SMB Community Podcast

NinjaOne’s reported growth and positioning within the MSP software landscape presents a notable development for service providers evaluating vendor ecosystems. According to statements reviewed by Ryan Morris and Dave Sobel, NinjaOne claims an annual recurring revenue (ARR) exceeding $500 million, a valuation above $5 billion, and a customer base of more than 35,000. This self-reported data, while not independently verified due to NinjaOne’s private ownership, places the company within the top tier of platform providers for endpoint management, alongside ConnectWise and Kaseya. The expansion and platform focus suggest material choices ahead for MSPs considering stack consolidation, endpoint management, and integration requirements.

Supporting analysis from Dave highlights trends in the categorization of platform players, noting shifts among vendors such as Enable, which is repositioning from the MSP infrastructure platform to the security domain. The discussion raises a technical consideration: the evolution from API-driven integration toward emerging orchestration standards such as MCP servers, though details from vendors remain limited. MSPs are advised to understand tier distinctions among platform providers and carefully assess how these shifts may affect integration, security posture, and operational alignment.

Adjacent topics explored by the speakers include the risk and tradeoffs involved in vendor onboarding, M&A (mergers and acquisitions) processes, and the relevance of business continuity strategies. Ryan Morris and Dave Sobel critique extended, six-month vendor evaluation pipelines as potentially eroding competitive positioning in a landscape characterized by rapidly evolving technologies, especially AI-driven tools. Additionally, the episode revisits the skill set of the IT generalist, acknowledging that while specialist expertise remains essential in domains such as security, contemporary AI adoption demands generalist capabilities for validation, interpretation, and curation of technology outputs.

The podcast asserts several operational takeaways for MSPs and IT leaders. Prioritizing process documentation and standardization enables scalability and business value beyond the presence of individual owners, as financial professionals weigh factors such as repeatability and owner-independence in valuation. Businesses should balance rigorous stack control with responsive, customer-centric experimentation, managing the pace of change in vendor portfolios and technologies. In M&A scenarios, the speakers caution against overly formulaic approaches, emphasizing contextual evaluation of fit and motivation to mitigate post-transaction dissatisfaction. Collectively, these themes stress the need for ongoing adaptation, systematized governance, and objective risk management in MSP operations.

Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The episode centers on profit margins and service mix strategies for MSPs, emphasizing the importance of maintaining recurring revenue margins above 50%, preferably targeting 65–70% for long-term sustainability. Industry averages indicate recurring revenue margins as low as 35%, which Speaker B and Speaker C note presents a risk to driving profit down to the bottom line. The discussion identifies that margins tend to erode with organizational growth due to overhead but underscores the necessity of regular price adjustments built into client contracts and regular scrutiny of margin performance as core practices to avoid financial shortfalls.

Supporting these observations, Speaker C advises MSPs to gradually move from lower margin brackets to achieve at least 50% in recurring services, acknowledging this transition typically requires sustained effort over several years. For professional services, a margin range of 40–60% is considered attainable, with 50% as the practical target. Regarding income mix, respondents suggest 70% of revenue should derive from recurring services and the remaining 30% from professional or project-based work. Both speakers highlight that smaller MSPs may achieve higher margins, while competitive pressure and organizational complexity often erode these numbers.

Adjacent discussions address operational and security challenges. The show covers recent FBI public service announcements warning of increased cyber threats originating from Russian and Iranian actors, specifically targeting government, political, and journalist entities. Speaker C and Speaker B recommend that MSPs communicate only the most relevant advisories to clients to avoid information overload, framing updates as evidence of service diligence rather than sources of alarm. In addition, Microsoft’s new AI security dashboard in Microsoft 365 is reviewed, which uses Defender sensors already present in Windows 11 devices to provide visibility into AI activity and configuration security at no extra cost, provided suitable licensing for Defender is in place.

The operational implications for MSPs include the need for rigor in pricing models, clear partnership agreements, and transparent communications with clients about both technology changes and external threats. The recurring emphasis on risk management, margin preservation, and responsible client engagement reflects a harm-reduction mindset. Regular contract reviews, maintaining consultative relationships, and avoiding over-communication of security issues are presented as accountability measures that support stability and trust in MSP operations.

Question of the week: What margins should I be targeting? And what is the mix that I should be shooting for?

Recurring

Professional services

Product sales

 

Talking to clients about international affairs. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are jointly issuing this public service announcement (PSA) to warn the public about ongoing phishing campaigns by cyber actors associated with the Russian Intelligence Services (RIS) targeting commercial messaging applications. The activity targets individuals of high intelligence value, such as current and former U.S. government officials, military personnel, political figures, and journalists. https://www.ic3.gov/PSA/2026/PSA260320

 

The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate information on malicious cyber activity conducted by actors on behalf of the Government of Iran Ministry of Intelligence and Security (MOIS). Specifically, MOIS cyber actors are responsible for using Telegram as a command-and-control (C2) infrastructure to push malware targeting Iranian dissidents, journalists opposed to Iran, and other opposition groups around the world. This malware resulted in intelligence collection, data leaks, and reputational harm against the targeted parties. https://www.ic3.gov/CSA/2026/260320.pdf

 

New AI Security Dashboard for M365.

Requires Defender onboarding to be effective 

Check it out: https://AI.security.microsoft.com

Learn: https://techcommunity.microsoft.com/blog/microsoft-security-blog/security-dashboard-for-ai---now-generally-available/449463

 

Amy’s class is now available for purchase at Coassemble. 

This is her Create your AI Service Package. 

The purpose of the course is to consider all of the things that you might want to include in your offering. https://www.thirdtier.net/2026/03/20/create-your-ai-management-package/ 

Coassemble: https://coassemble.com/c/0ZKD2Z

Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Microsoft’s decision to increase pricing across its Microsoft 365 product suite, excluding Business Premium, is a notable development for MSPs and IT service providers managing client subscriptions and budgets. According to discussion on the SMB Community Podcast, the price hikes range from 8% to 30% across various plans and products, with only Business Premium escaping the adjustment while still adding new features. Microsoft is also expanding mailbox storage, with each mailbox now receiving an additional 50GB, raising the individual mailbox limit from 50GB to 100GB.

Additional details provided in the podcast highlight that Microsoft Business Premium continues to receive feature enhancements without a corresponding rise in cost. Upcoming functional improvements include expanded AI capabilities for Microsoft Chat, which will offer agent-based access to documents and files within the user’s tenant. The licensing distinction is important: while the unlicensed version of Chat requires manual document uploads, the licensed version allows AI features to operate securely within the organization’s environment, keeping sensitive data contained and not exposed externally.

The conversation also explored sales strategies and portfolio management for MSPs. Both hosts endorsed a harm-reduction approach to client engagement, advocating for saying “yes” to a broad range of customer needs to protect client relationships and avoid driving clients toward competitors. They noted that even if a requested service is outside of a provider’s core competencies, partnering with another vendor or project-managing the solution maintains client trust. Discussion further addressed the operational and valuation benefits of vertical specialization, particularly as MSPs grow beyond $2 million annual revenue, given higher buyer valuations for vertically focused firms.

MSPs and senior IT leaders should review Microsoft’s pricing adjustments in detail to mitigate downstream risk for their own margins and client contracts. Decision-makers are advised to analyze service offerings and clearly communicate distinctions between licensed and unlicensed AI features to minimize operational and security risks. Adopting a client-aligned engagement model—being prepared to source or manage non-core solutions—can reduce customer churn but may also require revised processes for vendor selection, project management, and risk evaluation. Specializing in key client verticals may enhance firm value in acquisitions or exit scenarios.

 

Microsoft Community Days: https://www.communitydays.org/Find one coming to a city near you!

How can MSPs better communicate their full service offerings?  Amy’s blog about saying yes: https://www.thirdtier.net/2024/04/02/amys-sayings-the-answer-is-always-yes/

Should MSPs have a VERTICAL MARKET FOCUS?

MICROSOFT IN THE NEWS: Microsoft Suite prices (except for Business Premium) increases and no more grace period for your data

https://www.sysdrive.net/two-microsoft-365-changes-coming-in-2026-that-every-business-should-know-about/

Microsoft Business Premium accounts get additional 50GB per mailbox https://www.microsoft.com/en-us/microsoft-365/blog/2025/12/04/advancing-microsoft-365-new-capabilities-and-pricing-update/

Copilot Chat without a separate license will be able to see into Outlook and Office products. And work as agents. But you have to upload the data into them. Does not have the same level of protection as the licensed version. E3 and E5 are getting the Intune Suite. It’s a lot of device management features, but one of note is Remote Help.

Restaurant Human Robot goes BERSERK in a Cupertino California after employee hit the wrong button https://www.thedailybeast.com/restaurant-staff-struggle-to-restrain-dancing-robot-causing-dining-room-chaos/

 

Resources and Events for MSPs:

 

Third Tier’s Continuing Education Program: https://www.thirdtier.net/2026/03/20/stop-drowning-in-m365-security-changes-join-our-continuing-education-program-for-admins-and-security-pros/

                    

Small Biz Thoughts Community for MSPs: www.smallbizthoughts.org

Engage with us at www.smbcommunitypodcast.com

Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

https://www.theinformation.com/articles/iran-war-imperils-300-billion-gulf-ai-spending?utm_campaign=article_email&utm_content=article-16718&utm_medium=email&utm_source=sg

The war: The USA has bombed three data centers owned by Amazon. This is the first time I've seen data centers be targets. It won't be the last. 

The war: Middle eastern countries have promised $300 billion in AI infrastructure investment. Some in their countries and some in ours. That investment is in  jeopardy now as the bombs fall.  

Memory Costs Squeeze Entry-Level Hardware as Suppliers Capture Margin Upstream

 

Apple’s $599 MacBook Neo Signals a Split Hardware Strategy, Not a Budget Play

 

Big announcement from Microsoft. A long rumored and asked for E7 plan. Finally, Microsoft announced the Microsoft 365 E7 Frontier Worker Suite, also available from May 1, priced at $99 per user per month. The bundle combines Microsoft 365 E5—long the company’s premium business productivity suite—with Microsoft 365 Copilot and Agent 365. It also includes the Microsoft Entra Suite and advanced Defender, Intune, and Purview security capabilities. It'll sell for $99 . The $99 price is below what customers would pay if they purchased these capabilities separately, according to Microsoft. The component pricing of the constituent parts—E5 at $60, Entra Suite at $12, Copilot at $30, and Agent 365 at $15—adds up to $117 per user.

 

https://www.linkedin.com/news/story/openai-hardware-chief-resigns-over-rushed-pentagon-pact-7064308/?lipi=urn%3Ali%3Apage%3Ad_flagship3_feed%3Bx3AKUbDJSbm6nGyejyaodg%3D%3D

 

 

UPCOMING CHANNEL EVENTS:

   

Mastermind LIVE Event – San Diego March 26-27th

https://portal.kernanconsulting.com/mastermind-event

Exclusive Small Biz Thoughts Community Members Live Workshop: How AI Helps MSP Radio Production…and Where It Doesn’t Help. 

Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

A significant risk area discussed is the challenge of “invisible work” in managed services due to increasing automation and the adoption of artificial intelligence (AI). Customers, according to participants, increasingly lack awareness of the work being performed on their behalf, which raises doubts about the value of services provided by MSPs. With prices for services escalating, clients are demanding higher-touch engagement and visibility into operations, creating a disconnect between automated backend activities and client expectations for tangible service.

Supporting this, hosts cited the difficulties in proving the value of proactive prevention, such as security incidents that did not occur, and noted that with further automation, particularly through AI, this challenge will intensify. Customers may question why they continue to pay elevated fees if tasks can be completed by AI or low-cost competitors, amplifying price pressure and the potential for misaligned perceptions of value. Examples included references to the current technology stack, where some tools cost more to integrate and operate—particularly with new AI workloads—than previous turnkey supplier models, often with increased operational complexity and support risks.

The episode addressed secondary risks stemming from overreliance on both small, unproven vendors and on large-scale automation. Hosts highlighted the volatility of new entrants in security and infrastructure, pointing out that many lack lifecycle support or robustness, making them unreliable partners for business-critical tasks. Recent events, such as the OpenAI boycott following its Department of Defense contract and operational disruptions at AI provider Claude, were used to illustrate instability among technology suppliers. The conversation also covered the risks of unchecked AI deployment, with examples from military and financial sectors where automation led to errors or was used to rationalize significant workforce reductions.

The practical implications for MSPs and IT service providers center on maintaining transparency with clients, reassessing vendor risk (particularly with AI and new software providers), and calibrating expectations for automation. The hosts recommended reinforcing client communication regarding the nature and value of services, conducting due diligence on technology partners, and aligning automation strategies with operational risk management frameworks. Emphasis was placed on the need for ongoing human oversight, especially where automated decisions could lead to adverse outcomes, and on approaching AI adoption as a phase for careful experimentation rather than wholesale business transformation.

Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.