You are here

Back to top

Trans-Atlantic compliance company offers added business to MSPs

A relatively new business offering MSPs a compliance-building practice or add-on has been established, with a view to managing future regulatory issues as well as GDPR, and reaching globally with establishments in the UK and US.

Keepabl's founder, Robert Baugh (pictured), is a lawyer of 25 years' experience, the last 13 of which as General Counsel of VC-backed growth SaaS companies with development teams in San Francisco.  See our interview with Robert Baugh at this year's Managed Services and Hosting Summit in London in September.  His expertise, now available from the new company, offers:

  •  the legal skill and knowledge, including to translate complex regulation into simple advice, 
  • the experience of being the mid-market customer, implementing data protection and other risk management and compliance programs in organisations where Sales, Engineering and other teams are busily focussed on generating revenue, and
  • a technologist's awareness of how SaaS can help when the focus is on helping customers get the job done with as limited changes to their workflow as possible. 

While the IT industry and its fastest-growing part, managed services is still in the process of moving from break-fix to recurring revenue, there are signs of concern at how providers can differentiate themselves. Work by Gartner and others has shown that many customers see managed services in particular as offering little differentiation. Any channel looking for higher-margin differentiation among a standardisation of offerings needs to understand what customers will pay for, and expect.

Security has been a growing main practice area, with the birth of Managed Security Service Providers (MSSPs). But within this sector and the wider IT channel, there is a case for understanding the issues around compliance, privacy and being able to meet future demands in these areas.

Data governance is the area which many customers have been reviewing, and surveys ( show that compliance is the largest driver of data management initiatives for 50% of CIOs.

Customers still need to comply with GDPR and are still asking MSPs for help and for a future strategy.  MSPs are aware that, while information security is fundamental to GDPR, the regulation goes well beyond information security, but they often lack the knowledge and experience of compliance, it being a relatively recent issue in the industry.

So, MSPs are looking for a simple platform to use to bring GDPR into their trusted adviser remit, and start to build a recurring revenue practice based on GDPR.  But they want to do so with little or no financial investment and with little training.

Keepabl was created after Robert Baugh attended the Managed Services Summit in London in 2017 and heard MSPs struggling to find how to answer their customers' questions on GDPR and how to address customers' GDPR needs.  One year later and Keepabl was a sponsoring vendor at the Summit, with an intuitive Privacy-as-a-Service solution to help the average MSP build a GDPR recurring revenue line.

Keepabl is the single location for customers to record the personal data they process, suspected breaches and much more, he says.  From minimal data input by the customer (aided by the MSP), Keepabl automatically and instantly creates the reports customers and MSPs need to get the customer compliant, and maintain compliance.  Keepabl has plain-language guides to help across the service, and includes nice features such as email alerts when a breach report is started and being able to switch between customer accounts within Keepabl.

MSPs can use Keepabl to generate recurring revenue, with little to no financial investment, in several ways:

  • They can build differentiated professional services helping customers with their Privacy needs, such as a virtual Data Protection Officer (vDPO) service, and/or a Privacy Hotline with certain hours per month, all sold on an annual contract with monthly recurring revenue, 
  • Get a commission from Keepabl for the first customer-year from 10% to 35% depending on how much the MSP wants to make Privacy a business line or not, and
  • As part of a larger opportunity for further project revenue, such as the 'get compliant' project for GDPR, annual audits, and cross-selling solutions such as encrypted back-up, ransomware protection, business continuity, etc.