Tuesday, October 3, 2023
HomeMSP & ChannelMSPs: How To Make Money with Collaboration Security Services for Microsoft 365

MSPs: How To Make Money with Collaboration Security Services for Microsoft 365

The growth of organizations shifting to the cloud–and especially to Microsoft 365 environments–has increased significantly over the past few months. This structural shift from in-person to digital collaboration can be seen in the addition of tens of millions of new Microsoft Teams users since the start of the pandemic, a number that’s still increasing. In this post, we’ll take a look at how this spike created a significant opportunity for managed services providers (MSPs).

According to Forrester Research, for every dollar an end customer spends on a Microsoft subscription, they are spending up to $9 within the partner ecosystem for services and add-ons. This is where managed service providers came into the picture, helping businesses take crucial steps to ensure continuity during the pandemic.

The Challenge of Collaboration Security

Unique research commissioned by AvePoint discovered that up to three-quarters of organizations shifted to Microsoft 365 have deployed Microsoft Teams without proper governance, security, or data protection. These risks are often the last thing on their minds; they often rely on MSPs to deliver IT services and solutions.

Even for organizations that were leveraging Microsoft 365 and Teams prior to the pandemic, the surging usage along with the heightened recognition of the need for business continuity has generated an increased demand for partners who can help migrate, manage, and protect this collaboration data.

microsoft 365

These scenarios have increased the demand for MSPs to help organizations with their data management and security. However, some solutions offered are not enough or can cover everything in ensuring a secured collaboration. To fully capture this opportunity, MSPs must be fully conversant in the language of collaboration security and diligent in helping their customers answer a wide range of questions that go beyond basic best practices. These are some of the questions MSPs should be ready to answer and discuss with the customers:

  • Who can access my company’s critical data?
  • What parties have shared it?
  • Did they overwrite a key file?
  • Why are we collaborating across Dropbox, Gmail, Slack, Microsoft 365, and other SaaS products? Can we consolidate them?
  • Should I migrate all of my data to the cloud?
  • Help, my data is missing! How do I recover it quickly?

Collaboration Security Market Drivers

In addition to these challenges and standards, here are some market drivers towards collaboration security that MSPs should consider.

Source: Microsoft

From the image above we can see how Microsoft Teams activities have grown drastically over the past year as well as other Microsoft 365 solutions. This leads to more data, more collaboration, and more file sharing done by users. The challenge becomes harder as most of the workforce are working remotely with their own devices and networks at home.

It’s not surprising that cybercrime has surged during the pandemic. It was reported that there was a 400% increase in reports of cyberattacks, with most attacks targeting small businesses. 75% of ransomware attacks hit businesses with less than $50M in revenue. The average cost to remedy these attacks totaled $3.86 million in 2020, according to the Ponemon Institute.

Aside from cybercrime, regulations and compliance standards such as GDPR play a big role for organizations that need MSPs. Given that these regulations change frequently, more opportunities for potential litigation and big fines for noncompliance are more likely to occur. Managing your clients’ data correctly has never been more important.

As mentioned above, it’s better for MSPs to provide not only basic data services but also better protection and confidence to their Microsoft 365 customers. This includes:

  1. The ability to analyze and migrate data to Microsoft 365
  2. Better management of a single tenant or a full environment
  3. Setting “guardrails” for safe and optimal use
  4. Comprehensive backup and quick restore of lost data
  5. Detection and resolution of security gaps that could prompt a data breach

These tasks cannot be done without third-party adoption support; they’d be too complex and difficult to maintain. However, MSPs can provide customers with effective solutions and have additional revenue while boosting partnerships with them. To achieve this, it’s important to lay down all the key factors such as the challenges the customer is facing and how they can be resolved and fixed.

microsoft 365

Let’s look at four known key issues that might affect customers and how MSPs can effectively discuss each one of them and grow revenue from it:

  1. Secure migration
  2. Backup and recovery of Microsoft 365 data
  3. Access control monitoring
  4. Backing up other clouds

1. Secure Migration

We have seen a large spike of organizations shifting to the cloud, and the market for moving on-premise systems to the cloud has been strong. It’s so fast and simple to get started with new cloud collaboration tools like Office 365 that very few new organizations are utilizing server-based technologies for collaboration.

On the other hand, according to AIIM, 50% of organizations say they will only migrate content to the cloud when support ends for their current and existing on-premises collaboration systems like SharePoint.

This doesn’t mean that the market for cloud migration is dying; in fact, it is evolving. As per AIIM, 6 in 10 organizations plan a cloud migration or integration in 2020. As more organizations adopt cloud-based solutions to continue their business, MSPs might find customers shifting between multiple cloud platforms that are mostly built for consumer use. With this, MSPs should not only focus on migration but also cloud consolidation.

A McAfee study showed the average employee is actively using 36 cloud services at work, some for collaboration and some are for file-sharing. Microsoft 365 is the perfect destination for cloud consolidation as it provides a broad collection of integrated apps that other cloud services offer as separate, standalone products. The image below shows how Microsoft 365 solutions can replace other cloud-based solutions allowing users to collaborate under a unified environment.


Customer Challenges MSPs Can Solve

Using multiple cloud-based applications doesn’t only create a confusing workspace for employees, but it also creates an easy entry point for collaboration security risks. Challenges may include solutions for crashes resulting in data loss, the need for multiple credentials, different SLA patterns, and more. According to Forrester, 15.75 hours is the amount of time saved annually by each employee using Microsoft 365 to collaborate instead of multiple cloud-based solutions.

Having multiple cloud platforms for your employees is not just confusing but also costly. From the table below, it shows how different cloud platforms require different subscriptions and fees for each. It also shows how costs can be extremely reduced when data are consolidated into a Microsoft 365 environment.


MSPs can help customers rectify this issue by offering a reliable migration solution to migrate scattered data into a unified Microsoft 365 environment such as FLY from AvePoint.

How does this work? FLY delivers a three-step approach — via a self-guided tool or with help from AvePoint — to migrate on-premises or cloud-hosted mail, content, and collaboration into M365 or SharePoint. Data can be migrated from existing Microsoft accounts or from SaaS providers such as Box, Google Drive, and Slack. Permissions, metadata, list items, SharePoint and Nintex workflows are all supported, as are Exchange mailboxes, public folders, Microsoft Teams, and Office 365 Groups — and that’s just in the Microsoft world.


To provide a more comprehensive view before migration, detailed discovery and dynamic scope analysis via Power BI can also be utilized. MSPs can enhance customers’ migration using filters, scheduling, and staged roll-out to ensure a smooth transition for end users. This is especially important for migrations that may involve quite a bit of legacy data; a thorough discovery process is critical to removing ROT (redundant, obsolete, and trivial data).


Delivering a migration with FLY opens the door for MSPs to bundle and provide ongoing governance and backup in Microsoft 365 via Policies and Insights and Cloud Backup. These added capabilities are essential for a safe and effective workspace

2. Backup and Recovery of Microsoft 365 Data

Your customer’s cloud journey does not end in migration. Since the most important thing in the organization and to your customer’s business is data, it should always be available and protected. When there is a reliable backup and restore solution an organization can thrive with confidence in spite of possible challenges. However, data loss is common; that’s why recovery and restoration solutions are important to rectify such incidents.

When your customer’s data is migrated to the cloud, the risk of attacks increases. The image below shows the spike in the number of records lost each year. According to Dell Technologies, 68% of organizations are concerned about disruptive events such as downtime or data loss.

microsoft 365

Additionally, many organizations believed that Microsoft 365 can provide or covers a comprehensive backup and restore service. But the truth is, it doesn’t. In fact, according to their service agreement, they recommend adopting a third-party backup solution.


To move forward, MSPs should utilize comprehensive backup and recovery solutions fit for every work setup since most of the workforce is now working remotely. It could be cumbersome for MSPs to manage infrastructure, configurations, setup, and maintenance of a self-hosted backup service while a SaaS backup solution can provide total coverage plus the support and maintenance. But not all cloud backup service providers can offer everything, so here are some of the key points when evaluating Microsoft 365 backup solutions:

Recovery Point Object (RPO) – This refers to the granularity of the backup service. What contents are covered in the backup and can be restored, for example, are conversations and files in Teams covered? It’s important that the service can back up down to the conversations and files and be available to restore at any recovery point.

Recovery Point Object (RTO) – How quickly can the service restore the data? Does it provide a self-service option for your users to perform the restoration themselves? It is essential to provide a platform to users where they can do restores at any time.

Security & GDPR – The service should consider the regulations and security protocol as mentioned above.

Data Sovereignty – Customers should have options for where their backup data resides following some protocols.

Webinar Series How To Make Money With AvePoint Blog Banner 800x200 1

Challenges You Can Solve

User Errors and Malicious Insiders – Accidental deletions made by users.

Administrative Errors – These are mistakes made by admins when certain settings and policies are misconfigured resulting in data deletion.

External Threats – Ransomware can happen to any organization surprisingly easily; just one click and a customer’s data might get lost.

These factors are the very reasons why organizations should have a reliable and comprehensive backup and restore service. So, what’s a great backup solution that fits the above criteria? And how can MSPs sell backup solutions and make revenue from them?

AvePoint’s Cloud Backup is a 100% SaaS solution that provides automated, comprehensive backup and restore services for Microsoft 365, Salesforce, and Dynamics 365.

Deployment is fast and easy. M365 backup can be set up to scan and automatically begin to back up data in minutes, and the service comes with 24/7 support. There is also a Teams bot feature that can be easily accessed by users to perform certain restorations. Aside from providing a backup and restore solution, it is best to bundle with other Microsoft 365 management services to boost their value. This is important not only to guarantee a customer’s data recovery but also their long-term satisfaction. The image below shows the impact of bundling and how it equates to growth plus the difference in the cost.

microsoft 365

MSPs might start by offering a Security Risk Assessment to determine the exposure and risk of data in a customer’s current collaboration systems. Beyond underscoring the need for backup, this step can help start the conversation about value-adding governance and migration solutions to support a safe, consolidated workplace in M365.

Indeed, when a proper backup and restore solution such as Cloud Backup is deployed, collaboration security can be guaranteed. Here are 5 quick scenarios to further illustrate the benefit of Cloud Backup in securing Microsoft 365 data.

  1. Restore files granularly without restoring an entire SharePoint library
  2. Recover lost data caused by departing employees, deactivated accounts, malicious insiders, or ransomware
  3. Fulfill data sovereignty (either internal or regulatory) or retention requirements
  4. Access data during prolonged service outages
  5. Backup and restore advanced workloads such as Microsoft Planner and Microsoft Teams chats

3. Access Control Monitoring

Aside from migration and Microsoft 365 data protection, another key issue faced by customers is around permissions. As most of the collaboration activities done by users are related to sharing, whether of files or any other data types, especially sensitive and confidential data, they can be exposed and attacked if not monitored properly. While M365 allows end users to configure the permissions of who can access their files and data, it could be cumbersome for customers to monitor who can access what in the long run.

According to Ponemon Institute, 63% of the organizations don’t have visibility into the level of access and permissions for both internal and external users. 3 in 4 organizations cite that unnecessary third-party access as the cause of data loss. These numbers prove that without proper access control data loss can surely happen. However, users don’t have ways to know which data is sensitive and needs more protection.

There are native tools to determine or monitor permissions but only experts can execute such tools–plus it could be cumbersome to implement with bulk data. This is where MSPs can recommend third-party solutions that can easily do the work.

With AvePoint Policies & Insights, you will have the ability to gauge risk and remove access to sensitive documents by proactively monitoring and remediating policy violations. It also provides actionable security dashboards to highlight and track exposure (anonymous links, external user access) over time.

microsoft 365

Here’s a sample risk report dashboard that MSPs can present to the customers to further understand how the solution works.


You don’t have to be a Microsoft 365 security expert to deliver best-in-class collaboration security. PI’s simple, three-step process — identify, prioritize, prevent — visualizes reports for IT, security, and business units by consolidating disparate reports that contain thousands of unprioritized line items in the Microsoft Compliance and Security Center. However, Policies & Insights can go beyond reporting and determining risks. See the sample workflow below where potential risk has been stopped and prevented.

microsoft 365

Here are the core benefits of Policies & Insights that partners can present to the customers to adopt and gain revenue from:

  • Detection: Easily identify exposure, such as content with anonymous links or Teams with shadow users
  • Protection: Lock down at-risk or sensitive content by expiring or removing Microsoft 365 permissions for in-house or guest users
  • Automation: Build policies based on insights and best practices to enforce your tenant guidelines
  • Accountability: Time-based security dashboards demonstrate the business impact of administrative actions so you can show the value to your customers

4. Backing Up Other Clouds

As mentioned earlier, many organizations utilize other cloud platforms such as Salesforce, Dynamics, and Google Workspaces; MSPs should also cover these in their service.

Natively, these platforms have their own retention policies, but they’re limited and insufficient in the long run. In Dynamics and Google Workspace deleted data is only retained up to 30 days, while in Salesforce it’s only 15 days. If there is no third-party solution covering these cloud tools, data security and recovery will not be possible.

Salesforce offers a data recovery service but it costs extra and takes about 2 weeks to complete recovery, which is not suitable for fast-paced organizations.

With these given issues and challenges, MSPs can recommend the Cloud Backup solution designed specifically for Dynamics, Salesforce, and Google Workspace. What can Cloud Backup offer for these cloud tools?

  • One-Click backup: Automatically configured backups begin upon login; there is no need to manually configure the jobs.
  • Comprehensive restore: Quickly restore at the organization, object, record, and field levels (or point-in-time snapshots for Google Workspace), and restore in bulk or granularly
  • Encrypted, secure data protection: Cloud Backup is hosted in the cloud, utilizing Microsoft Azure Encryption; user account tokens add a layer of security to meet data compliance needs

There are also benefits of bundling other products with Cloud Backup to increase value. MSPs can also utilize that in this scenario by reselling licenses or an add-on offering to the main SaaS platform. Here’s a sample table for Dynamics 365 backup.

microsoft 365

AvePoint Partner Benefits

The Elements Partner Portal provides a simple interface for MSPs to not only keep track of customers but also easily navigate between customers and the cloud applications used to manage them. This is where partners can configure, manage, backup, and access comprehensive reports helpful to monitor customers.

With this, MSPs can equip with training, get customizable marketing resources, and avail product discounts to fit in the collaboration security market. Key benefits include generous compensation and incentives, 24/7 support, marketing opportunities, and more.

microsoft 365

Collaboration security is the future, and now you can take advantage of it to power organizations while gaining revenue from it. The market is growing and you can introduce AvePoint’s solutions to resolve common collaboration challenges customers face.

Subscribe to our blog to learn more collaboration security tips!

Adrian Valencia
Adrian Valencia
Adrian is currently a member of AvePoint's project management team. In his previous role as a Content Marketing specialist at AvePoint, Adrian covered the latest trends and topics on what’s new in technology, SaaS Management & Governance, SaaS Backup and Data Management.

More Stories