TubbTalk 114: How to Effectively use Cyber Essentials, GDPR & Keepabl

An Interview with Shabad Chawla

Shabad Chawla is the founder of techsapiens, a London-based MSP. Its managed service framework is based on the UK’s Cyber Essentials scheme, GDPR, and other relevant industry standards. This allows Shabad to offer a profitable niche service.

The techsapiens Tool Stack

Shabad explains they have a range of tools they use in-house. Some are standard, and others are specific to the services they offer. They use Autotask and Datto for RMM, and Zomentum for quoting and their sales process.

Then, they use Keepabl to support clients with GDPR and Cybersmart for compliance and dealing with Cyber Essentials. For documentation, they have IT Glue for internal use internally and to help with training the end users.

“Quite often an MSP will install some software, show the staff how to use it, and forget about it. But we found that when they have new staff, or there’s a software update, the clients aren’t using it effectively.

“So, we record a training session on each solution, upload it to Vimeo, and share via IT Glue. We use a tool called Tango which allows us to zoom in on different parts of the screen to highlight the action you’re explaining. It works really well.

How Shabad uses Keepabl in his Business

Keepabl is a GDPR compliance platform, which helps with the compliance journey. Compliance is something businesses have to work on continually, says Shabad, and their IT partner needs to support them with that.

Shabad says Keepabl is easy to use, because it’s multi-tenanted. Users can list all of their clients and add in the appropriate departments within each business. It tracks all the data stored and how it’s being used, plus you can manage any breaches or subject access requests. It can also be licenced and resold.

Why GDPR is an Opportunity for techsapiens

Privacy is important for us all as individuals as well as for businesses, says Shabad. “Personally, we want to know which companies hold our data and why. From a business owner’s point of view, we’re already storing client information and talking about data protection.

“We make it clear that we’re being compliant and following regulatory requirements around data storage. Having a GDPR framework and a process for cybersecurity makes that easier. This matters to everyone, which is why we decided to make it a focus for Tech Sapiens.”

Shabad adds that when talking to existing clients he’ll often mention GDPR and explain how the company can support them with it. “On the other side, people struggle with GDPR and need help. They don’t realise an MSP can help them with that. So we start off the relationship looking at GDPR, and end up offering IT support as well.”

techsapiens’ Relationship with Keepabl

Shabad explains that he’s known Robert Baugh, founder of Keepabl, for several years. “They’re brilliant at supporting our journey to help clients with their GDPR compliance. Nothing is a problem. Some clients want to speak to them, and they’re always happy to do so.

“Another thing I really like is their ‘policy pack’ – a whole bunch of ready-made policies that can be tweaked and tailored to suit the client. That’s really handy to have alongside the data map. They’re great guys to work with.” 

How MSPs can Find the Best Vendor Partners

For decision-making within techsapiens, Shabad uses a weighted matrix. He explains that you list all the potential vendors on one side, and the features you really want on the other. Then, you assign a ‘weight’ to each one to map how important the feature is.

Next, give the vendors a score from 0 to 5 on how well they can deliver on each of the essential features. Shabad says it’s easy to assess the vendors that way. A rigorous process makes you feel confident that you’ve made the right decision. If it’s a small thing you’re looking for, you can do a free trial of several vendors and cancel those that aren’t the right fit.

Why techsapiens Focus on Cyber Essentials

Shabad says he and the techsapiens team think Cyber Essentials is perfect for supporting businesses with compliance and cybersecurity. “It’s a standard starting point. It gives a framework that you can share with the client so they understand why they have to do things a certain way.

“It’s not gold standard, because it’s not complex enough for a bank, say, or a financial services organisation, but it’s great to get people started. And it’s certified, so people trust it.

“Too many businesses aren’t really aware of what’s going on in their IT department, or how their IT partner’s company works. Confidential data is so at risk from cyber criminals. So we feel that Cyber Essentials is a way to push everyone to a minimum baseline, which is a big step forward.”

(If you’d like to learn more about Cyber Essentials certification, then the IASME site will help)

How to Connect With Shabad Chawla

• techsapiens
• Follow techsapiens on LinkedIn
• Connect with Shabad Chawla on LinkedIn
• Follow techsapiens on Facebook
• Follow techsapiens on Twitter

How to Connect With Me

• Subscribe to TubbTalk RSS feed
• Subscribe, rate and review TubbTalk in iTunes
• Subscribe, rate and review TubbTalk on Stitcher Radio
• Subscribe and rate TubbTalk on Spotify
• Follow TubbTalk on iHeartRadio
• Follow @tubblog on Twitter

Mentioned in This Episode

• Autotask from Datto/Kaseya
• Sales platform: Zomentum
• Documentation: IT Glue
• GDPR compliance training: Keepabl
• Cybersecurity: CyberSmart
• UK government cybersecurity scheme: Cyber Essentials
• Video hosting and sharing: Vimeo
• Create step by step guides: Tango
• Create step by step guides: Scribe
• Create step by step guides: Snagit
• The Tech Tribe
• Discord channel: MSPs in the UK
• MSP Geek Slack channel
• AI tech support: Moveworks
• MSP admin portal: Microsoft Lighthouse
• M365 monitoring: MSP Easy Tools

You Might Also be Interested in

• Powerful Video Help for MSPs on GDPR – Privacy Kitchen
• Cyber Security Top Tips for Small Business Success and Growth
• Podcast: The Top Ways to Move Your MSP Business to a Cybersecurity Focus

You might like: