Now Reading: Microsoft Consultant Blueprint
-
01
Microsoft Consultant Blueprint
1
00:00:00,000 –> 00:00:02,080
Most Microsoft consultants are commoditized,
2
00:00:02,080 –> 00:00:03,400
not because they lack skill,
3
00:00:03,400 –> 00:00:05,640
because they sell the wrong thing, they sell execution,
4
00:00:05,640 –> 00:00:07,880
they sell hours, they sell apps and automations
5
00:00:07,880 –> 00:00:10,760
and migrations, they compete on delivery speed and cost,
6
00:00:10,760 –> 00:00:12,480
and they lose every single time
7
00:00:12,480 –> 00:00:15,200
to the consultant who understands what companies actually need.
8
00:00:15,200 –> 00:00:17,960
The highest paid Microsoft consultants in 2026
9
00:00:17,960 –> 00:00:20,600
don’t build anything, they architect control systems,
10
00:00:20,600 –> 00:00:23,920
they engineer governance, they reduce architectural entropy,
11
00:00:23,920 –> 00:00:26,240
and they charge 250’s an hour, not 60,
12
00:00:26,240 –> 00:00:28,200
because they’re not competing on technical skill,
13
00:00:28,200 –> 00:00:29,840
they’re competing on risk mitigation,
14
00:00:29,840 –> 00:00:32,640
and here’s the gap, feature work pays $60 an hour,
15
00:00:32,640 –> 00:00:35,320
entropy mitigation pays $250 an hour,
16
00:00:35,320 –> 00:00:38,320
a power app costs 50K and takes three months,
17
00:00:38,320 –> 00:00:41,840
a governance remediation costs 150K and takes 12 weeks,
18
00:00:41,840 –> 00:00:43,520
and it prevents a $2 million breach,
19
00:00:43,520 –> 00:00:45,640
one is a project, the other is necessity.
20
00:00:45,640 –> 00:00:47,360
By the end of this, you’ll have a framework
21
00:00:47,360 –> 00:00:50,440
for repositioning what you sell, how you price it,
22
00:00:50,440 –> 00:00:52,880
and how you acquire clients who will pay for governance
23
00:00:52,880 –> 00:00:53,800
instead of builds.
24
00:00:53,800 –> 00:00:55,200
This isn’t about certifications,
25
00:00:55,200 –> 00:00:58,320
it’s about understanding that companies don’t have app problems,
26
00:00:58,320 –> 00:01:01,880
they have architectural decay, the architectural entropy problem.
27
00:01:01,880 –> 00:01:03,880
Most consultants miss the real problem
28
00:01:03,880 –> 00:01:05,800
because they’re looking at the wrong layer.
29
00:01:05,800 –> 00:01:07,760
Architectural entropy is the proliferation
30
00:01:07,760 –> 00:01:09,840
of possible system states, configurations,
31
00:01:09,840 –> 00:01:12,200
and dependencies that make behavior unpredictable.
32
00:01:12,200 –> 00:01:14,400
It’s not a feature problem, it’s a structural problem,
33
00:01:14,400 –> 00:01:16,760
and it compounds silently until it costs millions,
34
00:01:16,760 –> 00:01:18,840
it manifests across four dimensions.
35
00:01:18,840 –> 00:01:23,320
State entropy, data inconsistencies, dual rights,
36
00:01:23,320 –> 00:01:27,320
permanent temporary copies that nobody can remove.
37
00:01:27,320 –> 00:01:30,520
Configuration entropy, feature flags, settings,
38
00:01:30,520 –> 00:01:32,000
policies that drift over time
39
00:01:32,000 –> 00:01:34,920
until nobody remembers why they exist.
40
00:01:34,920 –> 00:01:38,920
Interaction entropy, service cascades, retry storms,
41
00:01:38,920 –> 00:01:42,520
dependencies that multiply faster than anyone can track.
42
00:01:42,520 –> 00:01:45,280
Organizational entropy, unclear ownership,
43
00:01:45,280 –> 00:01:48,680
distributed decision making, teams operating in silos.
44
00:01:48,680 –> 00:01:50,600
Companies don’t know they have an entropy problem
45
00:01:50,600 –> 00:01:53,160
until it costs them, a breach that takes six months
46
00:01:53,160 –> 00:01:55,840
to detect because identity governance never existed
47
00:01:55,840 –> 00:01:59,280
and audit failure because access reviews were never automated.
48
00:01:59,280 –> 00:02:02,200
A failed migration that takes 18 months instead of six
49
00:02:02,200 –> 00:02:04,560
because the architecture was never designed for cloud.
50
00:02:04,560 –> 00:02:07,480
A compliance incident because data loss prevention policies
51
00:02:07,480 –> 00:02:08,560
were never enforced.
52
00:02:08,560 –> 00:02:10,800
By then the debt is structural, it’s not fixable
53
00:02:10,800 –> 00:02:12,520
with another app or another automation.
54
00:02:12,520 –> 00:02:13,520
This is where you come in,
55
00:02:13,520 –> 00:02:16,000
but only if you’re positioned as the architect of control,
56
00:02:16,000 –> 00:02:17,640
not the builder of features.
57
00:02:17,640 –> 00:02:20,280
The consultant who sees entropy wins the contract.
58
00:02:20,280 –> 00:02:23,720
The one who sees we need a power app loses to the lowest bidder.
59
00:02:23,720 –> 00:02:25,120
That’s the fundamental distinction.
60
00:02:25,120 –> 00:02:27,200
One consultant diagnoses the disease,
61
00:02:27,200 –> 00:02:28,600
the other treats the symptom.
62
00:02:28,600 –> 00:02:30,920
Most organizations are operating in reactive mode.
63
00:02:30,920 –> 00:02:32,200
They solve yesterday’s problems
64
00:02:32,200 –> 00:02:34,000
while entropy accumulates in the background
65
00:02:34,000 –> 00:02:35,840
by the time leadership notices.
66
00:02:35,840 –> 00:02:38,440
Through an audit failure, a breach, a failed migration,
67
00:02:38,440 –> 00:02:39,920
the problem is no longer technical.
68
00:02:39,920 –> 00:02:42,920
It’s architectural, the system has too many possible states,
69
00:02:42,920 –> 00:02:46,000
too many configuration parts, too many undocumented dependencies,
70
00:02:46,000 –> 00:02:47,800
too many teams making independent decisions
71
00:02:47,800 –> 00:02:49,080
without shared governance.
72
00:02:49,080 –> 00:02:50,680
And here’s what matters, they know this,
73
00:02:50,680 –> 00:02:53,480
CISOs know it, CFOs know it, Chief Risk Officers know it,
74
00:02:53,480 –> 00:02:55,560
but most IT teams don’t know how to articulate it.
75
00:02:55,560 –> 00:02:56,840
They don’t have a language for it.
76
00:02:56,840 –> 00:02:58,640
They don’t have a framework for measuring it.
77
00:02:58,640 –> 00:03:00,160
They don’t have a path to fixing it.
78
00:03:00,160 –> 00:03:02,160
That’s your opening, that’s your positioning.
79
00:03:02,160 –> 00:03:04,800
You become the person who sees the entropy, quantifies it,
80
00:03:04,800 –> 00:03:07,280
and builds a remediation roadmap that actually works.
81
00:03:07,280 –> 00:03:08,720
The consultant who treats identities,
82
00:03:08,720 –> 00:03:10,400
sprawl, power platform chaos,
83
00:03:10,400 –> 00:03:13,640
and a Zua cost entropy as separate problems loses every time.
84
00:03:13,640 –> 00:03:16,280
The consultant who treats them as symptoms of one problem,
85
00:03:16,280 –> 00:03:19,480
architectural entropy across the entire Microsoft control plane
86
00:03:19,480 –> 00:03:20,480
becomes indispensable.
87
00:03:20,480 –> 00:03:24,920
This is the shift from I build apps to I architect control systems.
88
00:03:24,920 –> 00:03:28,040
It’s the difference between 80K annually and 100K plus,
89
00:03:28,040 –> 00:03:30,400
why companies are drowning in architectural debt.
90
00:03:30,400 –> 00:03:33,200
Understanding why organizations end up in this position
91
00:03:33,200 –> 00:03:35,720
requires looking at how they actually adopted cloud
92
00:03:35,720 –> 00:03:37,040
and Microsoft technologies.
93
00:03:37,040 –> 00:03:39,640
It wasn’t strategic, it was reactive.
94
00:03:39,640 –> 00:03:42,080
Organizations adopted cloud, Microsoft 365,
95
00:03:42,080 –> 00:03:45,200
Azure Power Platform, without establishing control planes first.
96
00:03:45,200 –> 00:03:46,560
They didn’t build identity governance
97
00:03:46,560 –> 00:03:47,920
before rolling out EntraID.
98
00:03:47,920 –> 00:03:49,800
They didn’t implement data loss prevention
99
00:03:49,800 –> 00:03:51,280
before enabling Power Platform.
100
00:03:51,280 –> 00:03:52,920
They didn’t establish subscription governance
101
00:03:52,920 –> 00:03:54,800
before spinning up Azure resources.
102
00:03:54,800 –> 00:03:56,560
They just started using the tools.
103
00:03:56,560 –> 00:03:58,440
Each new tool added complexity,
104
00:03:58,440 –> 00:04:00,880
without simplifying the underlying architecture.
105
00:04:00,880 –> 00:04:04,240
Co-pilot arrived, and suddenly there is AI interacting
106
00:04:04,240 –> 00:04:06,400
with sensitive data without governance.
107
00:04:06,400 –> 00:04:08,800
Agents launched and nobody knows which autonomous systems
108
00:04:08,800 –> 00:04:10,360
have access to which resources.
109
00:04:10,360 –> 00:04:11,920
Fabric launched and the data estate
110
00:04:11,920 –> 00:04:13,360
became even more fragmented.
111
00:04:13,360 –> 00:04:16,200
Every innovation added another layer of possible states
112
00:04:16,200 –> 00:04:18,200
without reducing the layers below it.
113
00:04:18,200 –> 00:04:19,400
Teams operate in silos.
114
00:04:19,400 –> 00:04:21,120
IT doesn’t know what Power Platform is building.
115
00:04:21,120 –> 00:04:23,600
Security doesn’t see the EntraID drift accumulating
116
00:04:23,600 –> 00:04:24,520
in the background.
117
00:04:24,520 –> 00:04:26,640
Finance doesn’t understand the Azure sprawl.
118
00:04:26,640 –> 00:04:28,960
Nobody owns the problem because everybody assumes
119
00:04:28,960 –> 00:04:30,480
someone else is managing it.
120
00:04:30,480 –> 00:04:31,960
The result is predictable.
121
00:04:31,960 –> 00:04:33,600
I’ve seen it hundreds of times.
122
00:04:33,600 –> 00:04:36,840
A financial services organization with fund 200 direct
123
00:04:36,840 –> 00:04:40,320
role assignments when best practice is 50 to 100.
124
00:04:40,320 –> 00:04:43,560
23 global administrators when the number should be three to five.
125
00:04:43,560 –> 00:04:45,080
No privileged identity management,
126
00:04:45,080 –> 00:04:47,960
no access reviews, no life cycle automation,
127
00:04:47,960 –> 00:04:49,960
service principles with permanent credentials
128
00:04:49,960 –> 00:04:51,560
and no rotation schedule.
129
00:04:51,560 –> 00:04:54,880
847 of them discovered in a single audit.
130
00:04:54,880 –> 00:04:57,560
A manufacturing company with 430 unmanaged power
131
00:04:57,560 –> 00:05:00,280
automate flows, 87 unmanaged canvas apps,
132
00:05:00,280 –> 00:05:03,320
zero data loss prevention policies, no environment tiering,
133
00:05:03,320 –> 00:05:06,280
citizen developers creating flows that export production data
134
00:05:06,280 –> 00:05:08,440
to personal one-drive accounts without approval.
135
00:05:08,440 –> 00:05:11,320
Nobody knows it’s happening until the data is accidentally
136
00:05:11,320 –> 00:05:12,680
shared externally.
137
00:05:12,680 –> 00:05:16,000
An enterprise with Azure subscriptions organized by department
138
00:05:16,000 –> 00:05:19,000
instead of governance model, inconsistent tagging.
139
00:05:19,000 –> 00:05:21,840
Reserved instances that don’t match actual usage.
140
00:05:21,840 –> 00:05:24,680
Multi-region deployments without clear failover strategy.
141
00:05:24,680 –> 00:05:27,960
Cost entropy building silently until the bill arrives
142
00:05:27,960 –> 00:05:29,800
and nobody can explain where the money went.
143
00:05:29,800 –> 00:05:30,880
These aren’t edge cases.
144
00:05:30,880 –> 00:05:31,720
These are the norm.
145
00:05:31,720 –> 00:05:34,120
Most organizations have exceeded their entropy budget
146
00:05:34,120 –> 00:05:36,600
in at least one control plane, often all three.
147
00:05:36,600 –> 00:05:38,880
Most consultants treat these as separate problems,
148
00:05:38,880 –> 00:05:41,880
hire a security consultant to fix identity,
149
00:05:41,880 –> 00:05:44,400
hire an automation consultant to fix power platform,
150
00:05:44,400 –> 00:05:46,360
hire a cloud architect to fix Azure.
151
00:05:46,360 –> 00:05:48,120
Each consultant solves their piece.
152
00:05:48,120 –> 00:05:49,760
The organization still has entropy
153
00:05:49,760 –> 00:05:51,320
because the underlying problem,
154
00:05:51,320 –> 00:05:53,560
unclear ownership, no life cycle automation,
155
00:05:53,560 –> 00:05:56,800
no policy-driven access decisions, never gets addressed.
156
00:05:56,800 –> 00:05:58,760
The consultant who sees the pattern wins.
157
00:05:58,760 –> 00:06:00,360
The one who understands that enter ID
158
00:06:00,360 –> 00:06:02,200
isn’t just an identity provider,
159
00:06:02,200 –> 00:06:04,880
but a distributed decision engine making thousands
160
00:06:04,880 –> 00:06:07,000
of real-time authorization decisions.
161
00:06:07,000 –> 00:06:09,200
The one who understands that every accept clause
162
00:06:09,200 –> 00:06:10,600
in a conditional access policy
163
00:06:10,600 –> 00:06:12,640
converts a deterministic security model
164
00:06:12,640 –> 00:06:14,000
into a probabilistic one.
165
00:06:14,000 –> 00:06:16,040
The one who understands that power platform
166
00:06:16,040 –> 00:06:18,480
without governance creates collaboration entropy
167
00:06:18,480 –> 00:06:21,520
that compounds faster than IT can remediate it,
168
00:06:21,520 –> 00:06:23,720
that consultant becomes the architect of necessity,
169
00:06:23,720 –> 00:06:24,960
not because they’re smarter,
170
00:06:24,960 –> 00:06:26,600
because they’re positioned differently.
171
00:06:26,600 –> 00:06:28,520
They’re not competing on implementation speed.
172
00:06:28,520 –> 00:06:30,640
They’re competing on the ability to reduce risk,
173
00:06:30,640 –> 00:06:33,480
enforce compliance and prevent the architectural decay
174
00:06:33,480 –> 00:06:34,520
that costs millions.
175
00:06:34,520 –> 00:06:36,480
This is the repositioning that separates
176
00:06:36,480 –> 00:06:39,560
80K consultants from 100K plus consultants.
177
00:06:39,560 –> 00:06:42,040
One builds features, the other architects control,
178
00:06:42,040 –> 00:06:44,400
one competes on hours, the other competes on outcomes,
179
00:06:44,400 –> 00:06:47,520
one loses to price, the other doesn’t compete on price at all.
180
00:06:47,520 –> 00:06:49,840
The control plane model, to sell governance,
181
00:06:49,840 –> 00:06:52,600
you need to frame it in terms that executives understand.
182
00:06:52,600 –> 00:06:55,360
And that means understanding what a control plane actually is,
183
00:06:55,360 –> 00:06:57,720
and what it means when you exceed its entropy budget.
184
00:06:57,720 –> 00:07:00,280
A control plane is the set of systems, policies,
185
00:07:00,280 –> 00:07:02,360
and processes that enforce intent at scale.
186
00:07:02,360 –> 00:07:03,920
It’s not a feature, it’s the mechanism
187
00:07:03,920 –> 00:07:06,000
that makes behavior predictable and auditable.
188
00:07:06,000 –> 00:07:09,200
Microsoft has three primary control planes in 2026.
189
00:07:09,200 –> 00:07:15,360
Identity, EntryD, Productivity, Microsoft 365, Infrastructure, Azure.
190
00:07:15,360 –> 00:07:16,760
Each one has an entropy budget.
191
00:07:16,760 –> 00:07:19,880
The amount of complexity it can absorb before governance fails.
192
00:07:19,880 –> 00:07:22,520
Most organizations have exceeded their entropy budget
193
00:07:22,520 –> 00:07:23,840
in at least one plane.
194
00:07:23,840 –> 00:07:26,200
Often all three, start with identity.
195
00:07:26,200 –> 00:07:29,600
EntryD is not just an identity provider, that’s the marketing term.
196
00:07:29,600 –> 00:07:31,920
Architecturally, it’s a distributed decision engine
197
00:07:31,920 –> 00:07:35,320
making thousands of real-time authorization decisions every second.
198
00:07:35,320 –> 00:07:38,600
Every time a user signs in, every time a service requests access,
199
00:07:38,600 –> 00:07:40,880
every time an agent tries to use a resource,
200
00:07:40,880 –> 00:07:43,400
entry is making a decision, allow or deny.
201
00:07:43,400 –> 00:07:46,120
Based on what policy, here’s where entropy enters.
202
00:07:46,120 –> 00:07:49,120
Every accept clause added to a conditional access policy
203
00:07:49,120 –> 00:07:52,680
converts a deterministic security model into a probabilistic one,
204
00:07:52,680 –> 00:07:55,440
your delegating decisions you never revisited.
205
00:07:55,440 –> 00:07:58,600
A policy says require MFA for all users except,
206
00:07:58,600 –> 00:08:01,800
and then six months later nobody remembers why that exception exists.
207
00:08:01,800 –> 00:08:03,880
It’s still there, it’s still creating risk,
208
00:08:03,880 –> 00:08:06,080
and it’s still making the system less predictable.
209
00:08:06,080 –> 00:08:09,480
By the time you map the identity control plane in a typical enterprise,
210
00:08:09,480 –> 00:08:12,880
you find one 200 direct role assignments that should be 50.
211
00:08:12,880 –> 00:08:15,560
You find 23 global administrators that should be three.
212
00:08:15,560 –> 00:08:19,360
You find service principles with permanent credentials that should be time-bound.
213
00:08:19,360 –> 00:08:21,640
You find access reviews that were never automated.
214
00:08:21,640 –> 00:08:24,240
You find life cycle automation that was never implemented.
215
00:08:24,240 –> 00:08:26,240
The control plane has collapsed into chaos.
216
00:08:26,240 –> 00:08:27,480
Move to productivity.
217
00:08:27,480 –> 00:08:30,160
Microsoft 365 creates collaboration entropy.
218
00:08:30,160 –> 00:08:32,200
Unmanage teams with sensitive data.
219
00:08:32,200 –> 00:08:33,760
Shadow data stores in SharePoint.
220
00:08:33,760 –> 00:08:37,040
Uncontrolled co-pilot interactions with proprietary information.
221
00:08:37,040 –> 00:08:39,360
A citizen developer creates a flow in power automate
222
00:08:39,360 –> 00:08:42,360
that exports production data to a personal cloud storage account.
223
00:08:42,360 –> 00:08:44,320
Nobody approved it, nobody knows it exists,
224
00:08:44,320 –> 00:08:46,360
until it becomes a compliance incident.
225
00:08:46,360 –> 00:08:50,240
The productivity control plane is supposed to enforce what data can flow where,
226
00:08:50,240 –> 00:08:53,360
who can access what and what happens when policies are violated.
227
00:08:53,360 –> 00:08:55,840
But most organizations never built that control plane.
228
00:08:55,840 –> 00:08:57,240
They just enabled the tools,
229
00:08:57,240 –> 00:09:01,400
and now they have 430 unmanaged flows with no data loss prevention policies.
230
00:09:01,400 –> 00:09:03,680
87 unmanaged apps with no governance model.
231
00:09:03,680 –> 00:09:06,800
Citizen developers empowered to build without guardrails.
232
00:09:06,800 –> 00:09:09,720
Then infrastructure, Azure is a sprawl generator.
233
00:09:09,720 –> 00:09:11,120
Subscriptions multiply.
234
00:09:11,120 –> 00:09:13,000
Resources are created without governance.
235
00:09:13,000 –> 00:09:14,680
Cost entropy builds silently.
236
00:09:14,680 –> 00:09:17,840
A team spins up a development environment and forgets to delete it.
237
00:09:17,840 –> 00:09:19,360
Six months later it’s still running.
238
00:09:19,360 –> 00:09:21,360
Nobody owns it, nobody monitors it.
239
00:09:21,360 –> 00:09:24,200
The bill arrives and nobody can explain where the money went.
240
00:09:24,200 –> 00:09:28,600
The infrastructure control plane is supposed to enforce consistent governance across all resources.
241
00:09:28,600 –> 00:09:32,920
Consistent tagging, consistent access controls, consistent cost management.
242
00:09:32,920 –> 00:09:35,880
But most organizations never established that baseline.
243
00:09:35,880 –> 00:09:37,520
They just started using Azure.
244
00:09:37,520 –> 00:09:41,520
And now they have subscriptions organized by department instead of governance model.
245
00:09:41,520 –> 00:09:44,480
Reserved instances that don’t match actual usage.
246
00:09:44,480 –> 00:09:46,960
Multi-region deployments without clear failover strategy.
247
00:09:46,960 –> 00:09:47,800
Here’s what matters.
248
00:09:47,800 –> 00:09:51,480
The consultant who understands these three planes as interconnected systems.
249
00:09:51,480 –> 00:09:54,040
Not separate tools becomes the architect of necessity.
250
00:09:54,040 –> 00:09:55,640
This is not about individual features.
251
00:09:55,640 –> 00:09:58,400
It’s about how intent is enforced across the entire system.
252
00:09:58,400 –> 00:10:02,120
How decisions are made, how policies are applied, how behavior is audited.
253
00:10:02,120 –> 00:10:06,400
When you frame it this way, you’re no longer competing on hourly rate or implementation speed.
254
00:10:06,400 –> 00:10:11,880
You’re competing on the ability to reduce risk, enforce compliance and prevent the architectural decay that costs millions.
255
00:10:11,880 –> 00:10:17,080
You’re competing on necessity, a breach costs two millions, an audit failure costs 500K in fines.
256
00:10:17,080 –> 00:10:19,440
A failed migration costs one million in rework.
257
00:10:19,440 –> 00:10:22,880
A governance remediation costs 150K and prevents all three.
258
00:10:22,880 –> 00:10:23,840
One is a project.
259
00:10:23,840 –> 00:10:24,920
The other is insurance.
260
00:10:24,920 –> 00:10:27,080
This is the positioning that commands premium pricing.
261
00:10:27,080 –> 00:10:30,120
Not because you’re smarter, because you’re solving a different problem.
262
00:10:30,120 –> 00:10:32,760
You’re not building features, you’re architecting control.
263
00:10:32,760 –> 00:10:37,480
And control is what keeps systems predictable, compliant and secure at scale.
264
00:10:37,480 –> 00:10:39,360
The three-plane assessment framework.
265
00:10:39,360 –> 00:10:43,480
To position yourself as an architect, you need a diagnostic lens that reveals entropy.
266
00:10:43,480 –> 00:10:44,920
Most consultants don’t have one.
267
00:10:44,920 –> 00:10:47,920
They walk into an organization and ask, what do you need built?
268
00:10:47,920 –> 00:10:52,240
The right question is, how much entropy are you carrying and where is it creating the most risk?
269
00:10:52,240 –> 00:10:56,680
The three-plane assessment is how you uncover the hidden problems that executives don’t yet see.
270
00:10:56,680 –> 00:10:57,880
It’s your diagnostic tool.
271
00:10:57,880 –> 00:11:02,280
It’s also your first engagement and it’s paid work, not a free discovery call.
272
00:11:02,280 –> 00:11:03,520
Start with the identity plane.
273
00:11:03,520 –> 00:11:04,880
Map all identity types.
274
00:11:04,880 –> 00:11:05,960
Human identities.
275
00:11:05,960 –> 00:11:07,240
Service identities.
276
00:11:07,240 –> 00:11:08,360
Agent identities.
277
00:11:08,360 –> 00:11:09,480
Guest identities.
278
00:11:09,480 –> 00:11:10,880
Measure role assignment drift.
279
00:11:10,880 –> 00:11:16,720
Count how many direct role assignments exist versus how many should exist based on the organization’s size and structure.
280
00:11:16,720 –> 00:11:18,440
Quantify privileged account creep.
281
00:11:18,440 –> 00:11:19,800
How many global administrators?
282
00:11:19,800 –> 00:11:22,200
How many service accounts with permanent credentials?
283
00:11:22,200 –> 00:11:27,600
Assess conditional access coverage. What percentage of sign-in events are evaluated by conditional access policies?
284
00:11:27,600 –> 00:11:29,600
What percentage bypass them entirely?
285
00:11:29,600 –> 00:11:31,720
When you run this assessment, you’ll find patterns.
286
00:11:31,720 –> 00:11:36,480
Most organizations will have 40% or more of identities with excessive permissions.
287
00:11:36,480 –> 00:11:40,160
60% or more of privileged accounts with no just-in-time controls.
288
00:11:40,160 –> 00:11:44,680
80% or more of conditional access policies with accept clauses that undermine security.
289
00:11:44,680 –> 00:11:48,120
These numbers are directional, but they’re consistent across industries.
290
00:11:48,120 –> 00:11:51,880
Move to the productivity plane, inventory, all collaboration tools.
291
00:11:51,880 –> 00:11:57,160
Teams, SharePoint, OneDrive, Power Platform, Measure Shadow IT, how many apps existed aren’t governed?
292
00:11:57,160 –> 00:11:59,080
How many flows? How many canvas apps?
293
00:11:59,080 –> 00:12:00,760
Assess data loss prevention coverage.
294
00:12:00,760 –> 00:12:03,600
What percentage of data flows are protected by DLP policies?
295
00:12:03,600 –> 00:12:04,880
What percentage move freely?
296
00:12:04,880 –> 00:12:06,880
They evaluate co-pilot governance maturity.
297
00:12:06,880 –> 00:12:11,280
Other policies controlling which data co-pilot can access or is co-pilot accessing everything.
298
00:12:11,280 –> 00:12:13,800
Standard findings. 300 ungoverned flows.
299
00:12:13,800 –> 00:12:16,360
50 unmanaged teams with sensitive data.
300
00:12:16,360 –> 00:12:19,760
Zero visibility into co-pilot interactions with proprietary information.
301
00:12:19,760 –> 00:12:24,560
A citizen developer created a flow last month that exports customer data to a personal cloud storage account.
302
00:12:24,560 –> 00:12:27,040
Nobody approved it. Nobody knows it exists.
303
00:12:27,040 –> 00:12:30,240
Until it becomes a compliance incident, then the infrastructure plane.
304
00:12:30,240 –> 00:12:31,840
Map subscription structure.
305
00:12:31,840 –> 00:12:35,360
Our subscriptions organized by business unit or by governance model,
306
00:12:35,360 –> 00:12:36,680
measure governance consistency.
307
00:12:36,680 –> 00:12:40,040
Do all subscriptions have consistent tagging, consistent access controls,
308
00:12:40,040 –> 00:12:43,840
consistent cost management policies, evaluate cost optimization maturity?
309
00:12:43,840 –> 00:12:47,160
Our reserved instances being used are they matching actual consumption,
310
00:12:47,160 –> 00:12:51,440
assessed disaster recovery readiness can the organization actually recover from a regional failure,
311
00:12:51,440 –> 00:12:52,520
or is it theoretical?
312
00:12:52,520 –> 00:12:53,400
Standard findings.
313
00:12:53,400 –> 00:12:56,160
Subscriptions organized by department, not governance,
314
00:12:56,160 –> 00:12:58,520
inconsistent tagging across environments.
315
00:12:58,520 –> 00:13:01,280
Reserved instances that don’t match actual usage.
316
00:13:01,280 –> 00:13:04,240
Multi-region deployments without clear failover strategy.
317
00:13:04,240 –> 00:13:07,680
A development environment was spun up six months ago and never deleted.
318
00:13:07,680 –> 00:13:11,600
It’s still running. It’s still costing money. Nobody owns it.
319
00:13:11,600 –> 00:13:13,120
Here’s the critical part.
320
00:13:13,120 –> 00:13:15,440
The assessment itself becomes your first engagement.
321
00:13:15,440 –> 00:13:17,880
Not a free discovery call, not a two hour workshop.
322
00:13:17,880 –> 00:13:21,920
A paid diagnostic that costs 8K to 15K and takes two to three weeks.
323
00:13:21,920 –> 00:13:25,400
It delivers a 20 page risk report that shows exactly where the entropy is
324
00:13:25,400 –> 00:13:27,240
and what it’s costing the organization.
325
00:13:27,240 –> 00:13:30,960
This report becomes your sales document for the remediation engagement.
326
00:13:30,960 –> 00:13:32,880
It becomes the justification for the investment.
327
00:13:32,880 –> 00:13:36,120
It becomes the baseline that makes your remediation work measurable.
328
00:13:36,120 –> 00:13:37,880
You can show before and after metrics.
329
00:13:37,880 –> 00:13:40,280
Roll assignments reduced by 85%.
330
00:13:40,280 –> 00:13:43,240
Privileged accounts brought under just in time control.
331
00:13:43,240 –> 00:13:44,680
Compliance gaps closed.
332
00:13:44,680 –> 00:13:46,240
Audit findings eliminated.
333
00:13:46,240 –> 00:13:49,680
The assessment positions you as the expert who sees what others miss.
334
00:13:49,680 –> 00:13:51,560
It establishes credibility.
335
00:13:51,560 –> 00:13:54,320
It demonstrates that you understand their specific situation,
336
00:13:54,320 –> 00:13:56,160
not generic best practices.
337
00:13:56,160 –> 00:13:59,040
And it creates a clear path to the remediation engagement,
338
00:13:59,040 –> 00:14:02,080
which is where the real value lives and where the real money is made.
339
00:14:02,080 –> 00:14:03,880
Most consultants give away discovery.
340
00:14:03,880 –> 00:14:05,320
They compete on the free call.
341
00:14:05,320 –> 00:14:07,560
They hope to convert it to a project.
342
00:14:07,560 –> 00:14:10,920
The 100K consultant charges for discovery because discovery is work.
343
00:14:10,920 –> 00:14:12,200
It’s valuable work.
344
00:14:12,200 –> 00:14:16,400
It’s the work that justifies everything that comes after the client scenario A,
345
00:14:16,400 –> 00:14:18,040
identity entropy collapse.
346
00:14:18,040 –> 00:14:21,360
Let’s ground this in a real scenario that shows how entropy compounds
347
00:14:21,360 –> 00:14:23,200
and how it becomes your entry point.
348
00:14:23,200 –> 00:14:27,440
A global financial services firm with 8,000 employees across 15 regions
349
00:14:27,440 –> 00:14:29,040
had grown through acquisition.
350
00:14:29,040 –> 00:14:32,080
Each acquisition brought its own active directory forest.
351
00:14:32,080 –> 00:14:35,400
Its own intratenant configuration, its own identity governance model.
352
00:14:35,400 –> 00:14:39,240
By 2025, the organization had consolidated into a single tenant.
353
00:14:39,240 –> 00:14:41,320
But the entropy never got cleaned up.
354
00:14:41,320 –> 00:14:45,600
What they actually had, 1,200 direct role assignments when best practices 50 to 100.
355
00:14:45,600 –> 00:14:49,120
23 global administrators when the number should be 3 to 5.
356
00:14:49,120 –> 00:14:50,840
No privileged identity management.
357
00:14:50,840 –> 00:14:51,840
No access reviews.
358
00:14:51,840 –> 00:14:53,120
No life cycle automation.
359
00:14:53,120 –> 00:14:57,120
Security audit flagged 847 service principles with permanent credentials
360
00:14:57,120 –> 00:14:58,520
and no rotation schedule.
361
00:14:58,520 –> 00:15:00,440
Nobody knew those service principles existed.
362
00:15:00,440 –> 00:15:02,080
Nobody knew what they had access to.
363
00:15:02,080 –> 00:15:04,160
Nobody knew when they were created or why.
364
00:15:04,160 –> 00:15:05,040
Then the breach happened.
365
00:15:05,040 –> 00:15:08,960
A compromised service account from an acquired company had access to core financial systems.
366
00:15:08,960 –> 00:15:11,320
The attacker used it for 6 months before detection.
367
00:15:11,320 –> 00:15:14,800
By the time the organization realized what happened, the damage was substantial.
368
00:15:14,800 –> 00:15:18,480
2.3 million dollars in forensics, remediation and regulatory fines.
369
00:15:18,480 –> 00:15:19,960
The breach made the board meeting.
370
00:15:19,960 –> 00:15:21,680
The CEO had to notify regulators.
371
00:15:21,680 –> 00:15:25,480
The organization faced customer notification costs and reputational damage.
372
00:15:25,480 –> 00:15:26,400
But here’s what matters.
373
00:15:26,400 –> 00:15:27,760
The breach wasn’t the root cause.
374
00:15:27,760 –> 00:15:29,160
The breach was the symptom.
375
00:15:29,160 –> 00:15:31,120
The root cause was architectural entropy.
376
00:15:31,120 –> 00:15:34,720
The organization had 1,200 identities with excessive permissions.
377
00:15:34,720 –> 00:15:37,720
847 service principles with permanent credentials.
378
00:15:37,720 –> 00:15:41,800
No automation to detect when a service account was being used inappropriately.
379
00:15:41,800 –> 00:15:44,560
No policies to revoke access when it wasn’t needed.
380
00:15:44,560 –> 00:15:48,280
No life cycle automation to retire service principles when projects ended.
381
00:15:48,280 –> 00:15:50,760
The organization realized the problem wasn’t the breach.
382
00:15:50,760 –> 00:15:53,440
It was the architectural decay that made the breach possible.
383
00:15:53,440 –> 00:15:57,640
They engaged a consultant, not you yet, to implement EntraID governance.
384
00:15:57,640 –> 00:16:01,000
That consultant built the features, access reviews, entitlement management,
385
00:16:01,000 –> 00:16:02,520
privilege identity management.
386
00:16:02,520 –> 00:16:04,440
The consultant implemented the tools.
387
00:16:04,440 –> 00:16:08,560
The organization still had entropy because the consultant didn’t address the underlying problem.
388
00:16:08,560 –> 00:16:09,600
Unclear ownership.
389
00:16:09,600 –> 00:16:10,760
No life cycle automation.
390
00:16:10,760 –> 00:16:12,800
No policy-driven access decisions.
391
00:16:12,800 –> 00:16:13,680
Enter you.
392
00:16:13,680 –> 00:16:17,280
You position this as an architectural entropy remediation engagement.
393
00:16:17,280 –> 00:16:18,640
You start with the assessment.
394
00:16:18,640 –> 00:16:20,320
Map all 1,200 roll assignments.
395
00:16:20,320 –> 00:16:22,400
Identify which are legitimate and which are drift.
396
00:16:22,400 –> 00:16:24,440
Establish a baseline risk score.
397
00:16:24,440 –> 00:16:28,560
Document the current state in the 20 page report that shows exactly where the entropy is.
398
00:16:28,560 –> 00:16:30,000
Then the remediation phase.
399
00:16:30,000 –> 00:16:31,640
Implement life cycle automation.
400
00:16:31,640 –> 00:16:35,040
So access is provisioned from HR systems, not ad hoc tickets.
401
00:16:35,040 –> 00:16:39,840
Establish roll-based access control with clear ownership so every roll has a business justification.
402
00:16:39,840 –> 00:16:42,440
Enable just in time access for privileged rolls.
403
00:16:42,440 –> 00:16:44,680
So standing admin access doesn’t exist.
404
00:16:44,680 –> 00:16:47,640
Automate access reviews with AI-driven recommendations.
405
00:16:47,640 –> 00:16:50,160
So reviews complete in two weeks instead of eight.
406
00:16:50,160 –> 00:16:53,520
After 12 weeks, roll assignments reduced to 180.
407
00:16:53,520 –> 00:16:55,160
That’s an 85% reduction.
408
00:16:55,160 –> 00:16:56,400
Global admins reduced to four.
409
00:16:56,400 –> 00:16:58,280
That’s an 82% reduction.
410
00:16:58,280 –> 00:17:01,200
100% of privileged access now time bound.
411
00:17:01,200 –> 00:17:04,840
Access reviews automated and completing in two weeks instead of eight.
412
00:17:04,840 –> 00:17:08,800
Audit result zero findings related to identity governance.
413
00:17:08,800 –> 00:17:12,520
This engagement costs 120,000 to 180,000 dollars.
414
00:17:12,520 –> 00:17:13,960
It takes 12 weeks.
415
00:17:13,960 –> 00:17:18,320
But the value is measured in risk reduction, audit compliance and incident prevention,
416
00:17:18,320 –> 00:17:19,960
not in the number of apps built.
417
00:17:19,960 –> 00:17:21,880
The organization avoided another breach.
418
00:17:21,880 –> 00:17:23,200
They passed their audit.
419
00:17:23,200 –> 00:17:24,880
They reduced their regulatory risk.
420
00:17:24,880 –> 00:17:28,240
This is the engagement model that generates 100k plus annually.
421
00:17:28,240 –> 00:17:32,120
This is what separates the commodity consultant from the architect of necessity.
422
00:17:32,120 –> 00:17:35,520
One consultant sees we need to implement EntraID governance.
423
00:17:35,520 –> 00:17:39,200
The other consultant sees you have architectural entropy that’s creating
424
00:17:39,200 –> 00:17:41,560
breach risk, audit risk and compliance risk.
425
00:17:41,560 –> 00:17:45,120
I can quantify it, remediate it and prevent the next incident.
426
00:17:45,120 –> 00:17:47,920
Same tools, different positioning, different pricing,
427
00:17:47,920 –> 00:17:51,440
different client acquisition strategy, client scenario B,
428
00:17:51,440 –> 00:17:53,960
power platform governance chaos.
429
00:17:53,960 –> 00:17:55,840
Identity is one plane.
430
00:17:55,840 –> 00:18:00,760
Productivity entropy is equally destructive and it’s where most organizations are completely blind.
431
00:18:00,760 –> 00:18:07,560
A mid-market manufacturing company with 2,000 employees adopted power platform to empower citizen developers.
432
00:18:07,560 –> 00:18:08,800
The narrative was compelling.
433
00:18:08,800 –> 00:18:11,720
Business users could build apps without IT bottlenecks.
434
00:18:11,720 –> 00:18:15,000
Operations could create automations without waiting for custom development.
435
00:18:15,000 –> 00:18:17,960
Finance could build dashboards without hiring data analysts.
436
00:18:17,960 –> 00:18:20,640
The organization enabled the platform and stepped back.
437
00:18:20,640 –> 00:18:24,160
By 2025, they had 430 unmanaged flows.
438
00:18:24,160 –> 00:18:28,760
87 unmanaged canvas apps, zero data loss prevention policies, no environment tearing,
439
00:18:28,760 –> 00:18:30,880
no solution management, no governance model.
440
00:18:30,880 –> 00:18:36,400
Citizen developers were creating flows that accessed sensitive manufacturing data without approval.
441
00:18:36,400 –> 00:18:37,600
Nobody knew what they were building.
442
00:18:37,600 –> 00:18:39,640
Nobody knew what data they were accessing.
443
00:18:39,640 –> 00:18:41,720
Nobody knew what could go wrong until it did.
444
00:18:41,720 –> 00:18:47,080
A citizen developer in operations created a flow that exported production schedules to a personal one drive,
445
00:18:47,080 –> 00:18:48,440
the flow ran every day.
446
00:18:48,440 –> 00:18:51,800
It exported the complete manufacturing schedule for the next quarter.
447
00:18:51,800 –> 00:18:56,720
When the data was accidentally shared externally, a misconfigured sharing setting, a forwarded email,
448
00:18:56,720 –> 00:19:01,720
a compromised account, the company faced compliance violations and customer notification costs.
449
00:19:01,720 –> 00:19:04,880
The breach exposed proprietary manufacturing data to competitors.
450
00:19:04,880 –> 00:19:06,800
The organization had to notify customers.
451
00:19:06,800 –> 00:19:08,200
They faced regulatory fines.
452
00:19:08,200 –> 00:19:09,400
The damage was substantial.
453
00:19:09,400 –> 00:19:11,120
But again, the breach wasn’t the root cause.
454
00:19:11,120 –> 00:19:13,280
The root cause was architectural entropy.
455
00:19:13,280 –> 00:19:17,240
The organization had empowered citizen development without establishing governance.
456
00:19:17,240 –> 00:19:19,520
430 flows with no approval process.
457
00:19:19,520 –> 00:19:21,440
87 apps with no data classification.
458
00:19:21,440 –> 00:19:24,120
No policies controlling what data could flow where.
459
00:19:24,120 –> 00:19:26,680
No visibility into what citizen developers were building.
460
00:19:26,680 –> 00:19:30,280
They hired a consultant to set up power platform governance.
461
00:19:30,280 –> 00:19:32,040
That consultant created environments.
462
00:19:32,040 –> 00:19:33,360
Set up DLP policies.
463
00:19:33,360 –> 00:19:36,000
Trained admins on the power platform admin center.
464
00:19:36,000 –> 00:19:40,480
The organization still had entropy because 200 flows were already built without governance.
465
00:19:40,480 –> 00:19:43,400
Citizen developers didn’t understand why their flows were being blocked.
466
00:19:43,400 –> 00:19:46,280
There was no clear policy for what was allowed and what wasn’t.
467
00:19:46,280 –> 00:19:48,360
No ownership model for existing apps.
468
00:19:48,360 –> 00:19:53,160
The governance was imposed from above, not integrated into the development process.
469
00:19:53,160 –> 00:19:53,920
Enter you.
470
00:19:53,920 –> 00:19:57,920
You position this as power platform entropy remediation and governance maturity.
471
00:19:57,920 –> 00:20:03,040
You start with the assessment, inventory all 430 flows, classify them by risk level, critical,
472
00:20:03,040 –> 00:20:07,720
high, medium, low, identify which ones violate data classification policies.
473
00:20:07,720 –> 00:20:09,040
Assess which ones should be retired.
474
00:20:09,040 –> 00:20:12,520
You discover 180 flows are duplicative or obsolete.
475
00:20:12,520 –> 00:20:16,080
120 flows access sensitive data without proper controls.
476
00:20:16,080 –> 00:20:17,440
80 flows are often.
477
00:20:17,440 –> 00:20:18,440
Nobody knows who owns them.
478
00:20:18,440 –> 00:20:19,440
They’re still running.
479
00:20:19,440 –> 00:20:20,440
They’re still accessing data.
480
00:20:20,440 –> 00:20:22,000
Nobody’s responsible for them.
481
00:20:22,000 –> 00:20:23,520
Then the remediation phase.
482
00:20:23,520 –> 00:20:25,480
Retire the obsolete flows.
483
00:20:25,480 –> 00:20:26,800
Establish environment tiering.
484
00:20:26,800 –> 00:20:29,360
So sandbox is for experimentation.
485
00:20:29,360 –> 00:20:30,360
Development is for building.
486
00:20:30,360 –> 00:20:32,000
Test is for validation.
487
00:20:32,000 –> 00:20:34,360
Production is for live workloads.
488
00:20:34,360 –> 00:20:38,480
Implement data loss prevention policies that allow citizen developers to build but prevent
489
00:20:38,480 –> 00:20:40,000
data exfiltration.
490
00:20:40,000 –> 00:20:43,440
Establish a governance model with clear ownership and approval workflows.
491
00:20:43,440 –> 00:20:44,560
Automate compliance monitoring.
492
00:20:44,560 –> 00:20:47,000
So violations are detected in real time.
493
00:20:47,000 –> 00:20:50,720
For 8 weeks, flow inventory reduced from 430 to 210.
494
00:20:50,720 –> 00:20:52,200
That’s a 51% reduction.
495
00:20:52,200 –> 00:20:54,800
All remaining flows classified and governed.
496
00:20:54,800 –> 00:20:58,200
Citizen developers trained and empowered to build safely.
497
00:20:58,200 –> 00:20:59,720
Compliance monitoring automated.
498
00:20:59,720 –> 00:21:00,720
Cost.
499
00:21:00,720 –> 00:21:03,640
60,000 to 90,000 dollars for the assessment and remediation.
500
00:21:03,640 –> 00:21:09,800
But this engagement often leads to a 6-12 month advisory retainer at 8,000 to 12,000 dollars
501
00:21:09,800 –> 00:21:13,880
per month to maintain governance as citizen development continues.
502
00:21:13,880 –> 00:21:15,840
That’s recurring revenue, not project revenue.
503
00:21:15,840 –> 00:21:21,840
The three years, the retainer is worth $360,000 versus the projects one time 60 to 90,000.
504
00:21:21,840 –> 00:21:26,080
This is where the real business model lives, not in one time remediation projects, in ongoing
505
00:21:26,080 –> 00:21:29,080
advisory relationships that scale without proportional effort.
506
00:21:29,080 –> 00:21:32,800
This is how you transition from hourly billing to retainer based recurring revenue.
507
00:21:32,800 –> 00:21:37,520
This is how you build a predictable scalable consulting business that generates 100K+ annually
508
00:21:37,520 –> 00:21:38,840
without burning out.
509
00:21:38,840 –> 00:21:43,520
The consultant who sees power platform as a tool to build apps, loses to the lowest bidder.
510
00:21:43,520 –> 00:21:47,480
The consultant who sees power platform as a governance problem that requires ongoing management
511
00:21:47,480 –> 00:21:49,000
becomes indispensable.
512
00:21:49,000 –> 00:21:53,440
Same platform, different positioning, different pricing, different business model, the pricing
513
00:21:53,440 –> 00:21:55,840
shift from projects to retainers.
514
00:21:55,840 –> 00:22:00,440
Once you understand how to position governance, the pricing model changes fundamentally.
515
00:22:00,440 –> 00:22:05,800
Most consultants price by the hour or by the project, $150,000 to $250,000 per hour or
516
00:22:05,800 –> 00:22:08,880
$50,000 to $150,000 per project.
517
00:22:08,880 –> 00:22:12,560
This model commoditizes you because clients can compare your rate to others.
518
00:22:12,560 –> 00:22:15,400
They can shop, they can negotiate, they can find someone cheaper.
519
00:22:15,400 –> 00:22:18,720
You’re competing on price because that’s the only dimension that matters when the deliverable
520
00:22:18,720 –> 00:22:19,880
is generic.
521
00:22:19,880 –> 00:22:25,840
The 100K+ consultant prices by value and risk mitigation, not by hours or deliverables.
522
00:22:25,840 –> 00:22:30,000
The pricing model has three tiers and each tier builds on the previous one.
523
00:22:30,000 –> 00:22:35,200
Assessment tier 8,000 to 15,000 for a 2-3 week diagnostic that uncovers entropy across
524
00:22:35,200 –> 00:22:36,680
one or more control planes.
525
00:22:36,680 –> 00:22:38,160
This is not a free discovery call.
526
00:22:38,160 –> 00:22:41,640
This is paid work that delivers a risk report and a remediation roadmap.
527
00:22:41,640 –> 00:22:44,400
You’re charging for your expertise, your analysis and your time.
528
00:22:44,400 –> 00:22:46,600
You’re signalling that your knowledge is valuable.
529
00:22:46,600 –> 00:22:49,920
Clients understand this because the assessment is low risk and high value.
530
00:22:49,920 –> 00:22:51,240
They get a concrete deliverable.
531
00:22:51,240 –> 00:22:54,480
They understand exactly where their entropy is and what it’s costing them.
532
00:22:54,480 –> 00:23:00,600
Remediation tier 80,000 to 200,000 depending on complexity and scope typically 8 to 16 weeks.
533
00:23:00,600 –> 00:23:04,360
This is where you implement the governance model, automate the controls and establish
534
00:23:04,360 –> 00:23:05,360
the baseline.
535
00:23:05,360 –> 00:23:07,040
This is where you deliver measurable outcomes.
536
00:23:07,040 –> 00:23:09,200
Roll assignments reduced by 85%.
537
00:23:09,200 –> 00:23:11,440
Privileged accounts brought under just in time control.
538
00:23:11,440 –> 00:23:12,920
Compliance gaps closed.
539
00:23:12,920 –> 00:23:14,440
Audit findings eliminated.
540
00:23:14,440 –> 00:23:18,240
The client sees before and after metrics that justify the investment.
541
00:23:18,240 –> 00:23:23,360
Advisory retainer tier 8,000 to 15,000 per month for ongoing governance maturity, policy updates
542
00:23:23,360 –> 00:23:24,360
and optimization.
543
00:23:24,360 –> 00:23:26,120
This is where the real money lives.
544
00:23:26,120 –> 00:23:28,480
Recurring revenue that scales without additional effort.
545
00:23:28,480 –> 00:23:33,160
A $10,000 per month retainer requires maybe 20 to 30 hours per month of your time.
546
00:23:33,160 –> 00:23:37,840
That’s half an FTE, but it generates $120,000 annually in recurring revenue.
547
00:23:37,840 –> 00:23:42,840
With 3 to 4 retainers you have 360,000 to 480,000 in recurring revenue.
548
00:23:42,840 –> 00:23:48,080
That means you only need to close 1 to 2 new remediation engagements per year to hit 500 K+ annual
549
00:23:48,080 –> 00:23:49,080
revenue.
550
00:23:49,080 –> 00:23:50,520
This is the power of the retainer model.
551
00:23:50,520 –> 00:23:52,680
It creates a stable, predictable business.
552
00:23:52,680 –> 00:23:55,520
It aligns consultant incentives with client outcomes.
553
00:23:55,520 –> 00:23:59,240
If you’re on a retainer, you want the governance to work well and stay stable.
554
00:23:59,240 –> 00:24:01,920
You don’t want to create churn that requires constant rework.
555
00:24:01,920 –> 00:24:05,560
You’re invested in the client’s success, not in selling them the next project.
556
00:24:05,560 –> 00:24:09,040
You can understand this model because it aligns with their business reality.
557
00:24:09,040 –> 00:24:10,560
Governance isn’t a one-time project.
558
00:24:10,560 –> 00:24:11,920
It’s an ongoing practice.
559
00:24:11,920 –> 00:24:17,040
As the organization grows, as new tools are adopted, as policies drift, as threats evolve.
560
00:24:17,040 –> 00:24:18,600
Governance requires continuous attention.
561
00:24:18,600 –> 00:24:22,320
The advisory retainer gives them access to expertise without having to hire full-time
562
00:24:22,320 –> 00:24:23,320
staff.
563
00:24:23,320 –> 00:24:26,520
They get a trusted advisor who understands their environment and their risk profile.
564
00:24:26,520 –> 00:24:28,680
The retainer also creates customer lock-in.
565
00:24:28,680 –> 00:24:32,600
Once a client has been on a retainer for 6 months or more, they’re unlikely to switch.
566
00:24:32,600 –> 00:24:33,600
Switching costs are high.
567
00:24:33,600 –> 00:24:37,440
They’d have to find a new consultant, get them up to speed on the governance model,
568
00:24:37,440 –> 00:24:38,720
rebuild the relationship.
569
00:24:38,720 –> 00:24:41,840
This is why retainer clients are your most valuable customers.
570
00:24:41,840 –> 00:24:43,160
They’re not one-time revenue.
571
00:24:43,160 –> 00:24:46,040
They’re multi-year relationships that scale your business.
572
00:24:46,040 –> 00:24:48,400
The retainer also creates opportunities for upselling.
573
00:24:48,400 –> 00:24:52,560
As you work with the client, you will identify new problems that require remediation work.
574
00:24:52,560 –> 00:24:57,440
A client on a $10,000 per month identity governance retainer might also need productivity,
575
00:24:57,440 –> 00:24:59,360
governance or infrastructure optimization.
576
00:24:59,360 –> 00:25:03,000
You can propose follow-on remediation engagements that expand the scope and increase
577
00:25:03,000 –> 00:25:04,760
the overall relationship value.
578
00:25:04,760 –> 00:25:09,880
This is the pricing shift that separates 80k consultants from 100k+ consultants.
579
00:25:09,880 –> 00:25:11,400
One sells hours or deliverables.
580
00:25:11,400 –> 00:25:15,640
The other sells risk reduction and compliance assurance on an ongoing basis.
581
00:25:15,640 –> 00:25:16,640
One competes on cost.
582
00:25:16,640 –> 00:25:18,480
The other doesn’t compete on cost at all.
583
00:25:18,480 –> 00:25:22,520
The pricing conversation never happens because the client understands that governance is
584
00:25:22,520 –> 00:25:24,240
a necessity, not a luxury.
585
00:25:24,240 –> 00:25:26,200
They’re not asking, “Can we afford this?”
586
00:25:26,200 –> 00:25:28,640
They’re asking, “Can we afford not to do this fair?”
587
00:25:28,640 –> 00:25:32,960
The positioning shift, from builder to architect, pricing is one dimension.
588
00:25:32,960 –> 00:25:33,960
The positioning is the other.
589
00:25:33,960 –> 00:25:38,840
And positioning determines whether clients see you as a commodity or as a necessity.
590
00:25:38,840 –> 00:25:42,680
You’re linked in profile, your website and your pitch all need to reflect the shift from
591
00:25:42,680 –> 00:25:44,360
builder to architect.
592
00:25:44,360 –> 00:25:49,640
Most consultant profiles say something like, “I implement power apps, Azure solutions,
593
00:25:49,640 –> 00:25:51,040
Android ID governance.”
594
00:25:51,040 –> 00:25:55,000
This positions you as a builder competing on technical skill and delivery speed.
595
00:25:55,000 –> 00:25:58,680
You’re in a race to the bottom with every other consultant who can code or configure.
596
00:25:58,680 –> 00:26:02,920
The 100k+ positioning says, “I architect control systems that reduce architect
597
00:26:02,920 –> 00:26:05,920
control entropy and enforce governance at scale.”
598
00:26:05,920 –> 00:26:09,880
This positions you as a strategist competing on risk reduction and business impact.
599
00:26:09,880 –> 00:26:11,400
You’re not competing on technical skill.
600
00:26:11,400 –> 00:26:15,520
You’re competing on whether the client’s systems are predictable, compliant and secure.
601
00:26:15,520 –> 00:26:18,160
Your case studies need to reflect this shift too.
602
00:26:18,160 –> 00:26:22,360
Most consultant case studies say, “We build 12 power apps in three months.”
603
00:26:22,360 –> 00:26:24,680
Or, “We migrated 50 servers to Azure.”
604
00:26:24,680 –> 00:26:25,680
This is a delivery story.
605
00:26:25,680 –> 00:26:27,360
It’s about speed and volume.
606
00:26:27,360 –> 00:26:32,880
The 100k+ case study says, “We reduce identity risk by 85%, automated compliance,
607
00:26:32,880 –> 00:26:35,280
and prevented a $2 million breach.”
608
00:26:35,280 –> 00:26:36,280
This is an outcome story.
609
00:26:36,280 –> 00:26:38,960
It’s about risk mitigation and business value.
610
00:26:38,960 –> 00:26:40,880
Your speaking engagements need to shift as well.
611
00:26:40,880 –> 00:26:45,120
The commodity consultant speaks about power apps best practices or, as your governance
612
00:26:45,120 –> 00:26:46,320
frameworks.
613
00:26:46,320 –> 00:26:52,040
The 100k+ consultant speaks about why architectural entropy is the real cost of cloud adoption,
614
00:26:52,040 –> 00:26:55,040
or how to measure and mitigate control plane drift.
615
00:26:55,040 –> 00:26:57,200
You’re not teaching people how to use tools.
616
00:26:57,200 –> 00:27:00,320
You’re teaching them how to think about governance as a strategic problem.
617
00:27:00,320 –> 00:27:01,720
Your content needs to shift too.
618
00:27:01,720 –> 00:27:04,960
The commodity consultant publishes tutorials on how to use tools.
619
00:27:04,960 –> 00:27:09,920
The 100k+ consultant publishes frameworks for thinking about governance, risk and architectural
620
00:27:09,920 –> 00:27:10,920
necessity.
621
00:27:10,920 –> 00:27:12,520
You’re not competing on technical knowledge.
622
00:27:12,520 –> 00:27:14,240
You’re competing on strategic insight.
623
00:27:14,240 –> 00:27:17,160
This positioning shift is what allows you to command premium pricing.
624
00:27:17,160 –> 00:27:20,520
When you’re positioned as a builder, you’re competing against other builders on speed and
625
00:27:20,520 –> 00:27:21,520
cost.
626
00:27:21,520 –> 00:27:25,040
When you’re positioned as an architect of necessity, you’re competing against the cost
627
00:27:25,040 –> 00:27:28,080
of not having governance, and that cost is always higher than your feet.
628
00:27:28,080 –> 00:27:30,440
The positioning shift also changes who you sell to.
629
00:27:30,440 –> 00:27:35,680
Instead of selling to IT operations managers, you’re selling to CSOs, CFOs and chief risk
630
00:27:35,680 –> 00:27:36,680
officers.
631
00:27:36,680 –> 00:27:38,160
These buyers have bigger budgets.
632
00:27:38,160 –> 00:27:39,800
They have longer decision cycles.
633
00:27:39,800 –> 00:27:41,960
They have higher tolerance for consulting fees.
634
00:27:41,960 –> 00:27:43,280
They’re not buying implementation.
635
00:27:43,280 –> 00:27:45,880
They’re buying risk mitigation and compliance assurance.
636
00:27:45,880 –> 00:27:46,880
This is critical.
637
00:27:46,880 –> 00:27:50,840
The IT operations manager is asking, “Can we afford to hire this consultant?”
638
00:27:50,840 –> 00:27:54,000
The CSO is asking, “Can we afford not to hire this consultant?”
639
00:27:54,000 –> 00:27:55,000
One is a cost center.
640
00:27:55,000 –> 00:27:57,200
The other is a risk management investment.
641
00:27:57,200 –> 00:27:58,640
The conversation is completely different.
642
00:27:58,640 –> 00:28:01,720
Your positioning also determines how you talk about competitors.
643
00:28:01,720 –> 00:28:04,640
The commodity consultant compares themselves to other consultants.
644
00:28:04,640 –> 00:28:08,240
The 100K+ consultant compares themselves to the cost of inaction.
645
00:28:08,240 –> 00:28:09,720
You’re not cheaper than the other guy.
646
00:28:09,720 –> 00:28:11,160
You’re cheaper than a breach.
647
00:28:11,160 –> 00:28:12,720
You’re cheaper than an audit failure.
648
00:28:12,720 –> 00:28:14,600
You’re cheaper than a failed migration.
649
00:28:14,600 –> 00:28:19,320
This is the mindset shift that separates commodity consultants from architects of necessity.
650
00:28:19,320 –> 00:28:20,520
You’re not selling hours.
651
00:28:20,520 –> 00:28:21,840
You’re not selling deliverables.
652
00:28:21,840 –> 00:28:24,440
You’re selling the prevention of architectural decay.
653
00:28:24,440 –> 00:28:28,960
You’re selling the ability to keep systems predictable, compliant and secure at scale.
654
00:28:28,960 –> 00:28:33,880
That’s worth whatever you charge because the alternative is exponentially more expensive.
655
00:28:33,880 –> 00:28:36,080
The client acquisition strategy inbound.
656
00:28:36,080 –> 00:28:39,640
Once your position as an architect inbound leads start to come naturally.
657
00:28:39,640 –> 00:28:40,720
You don’t have to chase them.
658
00:28:40,720 –> 00:28:44,320
They come to you because you’ve articulated their problem better than they could articulated
659
00:28:44,320 –> 00:28:45,320
themselves.
660
00:28:45,320 –> 00:28:49,960
Inbound client acquisition happens through thought, leadership, content and community presence.
661
00:28:49,960 –> 00:28:51,320
The mechanism is straightforward.
662
00:28:51,320 –> 00:28:56,400
You publish content about architectural entropy, governance frameworks and control plane maturity.
663
00:28:56,400 –> 00:29:00,720
This content attracts IT architects and security leaders who are struggling with the same problems.
664
00:29:00,720 –> 00:29:03,520
They reach out to you because you’ve named the disease.
665
00:29:03,520 –> 00:29:05,960
You’ve given them language for what they’re experiencing.
666
00:29:05,960 –> 00:29:07,200
You’ve shown them a path forward.
667
00:29:07,200 –> 00:29:09,400
The content types that work are specific.
668
00:29:09,400 –> 00:29:13,960
Long form articles on architectural entropy and how it compounds over time.
669
00:29:13,960 –> 00:29:19,160
Frameworks for assessing control plane maturity across identity, productivity and infrastructure.
670
00:29:19,160 –> 00:29:23,360
Case studies showing before and after metrics that prove the value of remediation.
671
00:29:23,360 –> 00:29:27,320
Videos explaining why feature work is commoditized but governance is premium.
672
00:29:27,320 –> 00:29:31,880
LinkedIn posts that challenge conventional thinking about cloud adoption and governance.
673
00:29:31,880 –> 00:29:33,120
Distribution channels matter.
674
00:29:33,120 –> 00:29:34,400
But you don’t need to be everywhere.
675
00:29:34,400 –> 00:29:38,560
You need to be authoritative in the niche of Microsoft architectural governance.
676
00:29:38,560 –> 00:29:42,640
LinkedIn is your primary channel because your target buyers, CISOs, IT directors, chief
677
00:29:42,640 –> 00:29:44,320
risk officers are active there.
678
00:29:44,320 –> 00:29:45,880
Your strategy is straightforward.
679
00:29:45,880 –> 00:29:50,880
Two to three times per week about architectural governance, identity, entropy, control plane maturity
680
00:29:50,880 –> 00:29:52,760
and the business case for governance.
681
00:29:52,760 –> 00:29:55,160
Engage with other architects and security leaders.
682
00:29:55,160 –> 00:29:56,680
Comment thoughtfully on their posts.
683
00:29:56,680 –> 00:29:57,920
Build relationships.
684
00:29:57,920 –> 00:29:59,840
Share your case studies and frameworks.
685
00:29:59,840 –> 00:30:04,920
Make them specific enough to be useful but abstract enough to be applicable across industries.
686
00:30:04,920 –> 00:30:09,000
The inbound mechanism takes three to six months to build momentum, but once it’s working,
687
00:30:09,000 –> 00:30:11,200
it generates 30 to 50% of your pipeline.
688
00:30:11,200 –> 00:30:15,440
This is high quality pipeline because the leads are already educated about the problem.
689
00:30:15,440 –> 00:30:17,120
They’re actively seeking a solution.
690
00:30:17,120 –> 00:30:19,640
They’ve self-qualified by engaging with your content.
691
00:30:19,640 –> 00:30:24,600
Conversion rates on inbound leads are typically 20 to 30% because they’re not cold prospects.
692
00:30:24,600 –> 00:30:27,600
They’re warm prospects who already understand the value of governance.
693
00:30:27,600 –> 00:30:29,640
They’ve already decided they need to do something.
694
00:30:29,640 –> 00:30:31,080
They’re just deciding who to hire.
695
00:30:31,080 –> 00:30:32,800
The sales process is shorter too.
696
00:30:32,800 –> 00:30:37,680
Cold outreach might take 12 weeks or more to move from first contact to signed engagement.
697
00:30:37,680 –> 00:30:42,360
Inbound leads often move from first conversation to assessment engagement in 4 to 6 weeks.
698
00:30:42,360 –> 00:30:44,160
They’re already convinced of the problem.
699
00:30:44,160 –> 00:30:46,880
They just need to understand your specific approach and your pricing.
700
00:30:46,880 –> 00:30:47,880
Here’s what matters.
701
00:30:47,880 –> 00:30:50,440
Inbound leads don’t require you to be a salesperson.
702
00:30:50,440 –> 00:30:52,160
They require you to be a thought leader.
703
00:30:52,160 –> 00:30:53,160
You’re not selling.
704
00:30:53,160 –> 00:30:54,160
You’re educating.
705
00:30:54,160 –> 00:30:55,160
You’re sharing frameworks.
706
00:30:55,160 –> 00:30:56,440
You’re publishing case studies.
707
00:30:56,440 –> 00:30:58,000
You’re building authority in a niche.
708
00:30:58,000 –> 00:31:00,840
The sales happen naturally because people reach out to you.
709
00:31:00,840 –> 00:31:02,720
This is also how you build defensibility.
710
00:31:02,720 –> 00:31:06,520
If you’re the person who publishes the framework for measuring architectural entropy, you’re
711
00:31:06,520 –> 00:31:09,120
the person everyone calls when they need to measure it.
712
00:31:09,120 –> 00:31:12,880
If you’re the person who articulates why control plane governance matters, you’re the
713
00:31:12,880 –> 00:31:15,040
person everyone calls when they need governance.
714
00:31:15,040 –> 00:31:16,480
You’ve made yourself the obvious choice.
715
00:31:16,480 –> 00:31:17,800
The content also compounds.
716
00:31:17,800 –> 00:31:21,880
A linked in post you published today might generate a lead 6 months from now.
717
00:31:21,880 –> 00:31:25,880
A framework you share might be referenced in an article someone writes next year.
718
00:31:25,880 –> 00:31:29,760
Your thought leadership becomes an asset that generates leads long after you’ve created it.
719
00:31:29,760 –> 00:31:31,720
This is why inbound is so valuable.
720
00:31:31,720 –> 00:31:34,840
The effort you put in upfront generates returns for years.
721
00:31:34,840 –> 00:31:36,480
But inbound takes time to build.
722
00:31:36,480 –> 00:31:38,320
You need to establish credibility.
723
00:31:38,320 –> 00:31:39,800
You need to publish consistently.
724
00:31:39,800 –> 00:31:41,360
You need to engage authentically.
725
00:31:41,360 –> 00:31:44,400
You need to build relationships with other architects and security leaders.
726
00:31:44,400 –> 00:31:48,960
This is a 3 to 6 month play before you see meaningful pipeline generation.
727
00:31:48,960 –> 00:31:50,720
Most consultants don’t have the patience for it.
728
00:31:50,720 –> 00:31:52,240
They want leads immediately.
729
00:31:52,240 –> 00:31:53,960
So they do outbound instead.
730
00:31:53,960 –> 00:31:55,240
Outbound works faster.
731
00:31:55,240 –> 00:31:56,560
But it’s also more exhausting.
732
00:31:56,560 –> 00:32:00,520
It requires constant prospecting, constant rejection, constant follow-up.
733
00:32:00,520 –> 00:32:02,600
The optimal strategy is to run both.
734
00:32:02,600 –> 00:32:06,000
Do outbound to generate immediate pipeline while you’re building inbound.
735
00:32:06,000 –> 00:32:09,120
As inbound builds momentum, it gradually replaces outbound.
736
00:32:09,120 –> 00:32:11,080
By month 12, you might be 50/50.
737
00:32:11,080 –> 00:32:14,640
By month 18, inbound is generating more pipeline than outbound.
738
00:32:14,640 –> 00:32:18,480
By month 24, you’re mostly inbound with selective outbound to fill gaps.
739
00:32:18,480 –> 00:32:19,800
This is the long term play.
740
00:32:19,800 –> 00:32:23,200
You’re building a business that generates leads without constant prospecting.
741
00:32:23,200 –> 00:32:26,520
You’re building authority that makes you the obvious choice when someone needs governance
742
00:32:26,520 –> 00:32:27,520
remediation.
743
00:32:27,520 –> 00:32:32,520
You’re building a moat around your consulting practice that competitors can’t easily replicate.
744
00:32:32,520 –> 00:32:36,600
The client acquisition strategy outbound inbound takes time to build.
745
00:32:36,600 –> 00:32:39,800
Outbound fills the pipeline while you’re establishing thought leadership.
746
00:32:39,800 –> 00:32:44,040
The acquisition is targeted, direct outreach to companies that have entropy signals.
747
00:32:44,040 –> 00:32:48,400
Entropy signals are indicators that a company is struggling with architectural decay.
748
00:32:48,400 –> 00:32:53,960
Recent breaches, failed audits, migration delays, high-cloud spend without corresponding value.
749
00:32:53,960 –> 00:32:56,040
Rapid adoption of new tools without governance.
750
00:32:56,040 –> 00:33:00,040
These are all signals that the organization has exceeded its entropy budget somewhere.
751
00:33:00,040 –> 00:33:02,480
You find these signals through multiple channels.
752
00:33:02,480 –> 00:33:05,480
News monitoring for breach announcements and regulatory fines.
753
00:33:05,480 –> 00:33:09,160
Linked in research for company announcements about new cloud initiatives, industry reports
754
00:33:09,160 –> 00:33:11,920
from analyst firms tracking cloud adoption.
755
00:33:11,920 –> 00:33:15,160
Direct research on company websites, earnings calls and job postings.
756
00:33:15,160 –> 00:33:19,120
A company that’s hiring five security engineers is dealing with a security problem.
757
00:33:19,120 –> 00:33:23,080
A company that’s announcing a co-pilot rollout is about to discover governance gaps.
758
00:33:23,080 –> 00:33:27,120
A company that’s migrating to Azure is going to face cost and compliance challenges.
759
00:33:27,120 –> 00:33:29,040
The outbound approach is specific.
760
00:33:29,040 –> 00:33:31,280
Identify a target company with entropy signals.
761
00:33:31,280 –> 00:33:33,320
Research the CISO or IT director.
762
00:33:33,320 –> 00:33:36,400
Craft a personalized email that references their specific situation.
763
00:33:36,400 –> 00:33:37,880
The email doesn’t pitch a solution.
764
00:33:37,880 –> 00:33:42,440
It asks a question that forces them to think about their control plane maturity.
765
00:33:42,440 –> 00:33:43,440
Example.
766
00:33:43,440 –> 00:33:48,080
I noticed your company announced a Microsoft 365 co-pilot rollout last month.
767
00:33:48,080 –> 00:33:52,280
Most organizations deploying co-pilot without first establishing data, loss prevention governance
768
00:33:52,280 –> 00:33:54,560
end up with significant compliance risk.
769
00:33:54,560 –> 00:34:00,240
Have you established DLP policies for co-pilot interactions with proprietary information?
770
00:34:00,240 –> 00:34:02,000
This email works because it’s specific.
771
00:34:02,000 –> 00:34:03,600
It references their situation.
772
00:34:03,600 –> 00:34:05,720
It raises the concern they might not have considered.
773
00:34:05,720 –> 00:34:06,720
It’s not salesy.
774
00:34:06,720 –> 00:34:07,720
It’s consultative.
775
00:34:07,720 –> 00:34:10,080
It’s asking a question that makes them think.
776
00:34:10,080 –> 00:34:14,000
Response rates on personalized outbound are typically 5 to 10%.
777
00:34:14,000 –> 00:34:18,320
From those responses, 20 to 30% convert to a discovery conversation.
778
00:34:18,320 –> 00:34:19,480
The math is straightforward.
779
00:34:19,480 –> 00:34:21,240
Send 100 personalized emails.
780
00:34:21,240 –> 00:34:23,160
Get 5 to 10 responses.
781
00:34:23,160 –> 00:34:25,760
Convert one to three of those to discovery conversations.
782
00:34:25,760 –> 00:34:28,120
The discovery conversation is where you pitch the assessment.
783
00:34:28,120 –> 00:34:32,560
I can spend two weeks understanding your identity, productivity and infrastructure control
784
00:34:32,560 –> 00:34:36,760
planes and deliver a risk report that shows you exactly where your entropy is and
785
00:34:36,760 –> 00:34:38,200
what it’s costing you.
786
00:34:38,200 –> 00:34:41,040
The assessment is $10,000 and takes two weeks.
787
00:34:41,040 –> 00:34:44,200
Most companies will say yes to this because it’s low risk.
788
00:34:44,200 –> 00:34:48,320
Small investment, short timeline, high value, they get a risk report and a remediation road
789
00:34:48,320 –> 00:34:49,320
map.
790
00:34:49,320 –> 00:34:52,880
The assessment almost always leads to a remediation engagement because the report shows
791
00:34:52,880 –> 00:34:54,760
them problems they didn’t know they had.
792
00:34:54,760 –> 00:34:56,320
You’ve quantified the entropy.
793
00:34:56,320 –> 00:34:57,320
You’ve shown them the risk.
794
00:34:57,320 –> 00:34:58,520
You’ve given them a road map.
795
00:34:58,520 –> 00:35:02,600
The decision to remediate is almost inevitable because the alternative is to leave the entropy
796
00:35:02,600 –> 00:35:04,840
in place and hope nothing bad happens.
797
00:35:04,840 –> 00:35:08,000
That’s not a business decision that’s gambling.
798
00:35:08,000 –> 00:35:12,280
Outbound works best when you’re targeting 20 to 30 companies per month, personalizing
799
00:35:12,280 –> 00:35:14,880
each email and following up systematically.
800
00:35:14,880 –> 00:35:18,280
This approach generates two to four discovery conversations per month.
801
00:35:18,280 –> 00:35:23,440
That converts to one assessment engagement and 0.3 to 0.5 remediation engagements.
802
00:35:23,440 –> 00:35:28,760
At 120,000 average remediation value that’s 40 to 60,000 per month in closed business from
803
00:35:28,760 –> 00:35:29,760
outbound.
804
00:35:29,760 –> 00:35:32,960
This is the foundation of a predictable pipeline while inbound is building.
805
00:35:32,960 –> 00:35:34,720
You’re not dependent on inbound leads.
806
00:35:34,720 –> 00:35:37,680
You’re generating your own pipeline through systematic outreach.
807
00:35:37,680 –> 00:35:41,440
You’re not competing on price because you’re reaching out to companies with specific problems.
808
00:35:41,440 –> 00:35:44,680
You’re competing on your ability to diagnose and remediate those problems.
809
00:35:44,680 –> 00:35:47,680
The key to outbound is consistency and personalization.
810
00:35:47,680 –> 00:35:49,480
Generic emails get deleted.
811
00:35:49,480 –> 00:35:50,800
Personalized emails get responses.
812
00:35:50,800 –> 00:35:54,640
You need to research each company, find the specific entropy signal, reference it in
813
00:35:54,640 –> 00:35:56,640
your email, ask a specific question.
814
00:35:56,640 –> 00:35:59,240
Make it about their situation, not about your services.
815
00:35:59,240 –> 00:36:00,560
You also need to follow up.
816
00:36:00,560 –> 00:36:02,640
Most people won’t respond to the first email.
817
00:36:02,640 –> 00:36:06,760
Follow up after one week, follow up again after two weeks, after three touches, move on.
818
00:36:06,760 –> 00:36:08,240
But don’t give up on the company.
819
00:36:08,240 –> 00:36:09,520
Revisit them in three months.
820
00:36:09,520 –> 00:36:10,600
Something will have changed.
821
00:36:10,600 –> 00:36:13,640
A new announcement, a new hire, a new entropy signal.
822
00:36:13,640 –> 00:36:15,440
Your persistence will eventually connect.
823
00:36:15,440 –> 00:36:19,040
The combination of inbound and outbound creates a diversified pipeline.
824
00:36:19,040 –> 00:36:22,760
Inbound generates high quality warm leads that convert quickly.
825
00:36:22,760 –> 00:36:26,080
Outbound generates volume and fills gaps while inbound is building.
826
00:36:26,080 –> 00:36:30,280
Together they create a predictable scalable client acquisition engine that generates consistent
827
00:36:30,280 –> 00:36:31,920
pipeline month after month.
828
00:36:31,920 –> 00:36:33,920
The assessment, a sales tool.
829
00:36:33,920 –> 00:36:37,360
The assessment is not just a diagnostic, it’s your most powerful sales tool.
830
00:36:37,360 –> 00:36:39,480
And most consultants completely misunderstand this.
831
00:36:39,480 –> 00:36:41,120
Most consultants give away discovery.
832
00:36:41,120 –> 00:36:43,720
They offer a free assessment or a two hour discovery call.
833
00:36:43,720 –> 00:36:45,000
They think this builds trust.
834
00:36:45,000 –> 00:36:46,000
It doesn’t.
835
00:36:46,000 –> 00:36:49,160
It signals that your expertise isn’t valuable enough to charge for.
836
00:36:49,160 –> 00:36:52,760
Free discovery attracts tire kickers and budget constrained prospects.
837
00:36:52,760 –> 00:36:57,000
Pay discovery attracts serious buyers who understand that diagnosis costs money.
838
00:36:57,000 –> 00:36:59,280
Pay assessments, signal three things.
839
00:36:59,280 –> 00:37:00,600
First that you’re serious.
840
00:37:00,600 –> 00:37:02,000
You’re not desperate for work.
841
00:37:02,000 –> 00:37:03,800
You’re selective about who you work with.
842
00:37:03,800 –> 00:37:05,360
Second that your time is valuable.
843
00:37:05,360 –> 00:37:08,040
You’re not giving away analysis that took years to develop.
844
00:37:08,040 –> 00:37:10,720
Third that the output will be worth the investment.
845
00:37:10,720 –> 00:37:12,320
You’re not doing a generic assessment.
846
00:37:12,320 –> 00:37:15,320
You’re doing a specific diagnostic tailored to their environment.
847
00:37:15,320 –> 00:37:19,040
The assessment costs $8 to $15,000 and takes two to three weeks.
848
00:37:19,040 –> 00:37:21,040
It’s scoped to one or more control planes.
849
00:37:21,040 –> 00:37:24,200
Identity governance, productivity governance, infrastructure governance.
850
00:37:24,200 –> 00:37:30,080
The output is a 20 to 30 page risk report with current state analysis, entropy quantification,
851
00:37:30,080 –> 00:37:33,840
risk scoring, compliance gaps and a remediation roadmap.
852
00:37:33,840 –> 00:37:34,840
Here’s what makes it work.
853
00:37:34,840 –> 00:37:37,920
The assessment is designed to uncover problems the client didn’t know they had.
854
00:37:37,920 –> 00:37:42,680
If the assessment only confirms what they already know, it won’t drive a remediation engagement.
855
00:37:42,680 –> 00:37:46,040
You need to find the hidden entropy, the drift that’s accumulated over years.
856
00:37:46,040 –> 00:37:47,840
The policies that are no longer enforced.
857
00:37:47,840 –> 00:37:49,520
The often resources creating risk.
858
00:37:49,520 –> 00:37:52,200
The service accounts with permanent credentials.
859
00:37:52,200 –> 00:37:54,240
The unmanaged flows accessing sensitive data.
860
00:37:54,240 –> 00:37:55,920
The Azure subscriptions nobody owns.
861
00:37:55,920 –> 00:38:00,160
The assessment establishes you as the expert who understands their specific situation.
862
00:38:00,160 –> 00:38:03,640
By the time you present the report, the client has already decided you’re the right person
863
00:38:03,640 –> 00:38:04,880
to fix the problem.
864
00:38:04,880 –> 00:38:07,480
The remediation engagement is almost a foregone conclusion.
865
00:38:07,480 –> 00:38:08,760
You’ve diagnosed the disease.
866
00:38:08,760 –> 00:38:09,880
You’ve shown them the cost.
867
00:38:09,880 –> 00:38:11,040
You’ve given them a roadmap.
868
00:38:11,040 –> 00:38:14,760
The decision to remediate is inevitable because the alternative is to leave the entropy in
869
00:38:14,760 –> 00:38:15,840
place.
870
00:38:15,840 –> 00:38:19,480
The assessment also creates a baseline that makes the remediation work measurable.
871
00:38:19,480 –> 00:38:21,280
You can show before and after metrics.
872
00:38:21,280 –> 00:38:26,400
All assignments reduced by 85% privileged accounts brought under just in time control.
873
00:38:26,400 –> 00:38:27,400
Compliance gaps closed.
874
00:38:27,400 –> 00:38:30,080
Flow inventory reduced by 50%.
875
00:38:30,080 –> 00:38:33,960
These metrics are what justify the remediation investment to the CFO and the board.
876
00:38:33,960 –> 00:38:35,520
You’re not asking them to trust you.
877
00:38:35,520 –> 00:38:37,400
You’re showing them measurable outcomes.
878
00:38:37,400 –> 00:38:40,840
The assessment should be structured to take two to three weeks of work, not eight weeks.
879
00:38:40,840 –> 00:38:43,240
You’re not doing the full remediation in the assessment.
880
00:38:43,240 –> 00:38:46,720
You’re doing enough work to understand the problem and recommend a solution.
881
00:38:46,720 –> 00:38:50,880
The remediation is where the real work happens and where the real value is captured.
882
00:38:50,880 –> 00:38:53,920
Think about the assessment as the sales conversation that happens on paper.
883
00:38:53,920 –> 00:38:55,240
You’re asking questions.
884
00:38:55,240 –> 00:38:56,680
You’re analyzing responses.
885
00:38:56,680 –> 00:38:57,880
You’re quantifying risk.
886
00:38:57,880 –> 00:38:59,200
You’re presenting findings.
887
00:38:59,200 –> 00:39:00,560
You’re recommending next steps.
888
00:39:00,560 –> 00:39:04,120
By the time the client finishes reading the report, they understand exactly what’s wrong,
889
00:39:04,120 –> 00:39:06,160
why it matters and what needs to happen next.
890
00:39:06,160 –> 00:39:08,200
The pricing of the assessment is also strategic.
891
00:39:08,200 –> 00:39:12,920
Eight to 15,000 is enough to signal seriousness, but not so much that it’s a barrier to entry.
892
00:39:12,920 –> 00:39:17,200
Most companies with entropy problems can justify eight to 15,000 for a diagnostic.
893
00:39:17,200 –> 00:39:21,800
They can’t justify 120,000 for remediation without first understanding the problem.
894
00:39:21,800 –> 00:39:23,360
The assessment gets you in the door.
895
00:39:23,360 –> 00:39:25,800
The remediation is where you capture the real value.
896
00:39:25,800 –> 00:39:28,520
The assessment also creates a natural upsell path.
897
00:39:28,520 –> 00:39:31,920
Once you’ve completed the identity plane assessment, the client often wants to address
898
00:39:31,920 –> 00:39:34,320
the productivity plane or the infrastructure plane.
899
00:39:34,320 –> 00:39:37,080
One assessment often leads to two or three follow-on assessments.
900
00:39:37,080 –> 00:39:38,760
Each one expands the relationship.
901
00:39:38,760 –> 00:39:41,960
Each one identifies new remediation opportunities.
902
00:39:41,960 –> 00:39:46,160
By the time you’re done with assessments, you’ve got a clear roadmap for multiple remediation
903
00:39:46,160 –> 00:39:48,640
engagements that will occupy you for the next year.
904
00:39:48,640 –> 00:39:51,920
This is how you build a predictable, scalable consulting business.
905
00:39:51,920 –> 00:39:53,560
Assessments lead to remediation.
906
00:39:53,560 –> 00:39:55,720
Remediation leads to advisory retainers.
907
00:39:55,720 –> 00:39:58,480
Advisory retainers lead to follow-on remediation.
908
00:39:58,480 –> 00:40:00,360
Each engagement expands the relationship.
909
00:40:00,360 –> 00:40:02,760
Each one increases the lifetime value of the client.
910
00:40:02,760 –> 00:40:07,320
Each one makes you more indispensable because you understand their environment better than anyone else.
911
00:40:07,320 –> 00:40:10,360
The assessment is the bridge between positioning and pricing.
912
00:40:10,360 –> 00:40:13,960
It’s how you move from being a commodity consultant to being an architect of necessity.
913
00:40:13,960 –> 00:40:17,080
It’s how you demonstrate value before asking for the big investment.
914
00:40:17,080 –> 00:40:20,280
It’s how you make the case that governance isn’t a cost.
915
00:40:20,280 –> 00:40:23,880
It’s insurance against catastrophic failure.
916
00:40:23,880 –> 00:40:26,440
The remediation engagement scope and delivery.
917
00:40:26,440 –> 00:40:30,880
Once the assessment is sold, the remediation engagement is where you deliver measurable value.
918
00:40:30,880 –> 00:40:33,440
This is where you move from diagnosis to treatment.
919
00:40:33,440 –> 00:40:35,880
And it’s where you prove that governance isn’t theoretical.
920
00:40:35,880 –> 00:40:36,960
It’s operational.
921
00:40:36,960 –> 00:40:41,800
The remediation engagement is typically 8 to 16 weeks and costs $80,000 to $200,000,
922
00:40:41,800 –> 00:40:43,320
depending on scope and complexity.
923
00:40:43,320 –> 00:40:44,720
It’s structured in phases.
924
00:40:44,720 –> 00:40:46,280
Planning takes weeks one and two.
925
00:40:46,280 –> 00:40:48,880
Implementation takes weeks three through 12.
926
00:40:48,880 –> 00:40:51,280
Optimization takes weeks 13 through 16.
927
00:40:51,280 –> 00:40:52,720
Planning phase is critical.
928
00:40:52,720 –> 00:40:54,720
You finalize the remediation roadmap.
929
00:40:54,720 –> 00:40:56,240
You establish governance models.
930
00:40:56,240 –> 00:40:58,400
You define ownership and approval workflows.
931
00:40:58,400 –> 00:40:59,880
You set up the technical environment.
932
00:40:59,880 –> 00:41:00,960
You’re not building yet.
933
00:41:00,960 –> 00:41:01,760
You’re planning.
934
00:41:01,760 –> 00:41:02,760
You’re getting alignment.
935
00:41:02,760 –> 00:41:06,120
You’re making sure everyone understands what’s happening and why it matters.
936
00:41:06,120 –> 00:41:07,720
This is where you prevent scope creep.
937
00:41:07,720 –> 00:41:10,280
This is where you establish clear success criteria.
938
00:41:10,280 –> 00:41:12,440
Implementation phase is where the real work happens.
939
00:41:12,440 –> 00:41:16,160
You deploy the controls for identity that means conditional access policies,
940
00:41:16,160 –> 00:41:20,400
data loss prevention rules, life cycle, automation, access reviews.
941
00:41:20,400 –> 00:41:22,680
For productivity that means environment tearing,
942
00:41:22,680 –> 00:41:27,680
DLP policies, governance models, for infrastructure that means subscription organization,
943
00:41:27,680 –> 00:41:30,000
tagging standards, cost management policies.
944
00:41:30,000 –> 00:41:31,440
You’re not just configuring tools,
945
00:41:31,440 –> 00:41:34,600
you’re building systems that enforce policy at scale.
946
00:41:34,600 –> 00:41:36,320
Migration is part of implementation.
947
00:41:36,320 –> 00:41:39,280
You migrate existing configurations to the new model.
948
00:41:39,280 –> 00:41:41,840
You move role assignments from direct to role-based.
949
00:41:41,840 –> 00:41:44,680
You migrate flows from unmanage to governed environments.
950
00:41:44,680 –> 00:41:48,600
You move subscriptions from ad hoc organization to governance-based structure.
951
00:41:48,600 –> 00:41:49,920
Migration is the risky part.
952
00:41:49,920 –> 00:41:51,240
It’s where things can break.
953
00:41:51,240 –> 00:41:53,960
It’s where you need careful planning and extensive testing.
954
00:41:53,960 –> 00:41:55,840
Training happens during implementation too.
955
00:41:55,840 –> 00:41:57,920
Admins need to understand the new governance model.
956
00:41:57,920 –> 00:42:00,000
Users need to understand why policies exist.
957
00:42:00,000 –> 00:42:03,360
Citizen developers need to understand how to build within guardrails.
958
00:42:03,360 –> 00:42:06,640
Training is how you prevent the new governance from being circumvented.
959
00:42:06,640 –> 00:42:10,160
If people don’t understand why a policy exists, they’ll find ways around it.
960
00:42:10,160 –> 00:42:12,840
If they understand the business case, they’ll work within it.
961
00:42:12,840 –> 00:42:15,280
Optimization phase is weeks 13 through 16.
962
00:42:15,280 –> 00:42:17,120
You monitor and refine the controls.
963
00:42:17,120 –> 00:42:18,440
You address edge cases.
964
00:42:18,440 –> 00:42:20,280
You establish ongoing governance processes.
965
00:42:20,280 –> 00:42:22,600
You’re not done when implementation is complete.
966
00:42:22,600 –> 00:42:25,320
You’re done when the governance is stable and sustainable.
967
00:42:25,320 –> 00:42:27,440
When admins can operate it without your help.
968
00:42:27,440 –> 00:42:29,880
When the organization has the skills to maintain it.
969
00:42:29,880 –> 00:42:34,640
The key to a successful remediation is clear ownership and decision-making authority.
970
00:42:34,640 –> 00:42:37,640
You need a sponsor, usually the CSO or IT director,
971
00:42:37,640 –> 00:42:40,560
who has budget authority and can make decisions quickly.
972
00:42:40,560 –> 00:42:45,240
You need a working group with identity architect, security engineer and compliance officer
973
00:42:45,240 –> 00:42:48,200
who can provide input and execute the technical work.
974
00:42:48,200 –> 00:42:51,240
You need executive alignment on what success looks like.
975
00:42:51,240 –> 00:42:55,240
The remediation should be delivered by you with heavy involvement from the client’s team.
976
00:42:55,240 –> 00:42:57,840
This is not a “we’ll do it and hand it off” engagement.
977
00:42:57,840 –> 00:42:59,600
It’s a “we’ll do it together” engagement.
978
00:42:59,600 –> 00:43:01,040
The client’s team does half the work.
979
00:43:01,040 –> 00:43:02,160
You guide and oversee.
980
00:43:02,160 –> 00:43:06,480
This approach builds client capability so they can maintain the governance after your gone.
981
00:43:06,480 –> 00:43:07,960
It also creates accountability.
982
00:43:07,960 –> 00:43:10,760
The client’s team is invested in the success of the remediation.
983
00:43:10,760 –> 00:43:14,680
The remediation should produce measurable outcomes, role assignments reduced,
984
00:43:14,680 –> 00:43:17,560
privileged accounts brought under control, compliance gaps closed,
985
00:43:17,560 –> 00:43:18,800
audit readiness improved.
986
00:43:18,800 –> 00:43:21,880
These outcomes should be documented and presented to the CSO and board.
987
00:43:21,880 –> 00:43:23,560
This is what justifies the investment.
988
00:43:23,560 –> 00:43:26,800
This is what creates the foundation for the advisory retainer.
989
00:43:26,800 –> 00:43:29,400
The remediation also creates opportunities for upselling.
990
00:43:29,400 –> 00:43:33,920
Once you’ve fixed identity governance, you can remediate productivity or infrastructure governance.
991
00:43:33,920 –> 00:43:36,880
Most organizations need work across all three planes.
992
00:43:36,880 –> 00:43:41,000
So the initial remediation often leads to two or three follow-on engagements.
993
00:43:41,000 –> 00:43:42,640
Each one expands the relationship.
994
00:43:42,640 –> 00:43:45,040
Each one increases the lifetime value of the client.
995
00:43:45,040 –> 00:43:48,280
This is the engagement model that generates consistent revenue.
996
00:43:48,280 –> 00:43:50,080
Assessments at 8 to 15,000,
997
00:43:50,080 –> 00:43:52,320
remediation at 80 to 200,000,
998
00:43:52,320 –> 00:43:54,960
advisory retainers at 8 to 15,000 monthly.
999
00:43:54,960 –> 00:43:59,960
Each client generates 50 to 300,000 annually in revenue across all three tiers.
1000
00:43:59,960 –> 00:44:05,160
With three to five clients, you’re at 150,000 to 1.5 million in annual revenue.
1001
00:44:05,160 –> 00:44:08,080
The remediation engagement is where you prove your value.
1002
00:44:08,080 –> 00:44:10,640
It’s where you show that governance isn’t a cost.
1003
00:44:10,640 –> 00:44:14,200
It’s a risk management investment that prevents catastrophic failure.
1004
00:44:14,200 –> 00:44:16,720
It’s where you demonstrate that you’re not just an implementer.
1005
00:44:16,720 –> 00:44:20,360
You’re an architect who understands how systems work at scale.
1006
00:44:20,360 –> 00:44:23,040
The advisory retainer building recurring revenue.
1007
00:44:23,040 –> 00:44:25,320
The remediation is one-time revenue.
1008
00:44:25,320 –> 00:44:29,680
The advisory retainer is recurring revenue that scales your business without proportional effort.
1009
00:44:29,680 –> 00:44:33,640
The advisory retainer is typically 8,000 to 15,000 per month
1010
00:44:33,640 –> 00:44:35,880
and is structured as an ongoing engagement.
1011
00:44:35,880 –> 00:44:37,920
It includes quarterly governance reviews
1012
00:44:37,920 –> 00:44:41,480
where you assess the current state of the control planes and identify drift.
1013
00:44:41,480 –> 00:44:45,160
Policy updates as the organization adopts new tools or faces new threats.
1014
00:44:45,160 –> 00:44:48,680
Optimization recommendations to improve efficiency and reduce cost.
1015
00:44:48,680 –> 00:44:51,880
Emerging threat monitoring to stay ahead of new attack vectors
1016
00:44:51,880 –> 00:44:55,840
and access to you for questions and escalations when governance issues arise.
1017
00:44:55,840 –> 00:44:58,600
The retainer is sold at the end of the remediation engagement.
1018
00:44:58,600 –> 00:44:59,840
The pitch is straightforward.
1019
00:44:59,840 –> 00:45:02,480
We’ve built this governance model and established the baseline.
1020
00:45:02,480 –> 00:45:06,480
To keep it working and evolving, we recommend an ongoing advisory engagement.
1021
00:45:06,480 –> 00:45:10,160
Most clients will say yes because they understand that governance isn’t a one-time project.
1022
00:45:10,160 –> 00:45:11,600
It’s an ongoing practice.
1023
00:45:11,600 –> 00:45:14,600
As the organization grows as new tools are adopted,
1024
00:45:14,600 –> 00:45:17,000
as policies drift, as threats evolve,
1025
00:45:17,000 –> 00:45:19,200
governance requires continuous attention.
1026
00:45:19,200 –> 00:45:24,000
The retainer is attractive to clients because it gives them predictable access to expertise
1027
00:45:24,000 –> 00:45:25,880
without having to hire full-time staff.
1028
00:45:25,880 –> 00:45:30,080
When they get a trusted advisor who understands their environment and their risk profile,
1029
00:45:30,080 –> 00:45:34,080
they get someone who knows where the entropy is and how to prevent it from accumulating,
1030
00:45:34,080 –> 00:45:37,480
they get peace of mind knowing that governance is being actively managed,
1031
00:45:37,480 –> 00:45:39,080
not just implemented and forgotten.
1032
00:45:39,080 –> 00:45:44,080
For you, the retainer is valuable because it’s recurring revenue that scales without proportional effort.
1033
00:45:44,080 –> 00:45:48,880
A $10,000 per month retainer requires maybe 20 to 30 hours per month of your time.
1034
00:45:48,880 –> 00:45:53,680
That’s half an FTE, but it generates $120,000 annually in recurring revenue.
1035
00:45:53,680 –> 00:45:58,480
With three to four retainers, you have 360,000 to 480,000 in recurring revenue.
1036
00:45:58,480 –> 00:46:02,680
That means you only need to close one to two new remediation engagements per year
1037
00:46:02,680 –> 00:46:05,080
to hit 500 K+ annual revenue.
1038
00:46:05,080 –> 00:46:06,680
This is the power of the retainer model.
1039
00:46:06,680 –> 00:46:08,680
It creates a stable, predictable business.
1040
00:46:08,680 –> 00:46:10,080
The revenue is predictable.
1041
00:46:10,080 –> 00:46:11,280
The workload is predictable.
1042
00:46:11,280 –> 00:46:13,880
You’re not dependent on constant prospecting and closing.
1043
00:46:13,880 –> 00:46:17,680
You’ve got a base of recurring revenue that pays the bills and funds your business growth.
1044
00:46:17,680 –> 00:46:21,080
The retainer also aligns consultant incentives with client outcomes.
1045
00:46:21,080 –> 00:46:24,880
If you’re on a retainer, you want the governance to work well and stay stable.
1046
00:46:24,880 –> 00:46:27,880
You don’t want to create churn that requires constant rework.
1047
00:46:27,880 –> 00:46:31,480
You’re invested in the client’s success, not in selling them the next project.
1048
00:46:31,480 –> 00:46:34,880
This is different from the project model where you might be incentivized to create problems
1049
00:46:34,880 –> 00:46:36,280
so you can sell solutions.
1050
00:46:36,280 –> 00:46:38,280
The retainer also creates customer lock-in.
1051
00:46:38,280 –> 00:46:42,280
Once a client has been on a retainer for six months or more, they’re unlikely to switch.
1052
00:46:42,280 –> 00:46:43,480
Switching costs are high.
1053
00:46:43,480 –> 00:46:47,880
They’d have to find a new consultant to get them up to speed on the governance model, rebuild the relationship.
1054
00:46:47,880 –> 00:46:50,680
This is why retainer clients are your most valuable customers.
1055
00:46:50,680 –> 00:46:51,880
They’re not one-time revenue.
1056
00:46:51,880 –> 00:46:54,680
They’re multi-year relationships that scale your business.
1057
00:46:54,680 –> 00:46:57,280
The retainer also creates opportunities for upselling.
1058
00:46:57,280 –> 00:47:01,480
As you work with the client, you’ll identify new problems that require remediation work.
1059
00:47:01,480 –> 00:47:06,280
A client on a $10,000 per month identity governance retainer might also need productivity governance
1060
00:47:06,280 –> 00:47:07,880
or infrastructure optimization.
1061
00:47:07,880 –> 00:47:11,280
You can propose follow-on remediation engagements that expand the scope
1062
00:47:11,280 –> 00:47:13,280
and increase the overall relationship value.
1063
00:47:13,280 –> 00:47:15,680
The retainer is also how you build defensibility.
1064
00:47:15,680 –> 00:47:19,680
If you’re the person managing a client’s governance, you’re the person they call when something breaks.
1065
00:47:19,680 –> 00:47:22,080
You’re the person they trust with their risk management.
1066
00:47:22,080 –> 00:47:26,080
You’ve made yourself indispensable because you understand their environment better than anyone else.
1067
00:47:26,080 –> 00:47:29,480
This is the business model that generates sustainable, scalable revenue.
1068
00:47:29,480 –> 00:47:31,680
Assessments generate initial engagement.
1069
00:47:31,680 –> 00:47:35,880
Remediation generates substantial upfront revenue and establishes credibility.
1070
00:47:35,880 –> 00:47:39,880
Advisory retainers generate predictable recurring revenue that funds the business
1071
00:47:39,880 –> 00:47:42,080
and allows you to be selective about new projects.
1072
00:47:42,080 –> 00:47:44,880
By year two or three, most of your revenue comes from retainers.
1073
00:47:44,880 –> 00:47:47,880
You’re no longer dependent on closing new projects every month.
1074
00:47:47,880 –> 00:47:51,080
You’ve got a base of recurring revenue that’s stable and predictable.
1075
00:47:51,080 –> 00:47:53,680
You’re running a business, not trading time for money.
1076
00:47:53,680 –> 00:47:55,680
Positioning against competitors.
1077
00:47:55,680 –> 00:47:57,680
You’re not competing against other consultants.
1078
00:47:57,680 –> 00:48:00,680
You’re competing against the cost of inaction.
1079
00:48:00,680 –> 00:48:03,680
Most of your competitors are positioned as builders or implementers.
1080
00:48:03,680 –> 00:48:05,880
They sell hours, projects or deliverables.
1081
00:48:05,880 –> 00:48:08,080
They compete on speed, cost and delivery quality.
1082
00:48:08,080 –> 00:48:11,080
They’re racing to the bottom because that’s the only dimension that matters
1083
00:48:11,080 –> 00:48:12,480
when the deliverable is generic.
1084
00:48:12,480 –> 00:48:17,280
A client comparing your $50,000 remediation to another consultant’s 30,000 remediation
1085
00:48:17,280 –> 00:48:18,680
is making the wrong comparison.
1086
00:48:18,680 –> 00:48:21,480
The real comparison is what’s the cost of not having governance.
1087
00:48:21,480 –> 00:48:25,280
If a breach costs $2 million, a failed audit cost $500,000 in fines
1088
00:48:25,280 –> 00:48:27,880
or a failed migration cost $1 million in rework,
1089
00:48:27,880 –> 00:48:31,680
then $150,000 for governance remediation is a bargain.
1090
00:48:31,680 –> 00:48:35,280
Your job in the sales process is to make this comparison explicit.
1091
00:48:35,280 –> 00:48:36,880
You quantify the cost of entropy.
1092
00:48:36,880 –> 00:48:38,280
You say it clearly.
1093
00:48:38,280 –> 00:48:42,480
Your current identity governance posture creates a breach risk of $2 million or more.
1094
00:48:42,480 –> 00:48:47,080
Our remediation costs $150,000 and reduces that risk by 85%.
1095
00:48:47,080 –> 00:48:49,680
This is how you position against lower cost competitors.
1096
00:48:49,680 –> 00:48:51,080
You’re not more expensive.
1097
00:48:51,080 –> 00:48:52,080
You’re more valuable.
1098
00:48:52,080 –> 00:48:53,880
You’re not charging more for the same work.
1099
00:48:53,880 –> 00:48:57,480
You’re charging appropriately for work that prevents catastrophic failure.
1100
00:48:57,480 –> 00:49:00,280
You’re also positioned differently from the big consulting firms,
1101
00:49:00,280 –> 00:49:02,680
Deloitte, Accenture, McKinsey.
1102
00:49:02,680 –> 00:49:06,480
These firms are generalists who sell broad transformation programs.
1103
00:49:06,480 –> 00:49:10,480
You’re a specialist who focuses on architectural governance in the Microsoft ecosystem.
1104
00:49:10,480 –> 00:49:13,480
Specialists are more valuable than generalists for specific problems
1105
00:49:13,480 –> 00:49:16,480
because they have deeper expertise and faster execution.
1106
00:49:16,480 –> 00:49:18,880
A client with a specific identity governance problem
1107
00:49:18,880 –> 00:49:23,680
would rather hire a specialist than pay a generalist $500 per hour to learn the domain.
1108
00:49:23,680 –> 00:49:25,280
Specialists also move faster.
1109
00:49:25,280 –> 00:49:26,680
You know the Microsoft ecosystem.
1110
00:49:26,680 –> 00:49:27,680
You know the tools.
1111
00:49:27,680 –> 00:49:28,480
You know the patterns.
1112
00:49:28,480 –> 00:49:29,880
You know what works and what doesn’t.
1113
00:49:29,880 –> 00:49:31,680
A generalist is learning as they go.
1114
00:49:31,680 –> 00:49:33,880
A specialist is executing from experience.
1115
00:49:33,880 –> 00:49:36,080
This speed difference is worth money to the client.
1116
00:49:36,080 –> 00:49:40,480
It means faster remediation, faster time to value, faster risk reduction.
1117
00:49:40,480 –> 00:49:43,080
You’re also positioned differently from the Microsoft partners.
1118
00:49:43,080 –> 00:49:46,880
Microsoft partners are incentivized to sell Microsoft licenses and services.
1119
00:49:46,880 –> 00:49:51,480
You’re incentivized to help the client optimize their existing Microsoft investments.
1120
00:49:51,480 –> 00:49:53,280
This creates a natural differentiation.
1121
00:49:53,280 –> 00:49:57,080
You’re the trusted advisor who helps them get value from what they’ve already bought.
1122
00:49:57,080 –> 00:50:01,080
Not the vendor trying to sell them more partners also have conflicts of interest.
1123
00:50:01,080 –> 00:50:04,280
If a partner recommends a solution that requires buying more licenses,
1124
00:50:04,280 –> 00:50:08,480
are they recommending it because it’s the best solution or because it generates revenue?
1125
00:50:08,480 –> 00:50:09,680
You don’t have that conflict.
1126
00:50:09,680 –> 00:50:11,480
You’re recommending what’s best for the client.
1127
00:50:11,480 –> 00:50:14,080
You’re not making money if they buy more licenses.
1128
00:50:14,080 –> 00:50:17,680
You’re making money if their governance improves and their risk decreases.
1129
00:50:17,680 –> 00:50:20,680
This positioning also changes how you talk about your competitors.
1130
00:50:20,680 –> 00:50:22,680
You don’t compare yourself to other consultants.
1131
00:50:22,680 –> 00:50:26,480
You don’t say I’m cheaper than that guy or I’m faster than that firm.
1132
00:50:26,480 –> 00:50:28,680
You compare yourself to the cost of inaction.
1133
00:50:28,680 –> 00:50:33,880
You say the cost of not having governance is exponentially higher than the cost of implementing it.
1134
00:50:33,880 –> 00:50:36,280
Your positioning also determines your pricing power.
1135
00:50:36,280 –> 00:50:40,680
When you’re positioned as a builder, you’re competing against other builders on speed and cost.
1136
00:50:40,680 –> 00:50:45,080
When you’re positioned as an architect of necessity, you’re competing against the cost of inaction.
1137
00:50:45,080 –> 00:50:46,680
The conversation is completely different.
1138
00:50:46,680 –> 00:50:48,680
The client isn’t asking can we afford this?
1139
00:50:48,680 –> 00:50:51,280
They’re asking can we afford not to do this?
1140
00:50:51,280 –> 00:50:54,080
This is the positioning that generates premium pricing.
1141
00:50:54,080 –> 00:50:56,480
This is the positioning that makes you indispensable.
1142
00:50:56,480 –> 00:51:02,480
This is the positioning that separates commodity consultants from architects of necessity.
1143
00:51:02,480 –> 00:51:06,080
The pricing negotiation went to hold, went to bend.
1144
00:51:06,080 –> 00:51:10,880
Pricing is a negotiation. You need principles for when to hold firm and when to be flexible.
1145
00:51:10,880 –> 00:51:13,880
Without principles, you’ll discount yourself into poverty.
1146
00:51:13,880 –> 00:51:16,280
With the wrong principles, you’ll price yourself out of deals.
1147
00:51:16,280 –> 00:51:21,880
Your baseline pricing is 8 to 15,000 for assessments, 80 to 200,000 for remediation,
1148
00:51:21,880 –> 00:51:24,280
and 8 to 15,000 per month for retainers.
1149
00:51:24,280 –> 00:51:27,280
This pricing is not arbitrary. It’s based on the value you deliver.
1150
00:51:27,280 –> 00:51:28,680
But pricing is also contextual.
1151
00:51:28,680 –> 00:51:35,880
A $500 million enterprise with 10,000 employees has a different risk profile than a $50 million company with 1,000 employees.
1152
00:51:35,880 –> 00:51:38,680
Your pricing should scale with the scope and complexity.
1153
00:51:38,680 –> 00:51:42,480
For large enterprises with high complexity, price at the top of your range,
1154
00:51:42,480 –> 00:51:47,680
15,000 assessments, 200,000 remediation, 15,000 monthly retainers.
1155
00:51:47,680 –> 00:51:49,680
These organizations have substantial budgets.
1156
00:51:49,680 –> 00:51:53,080
They have regulatory requirements. They have complex environments.
1157
00:51:53,080 –> 00:51:55,880
The entropy they are dealing with is correspondingly complex.
1158
00:51:55,880 –> 00:51:59,480
The risk is higher. The value of remediation is higher, price accordingly.
1159
00:51:59,480 –> 00:52:02,880
For mid-market companies with moderate complexity, price in the middle,
1160
00:52:02,880 –> 00:52:09,480
10 to 12,000 assessments, 120 to 150,000 remediation, 10 to 12,000 monthly retainers.
1161
00:52:09,480 –> 00:52:13,280
These organizations have meaningful budgets, but tighter constraints than enterprises.
1162
00:52:13,280 –> 00:52:17,680
They have compliance requirements, but not the regulatory intensity of financial services or health care.
1163
00:52:17,680 –> 00:52:21,880
Price in the middle. For smaller companies with lower complexity, price at the bottom.
1164
00:52:21,880 –> 00:52:27,080
8 to 10,000 assessments, 80 to 100,000 remediation, 8 to 10,000 monthly retainers.
1165
00:52:27,080 –> 00:52:30,480
These organizations have smaller budgets. They have fewer compliance requirements.
1166
00:52:30,480 –> 00:52:33,280
Their environments are less complex, price accordingly.
1167
00:52:33,280 –> 00:52:38,080
The key principle. Never discount based on the client’s budget constraints.
1168
00:52:38,080 –> 00:52:41,880
If a client says we can only afford 60,000 for remediation,
1169
00:52:41,880 –> 00:52:44,680
the answer is not “Okay, I’ll do it for 60,000 there.”
1170
00:52:44,680 –> 00:52:46,880
That’s how you end up under delivering and overworking.
1171
00:52:46,880 –> 00:52:49,480
The answer is “That scope won’t work for 60,000.”
1172
00:52:49,480 –> 00:52:53,280
Let’s reduce the scope to fit the budget, or let’s phase the engagement over time
1173
00:52:53,280 –> 00:52:54,880
so you can spread the cost.
1174
00:52:54,880 –> 00:52:56,880
This maintains your pricing integrity.
1175
00:52:56,880 –> 00:52:58,480
It ensures you’re not under delivering.
1176
00:52:58,480 –> 00:53:00,680
It ensures you’re not burning out on low margin work.
1177
00:53:00,680 –> 00:53:03,480
It also signals to the client that you’re serious about your pricing.
1178
00:53:03,480 –> 00:53:05,880
You’re not desperate. You’re not willing to work for less.
1179
00:53:05,880 –> 00:53:07,680
This actually increases their respect for you.
1180
00:53:07,680 –> 00:53:10,480
However, there are situations where you should be flexible.
1181
00:53:10,480 –> 00:53:13,680
If a client is in a regulated industry with high compliance risk,
1182
00:53:13,680 –> 00:53:15,480
you can justify premium pricing.
1183
00:53:15,480 –> 00:53:17,280
Top of range, they have more to lose.
1184
00:53:17,280 –> 00:53:20,880
If a client is a nonprofit or government agency with genuine budget constraints,
1185
00:53:20,880 –> 00:53:22,880
you can offer a modest discount.
1186
00:53:22,880 –> 00:53:27,280
10 to 15% in exchange for a longer engagement or retainer commitment.
1187
00:53:27,280 –> 00:53:29,080
You’re not discounting because they’re broke.
1188
00:53:29,080 –> 00:53:32,080
You’re adjusting price in exchange for something valuable to you.
1189
00:53:32,080 –> 00:53:35,480
If a client is a good cultural fit and has potential for multi-year,
1190
00:53:35,480 –> 00:53:38,680
multi-plane remediation, you can offer a package discount.
1191
00:53:38,680 –> 00:53:42,680
Bundle assessment plus remediation plus retainer for 10 to 15% off.
1192
00:53:42,680 –> 00:53:45,280
You’re discounting because the lifetime value is high.
1193
00:53:45,280 –> 00:53:49,080
You’re betting on a long-term relationship that will generate substantial revenue.
1194
00:53:49,080 –> 00:53:53,280
The principle, discounts are okay if they’re tied to value or relationship duration,
1195
00:53:53,280 –> 00:53:55,280
not to the client’s budget constraints.
1196
00:53:55,280 –> 00:53:58,880
Another principle always position the price in terms of value, not cost.
1197
00:53:58,880 –> 00:54:01,080
Don’t say the assessment costs $10,000.
1198
00:54:01,080 –> 00:54:07,480
Say the assessment costs $10,000 and typically identifies $500,000 to $1,000,000 in risk that needs to be addressed.
1199
00:54:07,480 –> 00:54:11,680
Most clients recover the cost of the assessment in the first month of remediation.
1200
00:54:11,680 –> 00:54:15,080
This reframes the price as an investment with a clear return.
1201
00:54:15,080 –> 00:54:16,680
Pricing also signals quality.
1202
00:54:16,680 –> 00:54:19,880
Premium pricing signals that you are the best, that you have high standards,
1203
00:54:19,880 –> 00:54:22,080
and that you’re selective about who you work with.
1204
00:54:22,080 –> 00:54:25,880
Low pricing signals that you’re a commodity and that you’re desperate for work.
1205
00:54:25,880 –> 00:54:27,480
Hold your pricing with confidence.
1206
00:54:27,480 –> 00:54:29,880
The clients who are serious about governance will pay it.
1207
00:54:29,880 –> 00:54:32,480
The clients who are shopping on price aren’t your clients anyway.
1208
00:54:32,480 –> 00:54:34,680
Building a team went to higher.
1209
00:54:34,680 –> 00:54:37,280
At some point you’ll have more work than you can do alone.
1210
00:54:37,280 –> 00:54:38,880
This is when you need to build a team.
1211
00:54:38,880 –> 00:54:40,880
And most consultants get this timing wrong.
1212
00:54:40,880 –> 00:54:43,680
The first hire is typically a junior consultant or engineer
1213
00:54:43,680 –> 00:54:46,480
who can handle implementation work under your supervision.
1214
00:54:46,480 –> 00:54:49,880
This person allows you to take on larger remediation engagements
1215
00:54:49,880 –> 00:54:52,480
and freeze you up to focus on sales and strategy.
1216
00:54:52,480 –> 00:54:54,280
You’re not hiring because you’re overworked.
1217
00:54:54,280 –> 00:54:57,680
You’re hiring because you have a pipeline of work that justifies the investment.
1218
00:54:57,680 –> 00:55:00,480
You should hire when you have two to three months of backlogged work,
1219
00:55:00,480 –> 00:55:01,680
not when you’re fully booked.
1220
00:55:01,680 –> 00:55:05,280
If you wait until you’re fully booked, you’ll be stretched thin and won’t have time to sell.
1221
00:55:05,280 –> 00:55:08,280
You’ll be so focused on delivery that you’ll miss the next opportunity.
1222
00:55:08,280 –> 00:55:11,680
If you hire too early, you’ll have bench time and wasted payroll.
1223
00:55:11,680 –> 00:55:14,280
The ideal timing is when you have a pipeline of work
1224
00:55:14,280 –> 00:55:17,280
that would keep the person 60 to 70% utilized.
1225
00:55:17,280 –> 00:55:21,080
That gives you room for training and ramp up without wasting money on idle capacity.
1226
00:55:21,080 –> 00:55:25,080
The second hire is typically a subject matter expert in one of the control planes.
1227
00:55:25,080 –> 00:55:28,880
An identity architect, a security engineer, a data governance specialist.
1228
00:55:28,880 –> 00:55:31,880
This person brings deep expertise that allows you to take on
1229
00:55:31,880 –> 00:55:34,680
more complex engagements and command higher pricing.
1230
00:55:34,680 –> 00:55:36,380
You’re not hiring another generalist.
1231
00:55:36,380 –> 00:55:38,880
You’re hiring a specialist who can handle the hard problems
1232
00:55:38,880 –> 00:55:41,280
while you focus on client relationships and strategy.
1233
00:55:41,280 –> 00:55:43,880
The third hire is typically a business operations person
1234
00:55:43,880 –> 00:55:46,280
who handles sales proposals and delivery management.
1235
00:55:46,280 –> 00:55:49,880
This person frees you up to focus on the technical and strategic work.
1236
00:55:49,880 –> 00:55:51,680
You’re no longer spending time on admin.
1237
00:55:51,680 –> 00:55:53,280
You’re not writing proposals.
1238
00:55:53,280 –> 00:55:54,480
You’re not managing schedules.
1239
00:55:54,480 –> 00:55:57,080
You’re focusing on the work that generates the most value.
1240
00:55:57,080 –> 00:55:59,880
As you grow, you’ll need to decide on your business model.
1241
00:55:59,880 –> 00:56:04,080
Stay as a solo consultant, build a small boutique firm with 5 to 10 people.
1242
00:56:04,080 –> 00:56:06,880
Or scale to a larger firm with 20 or more people.
1243
00:56:06,880 –> 00:56:09,880
The solo consultant model is the most profitable in terms of margins,
1244
00:56:09,880 –> 00:56:12,280
70 to 80% but has a ceiling on revenue.
1245
00:56:12,280 –> 00:56:16,480
You can probably generate 300 to 500,000 annually working alone.
1246
00:56:16,480 –> 00:56:18,080
You’re constrained by your own capacity.
1247
00:56:18,080 –> 00:56:19,680
You can only take on so many clients.
1248
00:56:19,680 –> 00:56:21,080
You can only work so many hours.
1249
00:56:21,080 –> 00:56:25,680
The boutique firm model with 5 to 10 people has lower margins, 40 to 50%,
1250
00:56:25,680 –> 00:56:28,680
but higher revenue potential, 1 to 3 million annually.
1251
00:56:28,680 –> 00:56:29,680
You’ve got leverage.
1252
00:56:29,680 –> 00:56:30,680
You’ve got team capacity.
1253
00:56:30,680 –> 00:56:32,280
You can take on larger engagements.
1254
00:56:32,280 –> 00:56:33,680
You can serve more clients.
1255
00:56:33,680 –> 00:56:35,880
You’re building a business that’s bigger than yourself.
1256
00:56:35,880 –> 00:56:39,080
The larger firm model with 20 or more people has even lower margins,
1257
00:56:39,080 –> 00:56:42,480
20 to 30%, but much higher revenue potential.
1258
00:56:42,480 –> 00:56:45,880
5 million or more annually, you’re running a full service consulting firm.
1259
00:56:45,880 –> 00:56:47,280
You’ve got multiple service lines.
1260
00:56:47,280 –> 00:56:48,480
You’ve got geographic reach.
1261
00:56:48,480 –> 00:56:52,880
You’ve got the ability to serve enterprise clients with complex multi-year engagements.
1262
00:56:52,880 –> 00:56:54,280
The choice depends on your goals.
1263
00:56:54,280 –> 00:56:57,680
If you want to maximize personal income, stay solo or build a small boutique.
1264
00:56:57,680 –> 00:57:01,480
If you want to build a scalable business that can be sold or scaled further,
1265
00:57:01,480 –> 00:57:03,680
invest in building a team and systems.
1266
00:57:03,680 –> 00:57:06,680
The key principle, higher for leverage, not to reduce your workload.
1267
00:57:06,680 –> 00:57:09,480
Each hire should allow you to take on more valuable work,
1268
00:57:09,480 –> 00:57:15,080
not just reduce your hours, a junior consultant should allow you to take on 2 to 3 times more remediation work.
1269
00:57:15,080 –> 00:57:18,880
A subject matter expert should allow you to take on more complex engagements
1270
00:57:18,880 –> 00:57:20,280
that command higher pricing.
1271
00:57:20,280 –> 00:57:23,280
A business operations person should allow you to focus on the work
1272
00:57:23,280 –> 00:57:24,680
that generates the most value.
1273
00:57:24,680 –> 00:57:27,880
This is the difference between hiring to reduce stress and hiring to scale.
1274
00:57:27,880 –> 00:57:29,880
One is tactical, the other is strategic.
1275
00:57:29,880 –> 00:57:31,680
You’re not hiring because you’re tired.
1276
00:57:31,680 –> 00:57:33,680
You’re hiring because you’ve identified leverage
1277
00:57:33,680 –> 00:57:36,280
that will increase your revenue and impact.
1278
00:57:36,280 –> 00:57:39,680
Specialization versus generalization, the strategic choice.
1279
00:57:39,680 –> 00:57:43,280
As you grow, you’ll face a choice that determines the trajectory of your business.
1280
00:57:43,280 –> 00:57:46,080
Go deeper in one domain or broader across domains.
1281
00:57:46,080 –> 00:57:49,280
This is the specialization versus generalization question
1282
00:57:49,280 –> 00:57:53,480
and it has profound implications for your positioning, pricing and market opportunity.
1283
00:57:53,480 –> 00:57:56,680
The specialist path means you focus on one control plane
1284
00:57:56,680 –> 00:57:59,080
and become the world’s expert in that domain.
1285
00:57:59,080 –> 00:58:00,920
Identity governance, for example, you know,
1286
00:58:00,920 –> 00:58:02,280
enter ID inside and out.
1287
00:58:02,280 –> 00:58:04,680
You understand every nuance of conditional access.
1288
00:58:04,680 –> 00:58:07,480
You can architect complex access models that others can’t.
1289
00:58:07,480 –> 00:58:09,880
You command premium pricing for identity work
1290
00:58:09,880 –> 00:58:12,080
because there are fewer specialists than generalists.
1291
00:58:12,080 –> 00:58:15,680
Specialists have less competition because there are fewer people willing to go deep enough
1292
00:58:15,680 –> 00:58:17,480
to become world class in one domain.
1293
00:58:17,480 –> 00:58:20,280
Most consultants stay generalists because it feels safer.
1294
00:58:20,280 –> 00:58:24,080
Browder market, more opportunities, less risk of market saturation,
1295
00:58:24,080 –> 00:58:25,480
but that safety comes at a cost.
1296
00:58:25,480 –> 00:58:28,480
You’re competing against everyone else who’s also a generalist.
1297
00:58:28,480 –> 00:58:31,480
You’re competing on price because you’re not differentiated.
1298
00:58:31,480 –> 00:58:34,480
The specialist path also gives you deeper expertise and faster execution.
1299
00:58:34,480 –> 00:58:36,880
You’ve solved identity governance problems a hundred times.
1300
00:58:36,880 –> 00:58:40,680
You know what works, you know what doesn’t, you know the edge cases, you know the gotchas.
1301
00:58:40,680 –> 00:58:42,480
A generalist is learning as they go.
1302
00:58:42,480 –> 00:58:44,480
A specialist is executing from experience.
1303
00:58:44,480 –> 00:58:46,680
This speed difference is worth money to the client.
1304
00:58:46,680 –> 00:58:50,880
It means faster remediation, faster time to value, faster risk reduction.
1305
00:58:50,880 –> 00:58:54,680
The downside of specialization is that you have a smaller addressable market.
1306
00:58:54,680 –> 00:58:56,080
You’re dependent on one domain.
1307
00:58:56,080 –> 00:59:00,280
If identity governance becomes commoditized or if the market shifts, you are vulnerable.
1308
00:59:00,280 –> 00:59:02,280
You’ve built your entire business around one thing.
1309
00:59:02,280 –> 00:59:04,680
If that thing changes, you have to change with it.
1310
00:59:04,680 –> 00:59:08,880
The generalist path means you offer comprehensive governance across all control planes.
1311
00:59:08,880 –> 00:59:11,880
Identity, productivity, infrastructure.
1312
00:59:11,880 –> 00:59:14,080
You can help clients with any governance problem.
1313
00:59:14,080 –> 00:59:18,080
You have a larger addressable market because you can serve clients with any governance need.
1314
00:59:18,080 –> 00:59:21,280
You have more opportunities for upselling because you can fix identity,
1315
00:59:21,280 –> 00:59:23,880
then sell productivity, then sell infrastructure.
1316
00:59:23,880 –> 00:59:28,280
The downside of generalization is that you’re competing against specialists in each domain
1317
00:59:28,280 –> 00:59:29,480
and you’re less differentiated.
1318
00:59:29,480 –> 00:59:31,880
You need deeper expertise across multiple domains.
1319
00:59:31,880 –> 00:59:33,080
Which is harder to build.
1320
00:59:33,080 –> 00:59:34,680
You’re a mile wide and an inch deep.
1321
00:59:34,680 –> 00:59:36,880
Specialists are an inch wide and a mile deep.
1322
00:59:36,880 –> 00:59:39,480
Clients with specific problems prefer the specialist.
1323
00:59:39,480 –> 00:59:43,080
The optimal path for most consultants is specialist with adjacent expertise.
1324
00:59:43,080 –> 00:59:46,680
You specialize in one control plane, identity governance, for example,
1325
00:59:46,680 –> 00:59:49,480
and develop adjacent expertise in the others.
1326
00:59:49,480 –> 00:59:51,480
This allows you to be the expert in your primary domain,
1327
00:59:51,480 –> 00:59:53,880
while also being able to handle related work.
1328
00:59:53,880 –> 00:59:56,680
Your primary expertise is identity governance,
1329
00:59:56,680 –> 01:00:00,080
but you understand how identity connects to productivity governance
1330
01:00:00,080 –> 01:00:04,080
through co-pilot access control and infrastructure governance through Azure R-Back.
1331
01:00:04,080 –> 01:00:08,080
This positioning allows you to be the primary consultant for identity work
1332
01:00:08,080 –> 01:00:12,080
while also being a trusted advisor for broader governance questions.
1333
01:00:12,080 –> 01:00:14,480
As you grow, you can hire specialists in the adjacent domains
1334
01:00:14,480 –> 01:00:17,680
and position yourself as the orchestrator of comprehensive governance.
1335
01:00:17,680 –> 01:00:20,280
This is the path that leads to a million plus business.
1336
01:00:20,280 –> 01:00:21,880
You become known for one domain.
1337
01:00:21,880 –> 01:00:24,880
You build a team of specialists in other domains.
1338
01:00:24,880 –> 01:00:27,680
You position yourself as the architect who brings it all together.
1339
01:00:27,680 –> 01:00:29,680
The client’s primary relationship is with you.
1340
01:00:29,680 –> 01:00:31,080
You understand their business.
1341
01:00:31,080 –> 01:00:32,880
You understand their risk profiles.
1342
01:00:32,880 –> 01:00:34,080
You coordinate the specialists.
1343
01:00:34,080 –> 01:00:36,480
You ensure consistency across all control planes.
1344
01:00:36,480 –> 01:00:38,480
This is also how you build a responsibility.
1345
01:00:38,480 –> 01:00:41,680
If you’re the identity governance expert in the Microsoft ecosystem,
1346
01:00:41,680 –> 01:00:44,280
you’re the obvious choice when someone needs identity working.
1347
01:00:44,280 –> 01:00:46,880
If you’ve built a team of specialists in other domains,
1348
01:00:46,880 –> 01:00:49,680
you’re also the obvious choice for comprehensive governance.
1349
01:00:49,680 –> 01:00:52,280
You’ve made yourself indispensable because you’re the only person
1350
01:00:52,280 –> 01:00:55,080
who understands all the pieces and how they fit together.
1351
01:00:55,080 –> 01:00:58,680
The specialist with adjacent expertise path also allows you to scale
1352
01:00:58,680 –> 01:00:59,880
without losing focus.
1353
01:00:59,880 –> 01:01:01,480
You’re not trying to be everything to everyone.
1354
01:01:01,480 –> 01:01:02,880
You’re the expert in one domain.
1355
01:01:02,880 –> 01:01:04,880
You’re the coordinator of comprehensive governance.
1356
01:01:04,880 –> 01:01:07,880
You’re the architect who understands how systems work at scale.
1357
01:01:07,880 –> 01:01:11,280
This is the positioning that generates sustainable, scalable revenue.
1358
01:01:11,280 –> 01:01:14,280
This is the positioning that allows you to command premium pricing.
1359
01:01:14,280 –> 01:01:17,480
This is the positioning that separates commodity consultants
1360
01:01:17,480 –> 01:01:19,480
from architects of necessity.
1361
01:01:19,480 –> 01:01:21,880
The 12-month plan to 100 K-plus.
1362
01:01:21,880 –> 01:01:25,080
Let’s put this all together into a concrete plan for the next 12 months.
1363
01:01:25,080 –> 01:01:28,880
This is how you move from commodity consultant to architect of necessity.
1364
01:01:28,880 –> 01:01:32,680
This is how you build a business that generates consistent premium revenue.
1365
01:01:32,680 –> 01:01:33,880
Months 1 and 2.
1366
01:01:33,880 –> 01:01:35,880
Positioning and content foundation.
1367
01:01:35,880 –> 01:01:37,880
Start by rewriting your LinkedIn profile.
1368
01:01:37,880 –> 01:01:39,480
Remove the builder language.
1369
01:01:39,480 –> 01:01:41,280
Replace it with architect language.
1370
01:01:41,280 –> 01:01:43,880
You’re not implementing power apps and Azure solutions.
1371
01:01:43,880 –> 01:01:47,680
You’re architecting control systems that reduce architectural entropy
1372
01:01:47,680 –> 01:01:49,480
and enforce governance at scale.
1373
01:01:49,480 –> 01:01:51,080
Your headline isn’t about tools.
1374
01:01:51,080 –> 01:01:52,280
It’s about outcomes.
1375
01:01:52,280 –> 01:01:54,280
Your about section isn’t about your certifications.
1376
01:01:54,280 –> 01:01:57,080
It’s about the problems you solve and the frameworks you’ve developed.
1377
01:01:57,080 –> 01:02:00,080
Create a 10-point framework for assessing control plane maturity.
1378
01:02:00,080 –> 01:02:01,880
This is your intellectual property.
1379
01:02:01,880 –> 01:02:04,080
This is what differentiates you from everyone else.
1380
01:02:04,080 –> 01:02:05,480
It doesn’t have to be complicated.
1381
01:02:05,480 –> 01:02:06,280
It’s a checklist.
1382
01:02:06,280 –> 01:02:09,080
10 questions that assess the maturity of identity governance,
1383
01:02:09,080 –> 01:02:11,480
productivity governance and infrastructure governance.
1384
01:02:11,480 –> 01:02:13,480
You’ll use this framework in assessments.
1385
01:02:13,480 –> 01:02:14,280
You’ll publish it.
1386
01:02:14,280 –> 01:02:16,280
You’ll build your entire positioning around it.
1387
01:02:16,280 –> 01:02:20,080
Publish your first five long-form pieces on architectural entropy and governance.
1388
01:02:20,080 –> 01:02:21,280
These are LinkedIn articles.
1389
01:02:21,280 –> 01:02:22,280
Block posts.
1390
01:02:22,280 –> 01:02:23,280
Medium pieces.
1391
01:02:23,280 –> 01:02:24,680
The titles are provocative.
1392
01:02:24,680 –> 01:02:28,080
Why your cloud migration is creating more risk than it’s solving?
1393
01:02:28,080 –> 01:02:31,080
The hidden cost of unmanaged power platform flows.
1394
01:02:31,080 –> 01:02:32,280
Identity drift.
1395
01:02:32,280 –> 01:02:35,080
The invisible tax on your security budget.
1396
01:02:35,080 –> 01:02:36,680
You’re not writing tutorials.
1397
01:02:36,680 –> 01:02:38,080
You’re writing thought leadership.
1398
01:02:38,080 –> 01:02:39,080
You’re naming problems.
1399
01:02:39,080 –> 01:02:40,080
You’re offering frameworks.
1400
01:02:40,080 –> 01:02:42,080
You’re building authority.
1401
01:02:42,080 –> 01:02:45,080
Identify 50 target companies with entropy signals.
1402
01:02:45,080 –> 01:02:48,080
These are companies that have announced cloud initiatives,
1403
01:02:48,080 –> 01:02:50,880
suffered breaches or are facing regulatory pressure.
1404
01:02:50,880 –> 01:02:52,280
You’re going to reach out to them.
1405
01:02:52,280 –> 01:02:54,280
You’re going to start the outbound process.
1406
01:02:54,280 –> 01:02:56,080
You’re going to begin building your pipeline.
1407
01:02:56,080 –> 01:02:58,280
Start personalized outbound outreach.
1408
01:02:58,280 –> 01:02:59,680
Five to 10 emails per week.
1409
01:02:59,680 –> 01:03:01,080
These are not generic emails.
1410
01:03:01,080 –> 01:03:03,680
These are personalized to the company’s situation.
1411
01:03:03,680 –> 01:03:05,880
You’re referencing their specific entropy signal.
1412
01:03:05,880 –> 01:03:07,480
You’re asking a specific question.
1413
01:03:07,480 –> 01:03:08,680
You’re starting conversations.
1414
01:03:08,680 –> 01:03:10,080
You’re planting seeds.
1415
01:03:10,080 –> 01:03:11,480
Months three and four.
1416
01:03:11,480 –> 01:03:13,280
Thought leadership and pipeline.
1417
01:03:13,280 –> 01:03:14,880
Continue publishing content.
1418
01:03:14,880 –> 01:03:16,480
Two to three LinkedIn posts per week.
1419
01:03:16,480 –> 01:03:18,680
Engage with other architects and security leaders.
1420
01:03:18,680 –> 01:03:19,880
Comment on their posts.
1421
01:03:19,880 –> 01:03:20,880
Build relationships.
1422
01:03:20,880 –> 01:03:22,680
Share your case studies and frameworks.
1423
01:03:22,680 –> 01:03:24,680
Make them specific enough to be useful,
1424
01:03:24,680 –> 01:03:27,480
but abstract enough to be applicable across industries.
1425
01:03:27,480 –> 01:03:29,480
Your outbound is generating responses now.
1426
01:03:29,480 –> 01:03:30,880
You’re getting discovery conversations.
1427
01:03:30,880 –> 01:03:32,280
You’re pitching assessments.
1428
01:03:32,280 –> 01:03:35,080
Summer saying, yes, you’re closing your first assessment engagement.
1429
01:03:35,080 –> 01:03:36,480
This is your proof of concept.
1430
01:03:36,480 –> 01:03:37,680
This is your first case study.
1431
01:03:37,680 –> 01:03:39,480
This is your first opportunity to prove
1432
01:03:39,480 –> 01:03:40,480
that the framework works.
1433
01:03:40,480 –> 01:03:41,880
Continue outbound outreach.
1434
01:03:41,880 –> 01:03:43,680
You’re now running a systematic process.
1435
01:03:43,680 –> 01:03:44,680
Research companies.
1436
01:03:44,680 –> 01:03:46,080
Identify entropy signals.
1437
01:03:46,080 –> 01:03:47,280
Personalize emails.
1438
01:03:47,280 –> 01:03:48,080
Follow up.
1439
01:03:48,080 –> 01:03:50,880
You’re getting two to four discovery conversations per month.
1440
01:03:50,880 –> 01:03:53,480
That’s converting to one assessment engagement per month.
1441
01:03:53,480 –> 01:03:54,880
You’re building pipeline.
1442
01:03:54,880 –> 01:03:56,080
Months five and six.
1443
01:03:56,080 –> 01:03:57,880
First assessment and remediation.
1444
01:03:57,880 –> 01:03:59,480
Your first assessment is underway.
1445
01:03:59,480 –> 01:04:00,880
You’re in the client’s environment.
1446
01:04:00,880 –> 01:04:02,480
You’re analyzing their control planes.
1447
01:04:02,480 –> 01:04:03,680
You’re identifying entropy.
1448
01:04:03,680 –> 01:04:04,680
You’re quantifying risk.
1449
01:04:04,680 –> 01:04:05,880
You’re building the report.
1450
01:04:05,880 –> 01:04:07,280
This is where you prove your value.
1451
01:04:07,280 –> 01:04:09,280
This is where you show that the framework works.
1452
01:04:09,280 –> 01:04:11,280
You’re also closing your second assessment.
1453
01:04:11,280 –> 01:04:12,480
Your outbound is working.
1454
01:04:12,480 –> 01:04:13,880
Your positioning is working.
1455
01:04:13,880 –> 01:04:15,280
You’re getting inbound inquiries now.
1456
01:04:15,280 –> 01:04:16,880
People who’ve engaged with your content.
1457
01:04:16,880 –> 01:04:18,680
People who understand the problem.
1458
01:04:18,680 –> 01:04:20,080
People who are ready to buy.
1459
01:04:20,080 –> 01:04:21,280
By the end of month six,
1460
01:04:21,280 –> 01:04:22,680
your first assessment is complete.
1461
01:04:22,680 –> 01:04:24,080
You’re presenting the report.
1462
01:04:24,080 –> 01:04:25,080
The client is shocked.
1463
01:04:25,080 –> 01:04:26,680
They didn’t know they had this much entropy.
1464
01:04:26,680 –> 01:04:28,680
They didn’t know the risk was this high.
1465
01:04:28,680 –> 01:04:29,880
They’re ready to remediate.
1466
01:04:29,880 –> 01:04:31,880
You’re closing your first remediation engagement.
1467
01:04:31,880 –> 01:04:34,480
This is 120 to 150,000 dollars.
1468
01:04:34,480 –> 01:04:36,280
This is your first big deal.
1469
01:04:36,280 –> 01:04:37,680
Months seven through nine.
1470
01:04:37,680 –> 01:04:40,080
Remediation execution and pipeline building.
1471
01:04:40,080 –> 01:04:41,680
Your first remediation is underway.
1472
01:04:41,680 –> 01:04:42,880
Your deploying controls.
1473
01:04:42,880 –> 01:04:43,680
Your training teams.
1474
01:04:43,680 –> 01:04:44,880
Your building governance.
1475
01:04:44,880 –> 01:04:46,080
This is the real work.
1476
01:04:46,080 –> 01:04:48,280
This is where you prove that you can execute.
1477
01:04:48,280 –> 01:04:51,280
This is where you build the case study that changes everything.
1478
01:04:51,280 –> 01:04:52,880
Your outbound is still running.
1479
01:04:52,880 –> 01:04:54,080
Your closing assessments.
1480
01:04:54,080 –> 01:04:55,880
Your closing your second remediation.
1481
01:04:55,880 –> 01:04:57,280
Your building pipeline.
1482
01:04:57,280 –> 01:04:58,680
You’re getting inbound leads now.
1483
01:04:58,680 –> 01:04:59,880
People who’ve seen your content.
1484
01:04:59,880 –> 01:05:01,680
People who’ve engaged with your framework.
1485
01:05:01,680 –> 01:05:02,880
People who are ready to buy.
1486
01:05:02,880 –> 01:05:04,080
By the end of month nine,
1487
01:05:04,080 –> 01:05:05,680
your first remediation is complete.
1488
01:05:05,680 –> 01:05:06,880
You’re presenting the outcomes.
1489
01:05:06,880 –> 01:05:09,680
Roll assignments reduced by 85%.
1490
01:05:09,680 –> 01:05:11,680
Prove-ledged accounts brought under control.
1491
01:05:11,680 –> 01:05:12,680
Compliance gaps closed.
1492
01:05:12,680 –> 01:05:13,680
The client is impressed.
1493
01:05:13,680 –> 01:05:15,480
They’re ready for the advisory retainer.
1494
01:05:15,480 –> 01:05:18,280
Your closing your first ten thousand dollar per month retainer.
1495
01:05:18,280 –> 01:05:20,880
Months ten through twelve retainer and scaling.
1496
01:05:20,880 –> 01:05:22,280
You’ve got your first retainer.
1497
01:05:22,280 –> 01:05:24,280
You’ve got two remediation engagements in flight.
1498
01:05:24,280 –> 01:05:26,280
You’ve got three to four assessments in your pipeline.
1499
01:05:26,280 –> 01:05:28,280
Your generating consistent revenue.
1500
01:05:28,280 –> 01:05:29,880
Your building a predictable business.
1501
01:05:29,880 –> 01:05:31,680
Your thought leadership is paying dividends.
1502
01:05:31,680 –> 01:05:34,080
Your getting inbound leads without prospecting.
1503
01:05:34,080 –> 01:05:36,280
Your getting referrals from satisfied clients.
1504
01:05:36,280 –> 01:05:38,280
Your getting speaking opportunities.
1505
01:05:38,280 –> 01:05:39,680
Your getting media inquiries.
1506
01:05:39,680 –> 01:05:43,080
You’re becoming known as the architect of necessity in the Microsoft ecosystem.
1507
01:05:43,080 –> 01:05:44,280
By the end of month twelve,
1508
01:05:44,280 –> 01:05:47,080
you’ve generated one hundred to one hundred fifty thousand in revenue.
1509
01:05:47,080 –> 01:05:48,280
You’ve got one retainer.
1510
01:05:48,280 –> 01:05:50,880
You’ve got two remediation engagements completed.
1511
01:05:50,880 –> 01:05:52,480
You’ve got a pipeline of assessments.
1512
01:05:52,480 –> 01:05:55,680
You’re on track to hit two hundred to three hundred thousand in year two.
1513
01:05:55,680 –> 01:05:57,080
This is the twelve month plan.
1514
01:05:57,080 –> 01:06:00,880
This is how you move from commodity consultant to architect of necessity.
1515
01:06:00,880 –> 01:06:04,080
This is how you build a business that generates consistent premium revenue.
1516
01:06:04,080 –> 01:06:06,280
This is how you hit one hundred K plus.
1517
01:06:06,280 –> 01:06:07,280
The real work.
1518
01:06:07,280 –> 01:06:08,480
You now have the framework.
1519
01:06:08,480 –> 01:06:09,480
You have the positioning.
1520
01:06:09,480 –> 01:06:10,680
You have the pricing model.
1521
01:06:10,680 –> 01:06:12,680
You have the client acquisition strategy.
1522
01:06:12,680 –> 01:06:17,480
You know how to position yourself as an architect of necessity instead of a feature builder.
1523
01:06:17,480 –> 01:06:19,480
You know how to price governance instead of projects.
1524
01:06:19,480 –> 01:06:23,080
You know how to build a business around risk mitigation instead of hours.
1525
01:06:23,080 –> 01:06:24,080
But here’s what matters.
1526
01:06:24,080 –> 01:06:26,080
This only works if you actually execute.
1527
01:06:26,080 –> 01:06:30,080
If you stay positioned as a builder, if you compete on cost, if you give away discovery,
1528
01:06:30,080 –> 01:06:31,080
nothing changes.
1529
01:06:31,080 –> 01:06:32,880
The framework only works if you apply it.
1530
01:06:32,880 –> 01:06:37,080
Start small, run one assessment, charge for it, get a risk report into a client’s hands,
1531
01:06:37,080 –> 01:06:40,680
see what happens, see how they react when you quantify the entropy they didn’t know they had.
1532
01:06:40,680 –> 01:06:44,080
See how fast they want to remediate once they understand the cost of inaction.
1533
01:06:44,080 –> 01:06:46,280
That’s when you’ll understand that this isn’t theory.
1534
01:06:46,280 –> 01:06:48,880
This is how consulting actually works at the top level.
1535
01:06:48,880 –> 01:06:52,480
The consultants making one hundred K plus aren’t smarter than you.
1536
01:06:52,480 –> 01:06:54,280
They’re not better at coding or configuring.
1537
01:06:54,280 –> 01:06:55,880
They’re just positioned differently.
1538
01:06:55,880 –> 01:06:59,880
They sell necessity, not features and necessity always beats cost.
1539
01:06:59,880 –> 01:07:03,480
If this episode helped you think differently about your consulting business,
1540
01:07:03,480 –> 01:07:05,280
please leave a review wherever you’re listening.
1541
01:07:05,280 –> 01:07:06,680
Reviews tell us what resonates.
1542
01:07:06,680 –> 01:07:08,480
They tell us what you want to hear more about.
1543
01:07:08,480 –> 01:07:10,680
They help other architects find this conversation.
1544
01:07:10,680 –> 01:07:12,880
If you want to share your own entropy story,
1545
01:07:12,880 –> 01:07:15,480
discuss how you’re repositioning your consulting practice
1546
01:07:15,480 –> 01:07:21,480
or suggest a future episode topic, connect with Mirko Peters on LinkedIn at M365 show.
1547
01:07:21,480 –> 01:07:22,480
He reads every message.
1548
01:07:22,480 –> 01:07:27,480
He’s building this community of architects who understand that governance is where the premium revenue lives.
1549
01:07:27,480 –> 01:07:30,680
Until next time, stop building features, start architecting control.
