605 Inside the National Society of IT Service Providers

Transcript

00:02

Hello friends, Uncle Marv here with another episode of the IT Business Podcast. Your show for IT business support, whether you are a solo tech, emerging MSP, established MSP, or you do corporate IT. This is the show where we talk about all those things you need to do to support your businesses better, smarter, and faster. Today is a special audio show and those shows are presented by Super Ops.

00:33

and check out our sponsor page over at itbusinesspodcast.com Click on Super Ops and get yourself a nice little free trial to see what they can do to help your growing business. Our topic today is going to be about the National Society of IT Service Providers. And many of you know something is coming, whether it's regulation, more standards, blah, blah, blah.

01:03

And we need a seat at the table because a lot of us know we don't get the proper recognition, the proper respect that we deserve. And I've asked my good friend, Amy Babinchak to come back and chat about that and give us some updates and help us understand what is the NTISC. I messed it up already.

01:28

The N-S-I-T-S-P. It just rolls off the tongue, Marv. I know it's a problem. What are you going to do? Oh, God. Amy, how are we doing today? I'm doing all right. And you're doing just fine too, Marv. Yeah. It was rolling off earlier, but man. I know it. You had it. I heard it. All right. I heard it. So Amy, you and Carl, I believe, Carl Palachuk, good friend of the channel. I don't...

01:57

Did you guys start this together or did Carl start it and pull you in? How did all that begin? We kind of started together. We were talking about it for a while and then we launched it with Carl as the executive director and he is the president of the board. And that was a little more than two years ago now. And two years has flown by, hasn't it? It has, it has.

02:25

You know, and I think, you know, last time we kind of talked about what it's like to grow a national organization to put all that framework into place. Because we know this is what the industry needs. This is going to be a big thing. Eventually, if the framework's not there to support it, then it won't succeed. And so we spent like the whole first year just doing that. And we've got some brilliant people who showed up from our industry to.

02:55

to help make that happen. Yeah. So I guess we should kind of describe what the NSITSP is and why we need it. I think most of us that have been in business understand that if we walk into, let's say, a body shop, that those body shops usually have a national set of standards that they have to follow.

03:24

their technicians have to qualify through some sort of accreditation or schooling, electricians have that, plumbers have that. We've tried to do that in our industry, but there's nothing that says you can be regulated by the government, at least there hasn't been in a while, and I think that's what everybody's trying to do now, right?

03:55

I haven't actually seen them try to do that yet. Okay. But I think they will. I think it's the natural progression of an industry. And if you think about our industry, we're pretty young. We're about 40 years old. And when Carl and I were talking about founding this thing, we kind of looked at other industries to see what they did and when they did it. And we found out like lawyers about 40 years into that.

04:26

industry as we think of law today, like kind of existed before, but as we think of it today, was about 40 years before they established the bar. And we're in that, we're kind of in that same space now. And I, your analogy that you were using to the, you started off with the body shop. The auto industries are really good ones because you think about the problem from the consumer point of view, right?

04:56

You know, Marv, anytime you go to talk to a potential client, they really have very little idea what it is that you're actually going to do. You can sort of tell them, but they don't understand it. A lot of times, they're hiring you based on the idea that, hey, we had a great meeting with Marv, and we kind of like him, and we're convinced he represents a good IT firm, and we're going to hire him. But they have no evidence on that. Right?

05:26

Whereas if I go up to, I got a place up here called Uncle Ed's Oil Change, I'm not going to go up there and ask them to put new tires on my car. I'm not going to go up there and ask them to troubleshoot an electrical problem in my car or change a transmission in my car, because I know people working at the oil chains are pretty basic oil change techs, right?

05:55

change your oil, they change your wiper blades, that's about it. That's the extent of their skills. We have people like that in our industry. Going up another level, you know, you got the mechanics, you got certified mechanics, you have people that specialize in electronics in automotive, and we all know that...

06:18

That represents a different skill set. And we as consumers can understand that pretty easily and know who we need to go to hire to get jobs done for us. The consumers of IT services, they got nothing. And that disturbs me a little, right? Well, it's not just that they don't know. I mean, when you go into one of those body shops, you're going to see back behind the counter,

06:46

their certified tech diploma certificates, they're probably going to have a big old thing that says i-Car certified or whatever the industry is. i-Car is big in my mind because I worked with body shops early on and that was huge, the one that they did. Most of our clients don't come to our offices, at least if we're outsourced service providers or MSPs.

07:14

So they're not going to see that unless we stick it on our brochure, our sales literature. And even then, they're still not going to know. A plus and network plus are probably the only two that some people might know because they've been around forever. Maybe. Yeah, I'm not sure if the general consumer knows that or not.

07:39

Yeah, you know, there's we have no lack of educational opportunities in our industry. So we don't necessarily need we don't have to reinvent the wheel. The wheel is already out there. We just have to make it understandable to people, understandable to the consumer of our services and to convince people in our industry that it's necessary. Right. That's part of the it's part of our challenge as well. You know, if we switch a little bit and look at the accounting industry.

08:10

In order to, you know, I've got my neighbor down the street who can help balance a checkbook, and I've got, you know, a bookkeeper who can do some basic data entry stuff and run a few reports. I've got an enrolled agent with the IRS, and then I've got a full CPA. Each of those are different skill levels, different roles, and when you get to those two top tiers that have, you know, they've got letters behind their names,

08:39

continuing education requirements in order to keep those letters behind those names that gives them the ability to charge a premium for their service. And I definitely see our industry going in that direction for sure. That's not the only thing that we're doing over at NSITSP. I don't want to overstate that because we're only at the point of sort of talking about.

09:06

accreditation and talking about how, what are the steps to move our industry in that direction. We don't want to keep anybody from entering this industry the way that we did and going out and hanging out your shingle and saying I'm here. But we think that that's important. But there should be a career path progression from I'm hanging out my shingle and I'm here to I'm this level now.

09:36

And I deserve a premium rate for the services that I'm offering. And being able to document that stuff, instead of the consumer just having to take your word for it, to be actually able to document it.

09:55

So when I was doing some looking up on the website and some other stuff, I get the sense that there's really two main peers. One is to kind of promote these codes of conduct, sort of what we're talking about with a standard of care. Standard of care is like the hospital term that we're familiar with, right? There's a standard of care with which we need to treat our customers' computers and data.

10:25

And then the second part of that is to improve, let me see if I can say this properly, the perception and credibility of the IT industry. Yeah, so we, yep, that is one of our pillars. And to that end, we did create an ethics statement, which members can download, use it as it is.

10:54

or modify it, but post it to your business and say, yeah, we operate ethically. This is who we are. That's kind of what I was talking about, of one of those first steps toward professionalizing this industry, to actually have people state that they operate under certain codes of ethics, and just put it out there and make it public, commit to it.

11:24

And then the other thing that we're working on too is a code of conduct. And that movement is just sort of getting underway. One of our committees is the governance committee, and they'll be working on that code of conduct for IT professionals. And so if you want to talk about getting involved in the organization, everything we do is done in these committees. And then

11:52

So it's all designed by people in this industry, for people in this industry. We're an all IT services organization.

12:06

So I'll go ahead and mention the site now, which we'll refer to obviously later. So nsitsp.org is where we can go and find out more information, get involved, find out about the committees. Amy, I wanted to ask a question because I think when this first popped up two years ago, maybe even before that, the big push was,

12:35

We know that there were things coming down the road. Certain states, certain countries were starting to put out legislation that was going to affect us. And we basically wanted a seat at the table. We didn't want somebody like the insurance companies, like they're doing with the cyber insurance. We didn't want them to start to dictate.

13:02

what we should or shouldn't do in terms of protecting networks, because they don't really, I'm not going to say that they don't know, they probably have some people advising them, but they don't have people advising them down to the level that most of us are dealing with on small business. You know? And they definitely, they're doing it, aren't they? They are dictating what you have to do in the networks that they're going to ensure. Yeah, if our clients want insurance, you got to do these things. Right, yep.

13:31

And not only that, but I hear from people in the insurance industry telling me that there are apps being developed, and a couple of them are out there already, for the insurance industry so that they can actually put it in your network of the companies that they're insuring to track and make sure that those security controls are in place and that they don't get changed.

14:01

They're quite serious about forcing the IT industry to stand up to standards that they are setting, not standards that we are setting, but standards that they are setting for us. And that's because we don't have a seat at those tables. When we talk to legislators, and we're probably going to, you and I are going to talk about this a little bit too, I know, but when we talk to them, the first thing they say is, who are you guys?

14:31

Like we, they know what an MSP is. They know there are people working in the IT services industry, but they don't know how to contact them. They don't know who represents them. Right. Is we don't have anybody who represents us until now. And, um, that's what they're looking for. And so in the absence of an organization that can represent the industry, the insurance companies, the legislatures, they just do whatever.

15:01

they think is best as opposed to what we know is best. Well, since you mentioned that, I want to go back and ask because I know that there were people that said there are already organizations that exist. I don't want to say on our behalf, but should be, and I'm paraphrasing from other people, this is not what I'm saying.

15:27

So don't send me emails, folks. But the question has always been, there are organizations like CompTIA, like ASCII, and other groups that why aren't these groups stepping forward to help us in this quest? Do we know the answer to that? Well, you'd have to, for sure you'd have to ask them, but my take is it, from having talked to them, is that they have other missions.

15:57

CompTIA's mission is to prepare the workforce to be eligible for jobs in the industry. That's their mission, right? ASCII's mission is they're effectively a buying club, right? You join ASCII, you get discounts from vendors, you attend their events, you get some education from the vendors again.

16:26

That's what they do. Neither one of them is poised or interested in creating an organization to represent the industry. Because frankly, there's no money in it. CompTIA may be a non-profit, but they make hundreds of millions of dollars a year from their certification programs that they then turn around and use those to promote

16:56

more people getting into the tech industry, right? They're, they're jobs focused. Um, and ASCII is a for-profit corporation, right? They're, they're out there to connect vendors to the people that, the people that need their product. Um, they're just not, it's not, not in, not in either of their mission to create a professional organization for this industry. Right. And.

17:27

a lot of time and effort that goes into doing this, especially when you're asking to have a seat at the table, which might end up, you know, sitting in front of Congress one day. It might. Hopefully it will someday. You know, we do have we do have two seats at the federal level right now. So we've gotten two committee placements inside of CISA. So they

17:56

recognize that we're representing the industry. And we're not the only ones at that table, but we're starting to make some inroads. We have a really active legislative committee. They are putting together legislative tracking so that you're going to be able to go to our website and see a calendar for your state of what's happening.

18:26

from the legislative perspective in IT and cybersecurity, privacy, compliance, all those things that those they're struggling with. So we're going to have that, they're working on getting that together right now. They have developed and are continuing to put out legislative education. And we're in no way big enough right now to go out and lobby anyone,

18:56

really expensive proposition. But what we are doing is training our members to be able to self-represent, right, to teach you to be able to go out, get the meeting with your local legislators because when they have an IT question, who are they calling? They're calling the people they know and if they don't know you, they're never going to call you and get your opinion on some legislation that's happening. And so,

19:25

We're working on training people to be able to do that.

19:32

Now all of these things you're talking about, these are all going to be accessible on the NSITSP website, right? Yep. Okay. Yep. These are things that you get access to when you're a member. We're also doing a couple of webinars a month. There's one they call the AI Roundtable, which is about all things AI, and it's kind of a wide ranging topic, but they've got some really interesting.

20:01

speakers there about leveraging AI for your business, understanding the compliance and security concerns of AI and just really trying to educate ourselves in depth about what this is going to mean for IT professionals going forward and how we need to interact with it and how we need to approach it with our clients too.

20:29

So you mentioned CISA, that's something I've been paying attention to. Back in 21, they came out with their Cyber Essentials Starter Kit, which just basically the IT professionals guide that talked about cybersecurity, security awareness, protecting your systems, protecting your digital workplace, your data, blah, blah, blah, all things that

20:58

they came out with and we need a seat at the table to talk about it. So- Yeah, you know, they come out with that and they say, hey, this is what small business, medium business should be doing. You know what the next step on that is? Like, oh, we provided the guidance and the people in the industry didn't take it up. Right. So we need to put some teeth behind it and then it turns into legislation.

21:27

Right. So this is the way that government works. Let's put out some guidance for the industry and see how it goes. Oh, it didn't go anywhere. Well, let's shake them up a little more. Yep. Let's start putting some fines and fees and stuff on it. Yeah, exactly. So there's a lot that we have to keep up on. You know, we used to just sort of fly under the radar.

21:53

We're not under the radar anymore. You know, ransomware changed that. Yeah, it did. So I know you and I had talked briefly, but we know that in the last couple of years, there were some things that were happening. Now, I don't want to talk about what's happening across the pond because stuff happens over there, but already here in the US, we know that there were a couple of states trying to push some legislation that was

22:23

directed towards MSPs. We know that, I'm going to assume every state, if not, now is working on some sort of laws that protect consumers and businesses. You guys keep track of- Every state has privacy regulate, data privacy regulations now. Which, you know, being the United States means that if you're a multi-state

22:53

company, it's a headache for you because you've got 50 different privacy regulations to deal with. And last, in this last year, one of the things that we also did at NSITSP, because some of these states were coming up with, they're kind of putting their toe in the water of regulating our industry. And so what they, what they've talked about was

23:23

um you know making some kind of licensing situation and so we so here's an alternative how about we just force all the businesses that are claimed to be an it to actually register with the state that they're doing business in and so we like even something that basic because we do have people and you've probably run into them right they're sort of affectionately known in

23:53

They're not actual legit businesses. And so just saying, hey, if you're working in IT, you need to register your business with the state. That's a small, tiny step forward. And our legislative committee, in cooperation with a couple of lawyers and experts in this field, developed some model legislation for states

24:22

to look at. And we didn't push it out to any of them, but if they're looking for it, they've now got somewhere to come to say, hey, here's instead of looking at licensing, let's just look at.

24:38

tagging away for, for at least for the consumers to say, oh yeah, this is an actual legit business here in my, in working in my area. Which should just be a basic business thing, you know, basic to be registered. I mean, I remember when I started, I had to register not only for the state, but for the city I was in.

25:00

and the county I was in, which at the time I thought was, oh my goodness, this is ridiculous. But I had, and I had to get two licenses. I had to get one license for the business itself. And then I had to get a license for, I forget what it was called. It's a, basically for the moving of computers because I was going to be a mobile repair. And you know, I know that 50% of the people out there didn't have to do that stuff.

25:30

But yeah, just simply registering as a business, being legit above board is huge. But yeah, it's amazing how that should kind of, at least for now, stem the tide of having us register somewhere. Well, you know, if, again, you know, I always like to look at this stuff from the consumer.

26:00

point of view, right? Should be like you said, that is just basic business. But so many people who claim to be in our industry are just not even doing that level. And the consumer deserves to know that. Right. And you and I deserve to know that. So that we don't have to directly compete against those people, right? Well. We can say, yeah, I am registered with the state

26:30

as an IT services business, right? Well, I don't look at it just from the standpoint of competing, it's the standpoint of, stop making me look bad. Right. I mean. Yeah, that too. Like, I don't want to be thrown into that basket with you. Right. No. So, very interesting there. So yeah, so those things have been coming out. I told you I had found, or I hadn't found it, but they've been talking down here in Florida.

27:00

It was just signed. And it's a very simple, basic thing, the Florida Digital Bill of Rights. It's basically a data privacy law, like you said, that goes into effect on July 1st. And it grants Florida residents certain access and control rights over their personal data. And then it throws in a bunch of other stuff. And so when I went and looked at this online, it actually falls under

27:29

a very small section of a very large chapter in the Florida state, chapter 29, that's got like three books of all the things that the state of Florida is saying that IT service providers, I shouldn't say it that way. It started at the state level and it's starting to trickle down. It was meant for big tech that they're starting to kind of trickle down to small tech.

27:59

People should know what that is. But then there is this it's going to be overseen by the Department of Legal Affairs with civil penalties up to $50,000 per violation. Yikes. Yeah, that can add up in a hurry. Yeah, and you know in Florida, you know, Florida man down here, you know, who likes to fly as if we're in the wild-wild west. That that could shut down some businesses pretty quick.

28:29

Yeah, I mean, per violation, that probably is per document, right? That's how they're going to that's how they're going to do it. You might think of that as a per incident. And it, you know, encompass these 1000 documents, they're going to say that was that was 1000 incidents. Right? Yeah, something like thousand dollars each. Yep, something like HIPAA, you know? Yep. It's not the breach. It's how many how many patients records were affected? Yep.

28:59

Exactly. Yeah, so those things are going to continue to happen until we organize ourselves into an agency that matters, a society that matters. And you and I were talking. We have an individual membership for $125 a year. Super cheap. We have a corporate membership.

29:25

your IT business, which is $150, starts at 150. It'll go up if you have a bunch of employees. But, and you said to me, well, none of my people will do anything. But you know, it matters, numbers matter, right? When we go to CISA or we go to the state of Florida and we say, hey, we want to come and talk to you about this digital privacy.

29:54

situation. I said, well, who are you? Well, you know, we represent 10,000 IT professionals. And they're like, oh, okay, yeah, come on in. We should talk to you. Well, if we say, oh, we've got, you know, 300 members, they go, huh, well, we might have time for you just show up and, you know, wait in the lobby and we'll see if we can give you three minutes. Right? Right. It's a different, different level. So we

30:23

we need numbers in the organization and joining your company. And then registering all those associate members is what makes a difference. And when you're a company member, you can still get one vote, right? So an individual professional member gets one vote, a corporate member gets one vote, all your other people are going to be associate members. So they're...

30:48

Members of the organization, they're going to be able to attend all the educational stuff. They're going to get all the other benefits. They're just not going to be able to place votes when it comes time to elect people or approve that code of ethics statement or any of the things that are going on in the agency. So we did that on purpose so that large businesses can't dominate over small ones, that we all get an equal say in the.

31:16

you know, in, in the voting and, and in our industry, because we've seen that happen, right? Where, you know, a big player can come in and sort of just change the game to the one that they want to play. And, uh, that's, that's never going to happen here, right? We're all, we're all, we're all equals. We're all in our industry as, as individuals. And, um, that's the way, that's the way that we shape the organization. Yeah.

31:44

And it's not that they're just kind of token members. These are, these members of your company get full associate membership status. So they get access to everything on the website. They can participate in the education. And like you said, the tiers are relatively, I mean, $150 for one professional member and four associate members.

32:14

That should be a no-brainer. Total, total no-brainer. That's super, super reasonable. You know, get everybody in. We need those numbers, get active. You know, your staff, right? Even if they don't get active right away, they should put that on their resume. Associate member of the National Society of IT Service Providers. Yep, yep. Logos are easily downloadable.

32:42

and attend all of the webinars and online events free of charge. Absolutely. That's huge. So Amy, what's like been the marquee thing that has happened recently or the thing that's coming up that we really need to pay attention to? Well, in September we hired, we hired and she came on board.

33:11

We hired an association management firm. So we do intend for this organization to be run in a very professional manner. We interviewed and we sought them out. We have professional management now. Nicole is our new executive director. Carl has stepped down from that position. He's our founding.

33:41

executive director and he's an advisor to the board, but we now have a professional person in that in that place. And so that was a huge step forward in the maturity of the organization. Right, remember what I said earlier, we're trying to build this framework out to be a large national organization that's going to hold tens of thousands of people. And so

34:09

Getting that in early on was really important to us. And then what's coming up? The marketing committee has two webinars that they put on every month. And the legislative committee has two webinars that they put on every month. And those are things that everybody can get involved in all the time. So.

34:36

Keep an eye on our social media accounts. We've got them on LinkedIn and Facebook. Probably LinkedIn is the best place to get those. When you're a member, of course, you'll get the newsletter as well, and you'll get notifications of what's coming up so that you can get involved there. And we encourage everybody to get involved with one of those committees because they are hardworking people that are actually making it happen.

35:05

for our industry. And you've got five committees listed on the website now. So there should be a committee for everyone, not just marketing, finance, legislative, governance. Yep, and you don't have to be an expert in those areas. You just need to bring your experience as an IT professional working in this industry of what's important.

35:32

All right, so nsitsp.org is a place to start. Very simple. Get involved, become a member, very quick application. Sign up as an individual or a company. If you have employees, especially if you have multiple techs, sign them all up. And that's going to make us much more visible when it comes time to ask for more seats at the table.

36:01

and for them to take us seriously.

36:04

And that is something I want. 20, let's see, 20, I think this is year 27 for me. And yeah, I still have to fight to be taken seriously. It's ridiculous. It is ridiculous. And so, join us, let's do something about it. That.org does indicate we're a nonprofit, we're a nonprofit membership organization, which means that your...

36:34

Membership, it's not tax deductible, but it's expensable, which is even better. So you can just mark that off on your expenses for your business and you're good to go. All right. Well, Amy, thank you for hanging out once again. This has been very educational, very enlightening, and hopefully we'll get more people involved. I am signing up. I was somebody.

37:04

true transparency, I kind of sat on the sidelines for a while, wanted to see where this went. There's a lot of people sitting on this to tell me that, like, I was just waiting to see what actually happened with this, like if it was going to, it was here for the long call. But we're here, we are here for the long call. So I'm glad to hear that you're joining. Well, I'm going to not just join just to assist. I think I

37:30

need to accept a role in helping push it along. So I will wave the flag now. Thanks Marvin, thank you very, very much. Everybody join and help us in this quest. Long time coming, we need to do it. So, appreciated that. Amy, thanks a lot for hanging out. We'll see you again soon. All right, thank you for inviting me. All right, ladies and gentlemen, that's going to do it. Check out the website for all the other shows.

37:59

Sign up on your pod catcher on YouTube, LinkedIn, the Facebook, and keep apprised of everything that we've got going on. And yes, you will see me waving the flag for the NSITSP. Got the initials right on the way out the door. We'll see you soon. Thanks a lot. All right, everyone, take care. And until next time, Holla!