The 5 Pillars of Nova (Service Providers) – Transcript

Here is a transcript of the video that Paul prepared:

Now let’s talk about what we at Quadrotech call the five pillars.

These are the 5 pieces of the value proposition that we think Nova offers to our customers who are service providers. Because when you get right down to it as a service provider, you have to differentiate yourself somehow from what Microsoft sells. Customers are still using Office 365 or Dynamics or Azure, and Microsoft controls that so you have to come up with something unique to get customers to use your services. Whether you’re acting as a traditional license provider or an actual managed service provider doesn’t matter. You still have to do something unique to stand out and to get customers to go with you.

Our vision to help you do that is to offer a single platform for complete and total Office 365 management.

This gives you visibility across the entire organization and when I say organization what I really mean is not just your own organization, but also all the tenants that your customers have registered with whatever relationship you have with them. We can do this without having a requirement that you delegate access through Microsoft’s partner dashboard.

The ability to have action and insights tied together based on aggregated data sources across multiple tenants. So you can see at a glance for all or some of the tenants you manage for one customer or all your customers what they’re doing. How many licenses they have. Where those licenses are allocated which ones are used not used because that’s all data you need to help drive your relationship with the customer. To make them recognize the value that you’re providing to them as a partner and service provider.

Proactive and granular control across job roles business units and tenants with policies and role based delegation. We want you to have the ability to delegate access of the tenants you manage to selected people at your customer. But also give the customer the ability to delegate pieces of the tenants that they want managed to individuals on your staff.

This really is the best of both worlds because it means. Whatever model you prefer to operate in, whether it’s one where you own the customer tenant and they manage what you allow them, or they own the tenant and you manage what they pay you for. Either way, we’ve got your back.

Proactive role and policy based alerting with enforcement for policies. So imagine being able to define a configuration policy that sets up the way that you want a tenant configured and then automatically stamping that across every tenant that you manage and having that automatically applied every time you onboard a new tenant for a new customer.

That’s part of our platform.

Bring business process closer to the user via self service. I can’t really over-emphasize how important this is for service providers. Because every time a customer has to call on your team to have you make a configuration change or do something on behalf of a user like changing users name because she’s got married or onboard a user or something like that. That’s money out of your pocket. That adds to the cost of operating the service you provide to customers.

So our vision is to give you flexible delegatable, role based ability to manage which users can self service and what they’re able to do. So that you can reserve the high value, high risk, high cost, and high benefit tasks for yourself. And let your users, or customers and their end users manage the small stuff where it makes sense to do so from a business standpoint.

The first of the pillars of our platform is migration integration.

Now, if you’re familiar with Quadrotech, you already know where experts in data migration. We have a very long history of carrying out very complicated migrations for legacy archiving systems, customers with fleets of PST’s, customers who need to do complicated tenant to tenant migrations. That’s been our bread and butter. That doesn’t change in the new platform. What changes is we want to give customers and you more visibility into the mechanics of the migration if you will.

So for cloud to cloud migration, for mergers acquisitions and divestitures, for any operation where the customer has to migrate data as part of what you’re doing with them or for them, we want to grab that data and pull it into the Nova platform to give your customers a single source of truth and visibility and to give you a single point of control and knowledge for everything that’s happening around whatever migration services you’re providing to the customer.

I can’t over-emphasize how important this is because for customers who are beginning their journey to Office 365 by migrating from on-prem, by migrating their legacy data, or by migrating because they’re consolidating or divesting tenants. This is a great opportunity for you to cross sell Nova.

So for a customer that has already purchased migration services you can now say:

Guess what Mrs Customer? I have some good news not only am I providing these migration services, but I’m going to give you a dashboard where you can see everything you need to know about the daily, weekly, hourly progress of the migration.

Not to mention that you can use the Nova tool set to give you really unparalleled visibility into what’s in the customer environment, to help you scope and price and size the migration itself.

Reporting is really fascinating. That’s the second pillar out of our five. The reason I say it so fascinating is because when I talk to service providers at every level across verticals, across geographies all around the world, they’ll say almost the same thing:

Oh, OK, why do I need reporting Microsoft already provides its customers?

That’s worth a whole separate video by itself, and in fact, we have one of those coming. The key thing to think about reporting in the Nova Platform it is the broadest pillar. It is the piece where we gather all the data that we use to enable actionable insights, to drive migration, to drive delegation and policy control, to help you give your customers a better offering.

Now there a couple of different things that you can do with our reporting functionality. We provide unified reporting for all parts of Microsoft 365 in a single tool set and a single dashboard, across all of the workloads no matter how many tenants you have.

So let’s dig into why that’s important for a second. First is that Microsoft scatters the data that customers want and that you need all over the place. Depending on how you count them there between 7 and 13 different portals where you can go look at reporting stuff in Office 365. That’s not even counting Azure AD, and that’s not counting the other pieces of Microsoft 365.

So the customer comes to you and says:

Hey I need to know how many ???

Fill in the blank, you are going to have to do some detective work. That wastes your time, it cost you time, and time is money. We have a better solution. We aggregate all that data, from the same sources at Microsoft is using in their native tools, so we can show customers everything that Microsoft can show them. We put it into a single repository with an exceptionally flexible report designer, editor, and filtering tool set so you can build custom reports, that show your customers exactly what they need to see.

Now here a couple of cool features that you may not have thought of as being valuable. One is that you can take a report that’s created with our report designer and export it and put it into a repository and the minute you’ve done that boom, you just created some unique intellectual property, that’s part of your service business. So you can build a report that shows customers any combination of data items because we can aggregate and join across all these different workloads. And you can label it with your company name and give it to customers.

Keep in mind, the way that we want to help you make money with Nova is to give you options. One option is: You sell customers the Nova platform in the same way that you seldom Office 365 or Intune or whatever. Another way is that you can use Nova internally for your own management and operations to make it easier and less expensive for you to robustly and securely deliver that service to customers. So that you lower your cost of goods sold and lower your management overhead to increase your margin. Another way to do it is that you use Nova as a platform to build unique offerings, to differentiate you from the service provider down the street or from Microsoft itself. Reporting is core to be able to do all three of those things. The good news is because the platform supports all 3 it’s up to you how you want to make use of it.

The last bullet here is one I especially want to mention for service providers who are interested in driving adoption. Microsoft is doubling or tripling or quadrupling down on how much they emphasize workload adoption as part of their fiscal 2020 targets. Every Microsoft partner, CSV’s, CSPs, ISVs, you name it. And almost every Microsoft employee anywhere in OCP or on the Enterprise side is being given targets to hit for driving adoption of Office 365 workloads.

Our brand new Adoption Accelerator feature in Nova let’s you build campaigns that show your customers what their end users are doing, with which workloads and then create strategies to make those numbers go up.

Why is it important?

Well, there are a couple of reasons from a service provider perspective. One is that customers are asking for it. So we put you in a position to be able to give customers a thing that they want, everybody wins. Another maybe more significant one is that there are a lot of Microsoft Dollars out there that are tied to adoption whether it’s ECIF or BIFF or other kinds of support funds that only become available to you as a service provider on behalf of your customers when the customer hit certain levels of adoption.

The faster you can get to those targets, the faster Microsoft pays you those funds, very simple equation. It’s all about driving time to value. There’s another key aspect to this technology though, that I want to encourage you to think about. That is that If you are doing something to drive adoption of the licenses customers have already paid for, then what you’re doing is you’re reinforcing the customers judgment in hiring you as a service provider in the first place.

Think about that for a second.

The more value the customer gets out of their investment in Office 365 and Microsoft 365, the better. It is for them because it drives their desire to renew with you and to continue to partner with you because you are the organization that has helped them unlock that value. So Adoption Accelerator is absolutely key. Because it helps you go into your customers and say:

Look. You are at 22% teams usage within your organization right now. I can get you to 50%, 75%, 85% or 90% within this time frame.

When customers see that you were able to deliver on that using the technology that we provide to see what end users are doing and nudge them in the right direction. You have just magnified your value in the eyes of the customer.

So it’s a great differentiator for you as a service provider. It’s a benefit to the customer; everybody wins.

I mentioned earlier how reporting is probably the broadest pillar of Nova because there’s so many other Nova Services and features that depend on our ability to pull all this data in and put it into a single repository aggregated across tenants, so that you can slice and dice and see exactly the data you need, for the tenants you want, when you need it. Our security and audit functionality, which I also think of sort of is our investigations functionality, is a key part of that.

As a service provider if you have any kind of service offering around security you probably know that it’s very difficult to sell security stuff to customers. Especially sophisticated customers who may already have their own intrusion detection or their own endpoint protection systems. They don’t necessarily see why they should invest in additional capability. Let me tell you why. What we do in Nova is we take the data that is already there. We unlock its value by helping customers, your customers, very quickly figure out what’s going on.

Let me give you an example.

Suppose I’ve got a user who goes to Las Vegas and whilst in Las Vegas he loses his laptop or some other device.

Very quickly I can dig into the security audit module in Nova and immediately find out every log-on to that device had., during the selected timeframe, across every Office 365 workload. I can map them by geography, so I could see which logins are from Vegas and which ones are not and very quickly tell exactly which files were accessed. When and by whom? What’s been shared externally? Whether there were any configuration changes to the user’s mailbox? Forwarding rules, you name it.

OK, now it’s not magic. Microsoft gathers all that data in the first place, but again because some of it is in the security and audit center and some of it is in the Exchange audit logs and some of it is in the Azure AD audit logs and so on.

For a normal customer to try to piece together the record of what happened, or what was done, by or with a specific user account, is very difficult. We make that much easier. Again this is a great opportunity to build a value added service for you, because you can turn around and tell your customers:

Look for the small additional cost, we can help you conduct investigations of actual breaches or potential breaches.

If you operate with any customers who are subject to GDPR are or who do business in the US in California, this is invaluable because now you have ready made tool that is available for you to give to whichever customers you think are willing to pay for it, to help them solve this problem very quickly. Help them pinpoint what data may have been exposed in a breach, and where it went. The key thing to think about here, and the selling differentiator that we offer to you as our partner is this:

This is not a security tool in itself. We’re not asking you to ask your customers to go out and buy something new like Azure Security or Azure Symptom.

This is a set of tools for getting more value, and more understanding, and more visibility from the data that’s already being generated by everything that users do. We have more than 6 billion user audit records under management in Nova right now. So if you think about all the data that contains, that our customers are able to use to figure out what their users have done or what has been done, it’s an immensely powerful warehouse that you can offer to your customers on an ad-hoc basis, that you can offer to them as value-add or upsell for your own services. But you can keep for yourself, so you have the ability to do investigation and remediation on your customers behalf as part of the service package that you offer them.

Delegation and Policy Control. This is critically important to service providers. Even if you don’t recognize the phrase and you don’t know what it is. That’s because as a service provider, what your customers are depending on you to do is to manage their tenants for them. Some customers want you to manage literally everything, some customers want help with certain operations would not with others. And so delivering what they need, when they need it can really be tricky because Microsoft’s own tools are not oriented toward that scenario. Now they’re making some strides with Azure Lighthouse, and the Partner Portal, and they’ve given us the ability for a long time to have Delegated Partner Administrators, but the problem is sometimes what you want is something less than global admin access, but more than an ordinary unprivileged user. Or you need to distribute that responsibility and that delegation in a way that Microsoft doesn’t support it. That’s why it’s a pillar of Nova. We recognize how important this is and we enable it, in a pretty unique and useful way.

First everything that we do with delegation and policy control is built on RBAC like you’re already familiar with. So you can delegate access to people by role, to give them the ability to do anything that you need administered across workloads and across tenants. As an example, as a service provider, you can take one of your help desk administrators and delegate to them the ability to run our service resolution interface and to change certain properties of user accounts and reset passwords. Even if your customers are in hybrid mode and have on premise Active Directory.

So think about that for a second.

You can combine multiple different sets of operations, some that involve manipulating user accounts, some that involve manipulating other Office 365 objects and settings, across tenants, and delegate them to someone in your organization, so that they can take those actions. Do the work that needs to be done, without requiring that they be global admin, without requiring that they have privileged access to the customer tenant.

Remarkably useful; there all kinds of scenarios for this makes sens.

As an example, you might choose to say:

OK because I have heavy management of my customer tenants I’m going to delegate to the customer HR people, the ability to onboard users, and put them in groups, and do some other HR style onboarding features, without giving them any administrative rights at all.

On the other hand, if you’re a light touch provider where the customer is doing most of the management themselves and you’re coming in to help them with specific tasks, they can do the opposite. They can delegate that access to you so that especially for customers that are very sensitive about working with service providers because they don’t want to give up or share admin access. They can still securely delegate the ability for your folks to do what the customer needs done. This gives you an entry point in the customers that you might not have been able to get into otherwise.

The ability to enable business user self service is huge for service providers, because with this you can essentially delegate yourself out of having to do common, repetitive, low value tasks that tie up your people and cost you money. So for things like username or telephone changes. No longer do you have to have your end user customers file I help desk ticket with the customer, which then get’s escalated to you. Or better yet, you can offer this as a service that you tell your customers:

Look. I won’t have to take care of these user self service tickets and you won’t have to take care of them because will arrange for the users to be able to do these operations themselves while still providing security, while still eliminating the need for excess administrative privileges and while still maintaining auditability and tracability.

That’s a winning proposition right there.

The 5th pillar of Nova is service monitoring and service resolution.

This is really critically important, because one thing that every customer of every size wants to know and you probably have heard this from your own employees: They want to know when something is broken in Office 365. Because the better a
job Microsoft does of convincing us all to use Microsoft 365 to drive our business. The bigger the risk in the bigger the hassle when it doesn’t work for some reason and you can’t get your email or you can’t log into Teams or whatever. So every customer has this question:

How can I know when the service is working and if it’s broken whether it’s really broken or whether it’s something on my end.

The critical problem here is trying to separate a potential problem into one of 3 buckets.

The first bucket is something that you as the service provider or the customer controls. This would be something like an on-premises domain controller or ADFS or something like that. The second bucket is a problem with the network connectivity between where the end user is sitting, and the service. This could be something as simple as a Wi-Fi connection on an airplane that won’t issue an address via DHCP. So you can actually log-in and work, it’s something I run into regularly. Or it could be very complicated. The 3rd bucket is Microsoft, an actual problem with an Office 365 or Azure AD or Microsoft 365 service.

The funny thing is the thing that users are worried about is that 3rd Microsoft bucket. But the area where you’re most likely to run into problems is the first bucket. But also that’s the area where you as a service provider of the best opportunity to help your customers.

Let me explain what I mean.

In Nova service monitoring what we actually do is run a network of sensors operated by Quadrotech, that are run in Amazon Web Services so they have zero dependencies on Office 365 and Azure AD.

We have one sensor that’s pointed at each of the Office 365 data centers around the world. So the new data center in South Africa, the data centers in India, Japan, Singapore, the United States, the UK and so on. And we give every Nova customer, every Nova user, everybody who has permission to log into the Nova dashboard, sees the results of these sensors.

This is exactly like what NASA does with satellite weather imagery.

Everybody sees the same imagery and has the same data to work from. So when you have an end user customer who calls your help desk and says:

I work for Contoso and I can’t get my email.

You have a very quick way for your help desk technician to see if there any known problems in the area where that end user is sitting. But that’s just the start. We built on top of that by allowing you as a service provider to give your customers the ability to install their own monitoring beacons at their own locations.

Again, this could be a value added service that you offer or it could be something that you merely resell to your customers. When they run these sensors in their own locations, now they have an additional set of data. So in the same way that I can turn on The Weather Channel I could look at the National Radar Picture, it tells me what the weather is going to be like, at some locations far away from me. I also can now get the weather literally my own backyard. So if you put these sensors in the locations where your customers most critical users are, their most critical business operations are, now you have additional set of data points to do with doctors would call differential diagnosis. That’s a fancy way for saying “Well it doesn’t work over here and it does work here. So here’s where I’m going to start looking for the problem.”

Think about that for a second.

Suppose you have a user who is sitting in Atlanta and files a ticket saying that she can’t get her email, and you have another user in Washington DC, who is able to get her email. The first thing I would suspect is that there’s something local to the environment in Atlanta because both of those users are likely to have mailboxes in the same set of datacenters on the US East Coast, if that’s where their homed. But we go beyond that by taking the data that we have about the availability of the service and tying it to what we know about the end user herself. So that when you look at the end users data in our service resolution console, not only can you see what we know about the service health, but we can show you: Hey, we know this user is in Atlanta because we can see from the security and audit data.

Remember, I mentioned that earlier, which is gathered by our reporting engine, which I mentioned earlier. So because security and audit data tells me that she’s actually logging in from Atlanta even though her mailbox is homed in Singapore because that’s where she’s based now. I know that I need to show service quality results for both Atlanta and Singapore or for the US East region.

So think about what that means. It means you as someone who provides a helpdesk service to your end user customers, have the ability to tell what Office 365 service conditions are like, where their mailboxes, where their team services, where Skype and OneDrive are and also where there sitting.

OK, that’s a remarkable capability, that we think is going to be very exciting for service providers because your goal as a service provider is to do two things. Prevent tickets from being opened in the first place, which our global network of sensors can help you with by letting you proactively notify users when you detect an outage. And then if a ticket is filed to close that thing off as quickly as possible with the lowest labor and materials cost for you as possible. Well, one key way to do that is to give you the best possible diagnostic information, which we’re able to do in Nova.

Now let’s put it together. I’ve talked about the five pillars that we built Nova on top of. I’ve given you a little bit of insight into some ways we think Nova gives you a unique opportunity to differentiate your business and give customers something that they can’t get elsewhere. However you choose to package that, whether that’s a license that you resell in a traditional transaction, a capability that you use to improve your own operations to improve the quality of what you sell to customers, or as a value add that let’s you upsell and upscale the services that you
sell your customers.

We support all of those. Nowa is actually designed from the ground up to enable our service partner customers to do more for their customers because that way you make more money, we make more money, Microsoft makes more money and life is good, but let’s take a look at what that means in concrete terms.

In this diagram what I’ve done is I’ve taken the five pillars and I’ve laid out some specific use cases that we support to show you how they cross the pillars, so as an example and there’s some I haven’t even touched on this video because we’re going to have a lot more to say about those in the upcoming months such as license management and Adoption Accelerator. But if you look for example at IT support and troubleshooting. Being able to deliver an
integrated IT support and troubleshooting toolset requires a solution that grabs data from multiple sources for
reporting and makes it easily understandable. Gives you the ability to do investigations based on security and audit activity. Gives you secure, safe, scaleable way to do delegation and policy control. And it helps you understand what’s actually going on with the service that people are using. So you can see this particular use case actually builds on top of four of the five pillars in Nova.

You can see. I’m not going to read these out, you can read them just as well as I can, but you can see that
for each of these additional business value cases that we unlock, they leverage multiple pillars. That’s part of what makes Nova so valuable. It’s not just a point solution that only does reporting but that requires a separate solution
or configuration or something to do security and audit or service monitoring or migration integration. All these things are knit together in the platform. All five of these pillars of first class capabilities within Nova, that are designed to work together, across geographies, across multiple tenants, aggregated how you want them, to make your job as a service provider easier, to make it easier for you to deliver more value to your customers so they stay with you.

That’s what it’s all about.

To learn more go to