Anyone willing to share how they are staying competitive in the market? Are you dropping your price or positioning your service differently?
How to stay competitive with falling service provider prices?
Anyone willing to share how they are staying competitive in the market? Are you dropping your price or positioning your service differently?
You can only go so low. What you ought to do is reposition your offering so that "X Inc." can have the non paying segment of the market. Who wants them? That downward spiral of price is a losing game.
Clay Ramsey
Data Backups
Dallas / Ft. Worth, Texas
OMG!!!! I hate selling on price and refuse to, the trick is very simple..... Offer added Value for your product and it cannot be comoditized, for instance we are HIPAA Complient, no other backup provider that I know of is therefore a required regulated company has to use us, now I do not price gouge either but we get paid fairly for our services.
Steve
Steven Ferman
President
steven.ferman@Etegrity.com
www.eTegrity.com
877-928-2858 X 224
Ensuring Data Integrity
It's not about the backup but the Recovery!
That's a pretty loaded statement. just about any good backup provider can be used in a BC scheme that incorporates HIPAA approved control methodologies. HIPAA has very little to say about data integrity safeguards. See the excerpt below: (from HHS'Summary of the HIPAA privacy rule)Originally Posted by eTegrity
"Data Safeguards. A covered entity must maintain reasonable and appropriate
administrative, technical, and physical safeguards to prevent intentional or
unintentional use or disclosure of protected health information in violation of the
Privacy Rule and to limit its incidental use and disclosure pursuant to otherwise
permitted or required use or disclosure.70 For example, such safeguards might
include shredding documents containing protected health information before
discarding them, securing medical records with lock and key or pass code, and
limiting access to keys or pass codes. See OCR “Incidental Uses and Disclosures”
Guidance."
It is extremely misleading to suggest to potential customers that yours is the only platform which allows them to take "reasonable and appropriate" measures. I'm as big a fan of Asigra as anyone here, and I agree that the built-in auditing and permissions controls make that sort of compliance effort much less cumbersome than it would be without a comparably capable tool; however Asigra is not the only path to secure data backup.
Follow me on Twitter
Join me on Google +
"We can forgive a man for making a useful thing as long as he does not admire it. The only excuse for making a useless thing is that one admires it intensely. All art is quite useless."
- Oscar Wilde
mbottoms...I believe what Steve is trying to say is that value is inherent to the services you ADD to what Asigra is providing. eTegrity has significant value add's, one being HIPAA compliance. Most if not all backup solutions out there claim they 'support' HIPAA. Thats great, but if a CE (Covered Entity) decides to have faith in that 'support' statement they will find themselves on the wrong side of an audit that may include heavy fines for failure to conduct business with a 'BA' (Business Associate) without a 'BAA' (Business Associate Agreement). It is not misleading to suggest to potential customers that they will, in fact, be abiding by the letter of HIPAA law by doing business with eTegrity.
I agree that any good backup provider can be used in a BC schema but not when it involves HIPAA & a Covered Entity. The potential for serious implications (fines) should seriously outweigh the desire to do business with a non-HIPAA compliant business associate.
I disagree that HIPAA has little to say aboout data integrity. If you read carefully subsection 164.308 it will clearly define what a sound backup solution would consist of and also mentions a key to having your backup be breach-proof...FIPS 140-2.
I am happy to discuss this with anyone over beers at the n ext Asigra conference!!!
Last edited by rcorage; 02-14-2012 at 01:31 PM. Reason: grammatical
No doubt, regulated entities need to be cognizant of the requirements placed on them by the relevant statutes. Having backup professionals that understand those needs and who already have solutions in place is an enormously useful way add value to your offering.
My objection to the statement stemmed from the phrase, "a required regulated company has to use us". Implying that it is impossible to be compliant without e-tegrity. This is a misleading statement.
There are ways to get it done regardless of provider or partnered entity. Not as efficiently, or conveniently, but you can design the controls in such a way as to satisfy requirements. It just takes some forethought and an understanding of the policy.I agree that any good backup provider can be used in a BC schema but not when it involves HIPAA & a Covered Entity. The potential for serious implications (fines) should seriously outweigh the desire to do business with a non-HIPAA compliant business associate.
You're referencing 1 subsection of a document that spans almost 300 pages, we can agree to disagree about a definition of 'little'...I disagree that HIPAA has little to say aboout data integrity. If you read carefully subsection 164.308 it will clearly define what a sound backup solution would consist of and also mentions a key to having your backup be breach-proof...FIPS 140-2.
I am happy to discuss this with anyone over beers at the next Asigra conference!!!
My point is that it focuses on defining objectives, leaving it up to the (health care) provider to ensure that the controls put in place to meet those objectives are adequate.
One of the things that I like most about Asigra is the built-in security features including, milspec encryption, auditing, verified data destruction, and ldap integrated permissions profiles. These features make HIPAA compliance far simpler than is the case with other (especially tape-based) solutions, but they are not the only path to passing an audit.
We all hate to play the price game because we can't compete on a straight dollar-per-gb basis when the market is saturated with cheap 'cloud storage' solutions. We need to be able to help the customer understand that there is more to 'backup' then having your data protected offsite.
Understanding business continuity practices, having experienced staff that can help cater a DR/BC strategy to an organization, and offering a smoother path to regulatory compliance is how we distinguish ourselves in the marketplace. Combine these things with strict SLAs and a high quality offering, and we're in a very exciting space.
We just need to remember that not every tool is a hammer, and not every problem a nail.
Follow me on Twitter
Join me on Google +
"We can forgive a man for making a useful thing as long as he does not admire it. The only excuse for making a useless thing is that one admires it intensely. All art is quite useless."
- Oscar Wilde
Agreed, you can be compliant without our service but then you're using a chainsaw to cut your hair.
I guess the answer here lies in deciding on what I want to provide to my ideal customer, then identifying what my ideal customer looks like, then deciding on what I think is a fair price to pay for my services, and then going to work on advertising and sales. And iterate after that. This is text book when it comes to early stage marketing and sales strategy. Easier said than done if I'm trying to pay bills of course. I recently read something about ADDED value and it was interesting. The author defined ADDED value as silly talk, he suggested offering value up front before even making a sale. I kind of liked that approach.
Posting Permissions
Reply With Quote