Today’s spotlight is shining brightly on an epic entrepreneur and cybersecurity-focused MSP from Canada, Jacques Sauve from Trilogiam. Jacques has been in the IT industry for 30 years and has a wealth of experience, including running his own company for 26 years. More recently, he has opened Trilogiam, a cybersecurity-focused consulting business near Montreal, Quebec, that focuses on the trifecta of assessments, managed services and consulting.
Tell us a bit about Trilogiam. How do you differentiate yourself as an MSP?
Based on my experience in the industry, I could see there was a serious lack of help around cybersecurity for the SME market. There are lots of IT partners out there and many of them will write cybersecurity on their website but just as a check-box item, to hit the buzzwords. I wanted to offer more than that. I could see that it was often the small companies who are hurting, whose data is being attacked, whose accounts are compromised. I decided to offer services to audit computers and networks and to give advice to small companies on their way of working, as well as their awareness around cybersecurity.
I offer an auditing service where I come in, run scans, generate some cool reports, and then make sure that I explain everything in a way that’s clear and concise, and without all that jargon and tech-speak which makes it tough for the client to even understand what problems they have. I specialize in offering high-impact simple things that prevent the risk of an attack.
A natural extension of that was to have an MSP offering, to take care of cybersecurity. I provide deep monitoring of Antivirus, patching, anti-malware, anything that can reduce risk.
And what brought you to Atera?
I had three things on my shopping list, so to speak when I was looking for an RMM and PSA. I needed to be able to patch customer systems, that was the most important thing. 60% of successful cyberattacks are vulnerabilities that the manufacturer has already patched. The second thing was to be able to offer remote support, and the third was that I wanted something affordable and simple. I despise those systems where every time you add another workstation or a couple of new computers you have another cost to consider. Atera hit all three of my must-haves, and after the trial, I could see it was exactly what I needed. The remote working has been great, I have one client who I’ve never even been on-site! I just sent them the Atera agent, and that’s it. I can manage it remotely, I’ve set up IT automation profiles for patching, and that’s great – that’s time back on my hands.
I also love the community and how responsive it is, there’s a lot of value in that, and I love how Atera works in a really agile way with updates every single month. It’s improving all the time. I can see from listening to others in the community that it’s also going to be really easy for me to scale as I grow.
All things we love to hear! Let’s talk some more about Trilogiam. How do you go about marketing yourself and finding clients?
A lot of it is word of mouth. I try to connect with organizations locally that can make introductions or who foster economic development. I recently joined a French podcast where we talk about cybersecurity, and that helps with my brand awareness. I definitely post on social media, local groups, LinkedIn, and I do my fair share of prospecting. I find that video content sent by email works well. Keep it short, about 2-4 minutes, and make sure that it’s personal.
I like to show the prospect from a security perspective the gaps that are already there. For example, I use https://haveibeenpwned.com/ and video myself checking their email address and how many times it has been involved in data breaches. Another tactic I use is aimed at those companies who say “No-one cares about my data, no-one is targeting me!” I set up a honeypot in a sandbox environment at home, where I opened up all the ports on my home router, and then I can log all the attempted attacks on my home user account. I see tens of thousands of attacks per day, and when prospects see this, that’s really powerful. You think nobody is knocking on your door, but these bots and systems, they’re knocking at everyone’s door. At one point I had something close to a million attempts in a single week, and when prospects see that, it really opens their eyes. You might think “No one cares about my data” but you know who cares? You do! You’ll certainly care when it’s being sold on the Dark web or exposed online and it’s your clients who are the victims. That’s why attacks happen in the first place.
What are your best practices when it comes to client management?
I see educating my clients as an important part of my role. I really feel it’s my responsibility to drive awareness that they need to care about this. I show them the most common passwords that are being used for brute force attacks, 123456 – somehow still the most commonly used password! I try to teach my clients best practices. One of the accounting firms I work with, the founder has got to the point where if he gets a suspicious email, he’ll take a photo of his screen and send it to me to show me he’s learned to spot a phishing email! I have clients who, when someone is coming in to make physical changes in the office, they’ll say – you need to talk to Jacques first. I’m always thinking about how I can mitigate risk for these clients and I love that they rely on me for that. Security can be a burden, and if I can stop users from being frustrated and manage risk without getting in the user’s way, that’s a big win.
In general, I also make sure that I set up regular touchpoints and stay communicating with my clients. It seems basic to me, but I always follow up after a client has a problem, check that everything is ok later on that day or a day later. That personal touch and communication often wow the client, but it’s all about being a real partner.
We love that. Thanks for sharing so much about your experience. Lastly, if we can grab just one more piece of advice – what tips would you give to an MSP starting out?
Build your toolbox. Find the tools that are right for you and your customers. The one thing I’ve always done, both in my previous company and when starting out again now, is to always build to scale. Make sure that the tools you’re using today will scale to suit you tomorrow. Now I have only a couple of customers at the moment, but I feel confident with Atera and with my cybersecurity toolbox that I have the tools that I can grow to 25 or 50 or 500 no problem. You want to have that from the start both in your processes and tools because once you start getting busy, that’s not going to be the time to start making changes.
Our Aterans always give the best advice! For more best practices on cybersecurity, check out our recent MSP Minds Webinar, a cyber-security deep-dive for you and your MSP customers.
