Magazine Article | July 17, 2014

Take Financial Services To The Cloud

By The Business Solutions Network

This $213-million company’s record fiscal year is a result of overcoming customers’ cloud fears and expanding its managed services practice.

Some IT services providers may find it intimidating and deflating to compare themselves to Computer Services, Inc. (CSI), which has been in business since 1965, has 1,100 employees, and reported record revenues during its most recent quarterly financials announcement. What’s more is the fact that even though CSI is a very large company, it has the agility of a much smaller firm. But here’s the upside for smaller (managed services providers) MSPs: Even if you’re one-tenth the size of CSI, you can adapt some of this company’s business strategies to your practice. CSI focuses exclusively on the financial services industry, which is important to note because some of the challenges this MSP faces in this highly regulated space can readily be applied to healthcare, manufacturing, retail, education, the public sector, and other markets.

The Core Processing Data Center Becomes A Cloud Gold Mine
Since its inception, CSI has focused on providing core banking platform technology, which includes data processing and clearing checks, and running other standard banking and accounting functions such as deposits, loans, financial performance statements, and online and mobile banking services.

The company performs core processing out of its redundant data centers, which have been in operation since 1982. Due to the strict regulations and standards governing the financial services industry, including the IT general control standards for FFIEC (Federal Financial Institutions Examination Council), PCI DSS (Payment Card Industry Data Security Standard), and GLBA (Gramm–Leach–Bliley Act) standards and regulations, CSI takes security very seriously. “In addition to keeping up to date on the latest PCI DSS requirements, CSI conducts SOC [service organization controls] I and SOC II audits, which use the SSAE 16 Standard and Trust Service principles, throughout the organization,” says David Malcom, VP of managed services at CSI.

In 2010, the company recognized that there was a growing need within the financial industry for managed services beyond its hosted core offering, and its data center infrastructure could accommodate these needs. “Even though we had a private cloud that was compliant with our customers’ industry regulations, we were missing opportunities to host their remaining systems and assist with their other noncore processing IT needs.”

As a way to quickly expand its managed services offerings, CSI acquired HEIT, a managed services company that brought noncore managed services offerings and more than 100 IT experts to CSI’s business, in 2011. “Since the company was an MSP focused on the financial services market, the acquisition allowed CSI to deliver managed services that were complementary to its core processing competency, including remote monitoring and management (RMM) of IT equipment and gear, managed security, and IT help desk services,” says Malcom.

The synergies between the two companies allowed CSI to blend various groups and grow in new ways. “Now, we can offer core services to our customer base that’s currently using our managed services but another core processor, as well as provide our core banking customers with a range of managed services, including cloud and outsourced service desk support,” says Malcom. “We’ve also increased the scope of security-related services we’re able to provide all customers. This includes firewall and IPS (intrusion prevention systems) management, DDoS (Distributed Denial of Service) protection, managed HIPS [hosted intrusion prevention system], and mobile device management.”

Education Is The First Step In Growing Cloud Revenue
Although CSI’s managed services offerings generated new revenue streams for the company right away, its foray into selling cloud services didn’t yield the same immediate results. To get a better handle on the issue, the MSP began incorporating more cloud-related topics into its compliance discussions. “Our customers regularly seek our advice when they’re preparing for external audits, and they want to ensure they’re taking the necessary preparation steps,” says Malcom. “Financial institutions that are prepared for these exams save themselves a lot of time, headaches, and unwelcome surprises, which makes this a popular topic among our clients.”

A few questions CSI asks its customers during these discussions include these two: “Are you looking at cloud services for your business, and if so which areas are you exploring? What due diligence measures have you performed to ensure you’re handling your data appropriately?” CSI uses this opportunity to educate clients about different kinds of cloud services — such as public, private, and hybrid — and it helps clients think through the pitfalls of making the wrong cloud choices. “If, for instance, a customer is already using another vendor’s cloud service, we’ll ask them where the data is stored,” says Malcom. “If it turns out to be outside the United States, that’s a red flag we want to help them resolve right away. It may lead to a potential violation of federal regulations that could be costly and time-consuming to resolve.”Subscribe to Business Solutions magazine

Throughout the consultation process, CSI contrasts public cloud and overseas cloud services with its U.S.- based private cloud offering, which has been specifically designed to protect sensitive financial data. “Educating customers about the cloud has gone a long way in getting them to entrust us with their cloud initiatives, but we found that some decision makers still felt uneasy about not being able to see the blinking lights in their server rooms,” says Malcom.

Providing Server Visibility Is Another Key To Boosting Cloud Revenue
After recognizing the “control and visibility” objection some of its customers still had with the cloud, CSI saw an opportunity to address this concern with another initiative already under way. CSI started with the premise: “Our RMM tool gives us visibility into our customers’ desktops, applications, and servers; how can we provide our customers with this same level of visibility?” Already familiar with the process of developing client portals, CSI developed a managed services portal called EDGE, which stands for Enterprise Data Gateway Environment. “EDGE aggregates data from our N-able by SolarWinds RMM tool along with other security monitoring, desktop monitoring, and patching tools to present customers with important metrics about their servers and other computing resources being hosted in our cloud data center,” says Malcom. “Our c lients can see, for example, the same alerts that our technicians see if a server is approaching capacity or if a backup did not run properly. They also can see active tickets and actions being taken by our help desk team, plus they can run a variety of reports, such as Active Directory changes, accounts created/deleted, permission changes, network device configuration changes [for firewalls, routers, and switches], and correlated security incidents [mitigation and response reports], to name a few.”

Although the EDGE portal has only been available for general use for a few months, based on customers’ responses during beta testing, CSI is optimistic this new service will provide another level of transparency to ease customers’ concerns about the cloud.

Solving Banks’ Biggest Challenge: The Customer Experience
Now that it offers complete IT solutions and hosting services, CSI is focusing on another important trend impacting its customer base, which is the customer experience. A recent study conducted by J.D. Power illustrates this point, noting that midsize banks are notably lagging behind larger banks in customer satisfaction, and they were even found to be declining in points among affluent customers. The number-one complaint among survey participants was not high fees or low interest rates; it was poor customer service (28 percent).

In today’s world, customers are more tech-savvy than ever; they expect financial institutions to offer multiple channels that allow them to bank in the manner of their choosing. So, when a financial institution can give customers an integrated channel experience, which includes a consistent user experience at the local branch, over the phone, and online via a Web browser or mobile app, it goes a long way in driving customer satisfaction.

CSI recognizes this reality, and it knows what prevents many financial institutions from achieving this goal. “In the past, many core providers offered only banking basics such as demand deposit accounts and CDs, and financial institutions relied on interfaces to other banking services in order to expand their product offerings,” says Malcom. “These interface practices lead to various providers exchanging information several times per day, with the different balances squared up once a day — at best.”

A much better alternative to interfacing is integration. “With integration, the core provider not only supplies all the client’s infrastructure and digital channels, but also provides ancillary solutions such as document imaging, government watch-list screening, and network management,” says Malcom. “Equally important, integration gives end customers real-time account visibility no matter which channel they use.”

CSI encourages financial institutions to capitalize on opportunities to integrate channels by asking a few probing questions when they are considering new products, especially core technology, such as:

  • “Does your current provider sell interfaces to generate revenue? If so, are they really listening to their customers?”
  • “How many vendors do you have?”
  • “How much time does it take to manage your vendors?”
  • “What is the cost to acquire and manage interfaces?”
  • “How quickly do your systems, business processes, and workflows adapt to a changing marketplace and business landscape?”
  • “Are your processes automated, or do they require employee/manual input?”

“Our clients can see, for example, the same alerts that our technicians see if a server is approaching capacity or if a backup did not run properly.”

David Malcom, VP of managed services, CSI

Trust The Metrics To Guide Your Business Decisions
In the same way that CSI uses industry guidelines and analyst research to advise its customers about their IT and business decisions, the service provider uses metrics to drive its own business strategies. One indicator CSI puts a lot of stock in is customer feedback. “In addition to keeping in regular contact with our clients, we conduct an annual survey [to IT and C-level decision makers] to ensure our solutions and services are meeting their needs," says Malcom. “In our most recent survey, more than 95 percent of our customers indicated they would recommend CSI to another company. Additionally, all of our customers are entrusting at least some portion of their cloud services to us, and the majority of our customers are on a managed services plan with us as well. We see our differentiator as being a single source provider that allows customers to outsource their IT processes, so they can focus their efforts on running their businesses.”

Having nearly 50 years of experience in the financial services space gives CSI a starting advantage over younger and smaller competitors in its space. However, its ability to remain agile enough to adapt to key trends impacting its industry is what ultimately drives this MSP’s record-setting revenue growth.