As the average cost of a data breach to a U.S. company in 2018 was $7.91M according to Norton, it is paramount that private equity managers understand the complete underlying IT ecosystem of their portfolio companies before making such investments. In addition to having a dedicated IT resource (internal or external), managers also need to maintain a shortlist of ITDD and compliance partners who provide support to in-house operations, including the investment valuation and on-boarding process
When it comes to IT, there are many boutique service providers offering their services to private equity industry, ranging from hardware servicing all the way to managed cybersecurity; regardless of which service providers are being used, an evaluation needs to be done in order to properly integrate them into a firm’s management structure. Because these companies often have limited access to talent, resources, solutions and partnerships, it’s no surprise that problems arise when reviewing each portfolio IT partner.
To improve the review process, optimize portfolio management and auxiliary in-house operations, and reduce portfolio cyber and IT risk exposure, a single-source MSP like RFA is useful strategic partner for the following reasons:
- Simplification: the entire IT infrastructure and end-user systems of a GP and its portfolio companies can be supervised holistically by an institutional quality vendor partner that manages all ancillary service providers in the ecosystem. By creating a standardization, or a certain benchmark, the process is substantially simplified, and overall risk exposure of the GP and its investments is reduced, thus improving the likelihood of better return streams.
- Improvement of Risk Exposure: MSPs by their nature develop and manage bespoke solution frameworks. Each framework is created to fit a manager’s specific needs and can easily gain access to any technology by funneling the service through their vendor agnostic ecosystem. Because of this, MSP’s actively upgrade their service and talent resources, ensuring that the portfolio company receives the best-on-market solution that continually evolves to address the latest cyber threats.
- Effective Identification of Weaknesses and Stress Tests: MSPs understand the complex relationships of service agreements and a GP’s tech system. This means a GP only needs to review amalgamated reports on the weakness and strengths of their portfolio companies and factor that into their investment and operational decisions.
- Optimized Future Proof Operations: From an MSP’s vantage point they are able to see all the moving parts, weaknesses, redundancies and relevant user trends. As such, they can rapidly identify areas for improvement. The logistics and admin behind future proofing, system integrations, and other value-add development services are all handled by a single partner that has the experience and pre-existing frameworks to avoid costly mistakes, downtime and system crashing flaws.
By standardizing technology practices across all portfolio companies, the use of an experienced MSP ensures that all the right protocols are in place to act as a buffer against ever changing cyber threats, compliance and reporting regulations, operations optimization for tightening margins and anything else that may arise relating to the overall technology ecosystem of the GP and its portfolio companies.
Once the company has been acquired, the GP’s next move should be to look into its data management strategy and how this can enhance operational efficiency. Stay tuned for more insight on that soon!