced Threat Protection (ATP) and Advanced Threat Analytics (ATA). “For instance, we’ll need ATP for better mail flow; we need Advanced Threat Analytics in EMS (Enterprise Mobility + Security) to know more about authentication that’s occurring; we need to protect desktops, so we look at Endpoint Protection,” he explained. "All of this is mind-numbing to customers; they just want to know their desktops are covered.”

Customer proof-of-concept fuels adoption

The key, Ward suggested, is to get the tools in customers’ hands so they can see them operating in their environment. Spending pre-sales dollars effectively to make sure customers understand the product in their world, helps users see value quickly, and makes it easier for partners to bundle additional solutions.

Some client engagements are driven by specific compliance requirements, where the organization has specific boxes they need to check.

As evidence, Ward described the sales cycle for a 2500-seat organization that needed a Cloud Application Security Broker (CASB) to support their work with the insurance industry. Because Microsoft Cloud App Security is deeply integrated into Office 365, Peters & Associates could structure a sale around what Ward calls the “5-5-5 program, involving Office 365 E5, EMS E5, and Windows 10 E5.”

Another example involves a long-time Peters & Associates customer that recently became a government contractor, selling specialized equipment in the US and China. This raised the need to comply with new requirements for the protection of Controlled Unclassified Information (CUI). To meet the new requirements, Peters & Associates deployed Microsoft Advanced Threat Protection as an add-on to their existing business with the customer.