The $100,000 Microsoft Consultant Blueprint: Engineering Architectural Necessity

1
00:00:00,000 --> 00:00:02,080
Most Microsoft consultants are commoditized,

2
00:00:02,080 --> 00:00:03,400
not because they lack skill,

3
00:00:03,400 --> 00:00:05,640
because they sell the wrong thing, they sell execution,

4
00:00:05,640 --> 00:00:07,880
they sell hours, they sell apps and automations

5
00:00:07,880 --> 00:00:10,760
and migrations, they compete on delivery speed and cost,

6
00:00:10,760 --> 00:00:12,480
and they lose every single time

7
00:00:12,480 --> 00:00:15,200
to the consultant who understands what companies actually need.

8
00:00:15,200 --> 00:00:17,960
The highest paid Microsoft consultants in 2026

9
00:00:17,960 --> 00:00:20,600
don't build anything, they architect control systems,

10
00:00:20,600 --> 00:00:23,920
they engineer governance, they reduce architectural entropy,

11
00:00:23,920 --> 00:00:26,240
and they charge 250's an hour, not 60,

12
00:00:26,240 --> 00:00:28,200
because they're not competing on technical skill,

13
00:00:28,200 --> 00:00:29,840
they're competing on risk mitigation,

14
00:00:29,840 --> 00:00:32,640
and here's the gap, feature work pays $60 an hour,

15
00:00:32,640 --> 00:00:35,320
entropy mitigation pays $250 an hour,

16
00:00:35,320 --> 00:00:38,320
a power app costs 50K and takes three months,

17
00:00:38,320 --> 00:00:41,840
a governance remediation costs 150K and takes 12 weeks,

18
00:00:41,840 --> 00:00:43,520
and it prevents a $2 million breach,

19
00:00:43,520 --> 00:00:45,640
one is a project, the other is necessity.

20
00:00:45,640 --> 00:00:47,360
By the end of this, you'll have a framework

21
00:00:47,360 --> 00:00:50,440
for repositioning what you sell, how you price it,

22
00:00:50,440 --> 00:00:52,880
and how you acquire clients who will pay for governance

23
00:00:52,880 --> 00:00:53,800
instead of builds.

24
00:00:53,800 --> 00:00:55,200
This isn't about certifications,

25
00:00:55,200 --> 00:00:58,320
it's about understanding that companies don't have app problems,

26
00:00:58,320 --> 00:01:01,880
they have architectural decay, the architectural entropy problem.

27
00:01:01,880 --> 00:01:03,880
Most consultants miss the real problem

28
00:01:03,880 --> 00:01:05,800
because they're looking at the wrong layer.

29
00:01:05,800 --> 00:01:07,760
Architectural entropy is the proliferation

30
00:01:07,760 --> 00:01:09,840
of possible system states, configurations,

31
00:01:09,840 --> 00:01:12,200
and dependencies that make behavior unpredictable.

32
00:01:12,200 --> 00:01:14,400
It's not a feature problem, it's a structural problem,

33
00:01:14,400 --> 00:01:16,760
and it compounds silently until it costs millions,

34
00:01:16,760 --> 00:01:18,840
it manifests across four dimensions.

35
00:01:18,840 --> 00:01:23,320
State entropy, data inconsistencies, dual rights,

36
00:01:23,320 --> 00:01:27,320
permanent temporary copies that nobody can remove.

37
00:01:27,320 --> 00:01:30,520
Configuration entropy, feature flags, settings,

38
00:01:30,520 --> 00:01:32,000
policies that drift over time

39
00:01:32,000 --> 00:01:34,920
until nobody remembers why they exist.

40
00:01:34,920 --> 00:01:38,920
Interaction entropy, service cascades, retry storms,

41
00:01:38,920 --> 00:01:42,520
dependencies that multiply faster than anyone can track.

42
00:01:42,520 --> 00:01:45,280
Organizational entropy, unclear ownership,

43
00:01:45,280 --> 00:01:48,680
distributed decision making, teams operating in silos.

44
00:01:48,680 --> 00:01:50,600
Companies don't know they have an entropy problem

45
00:01:50,600 --> 00:01:53,160
until it costs them, a breach that takes six months

46
00:01:53,160 --> 00:01:55,840
to detect because identity governance never existed

47
00:01:55,840 --> 00:01:59,280
and audit failure because access reviews were never automated.

48
00:01:59,280 --> 00:02:02,200
A failed migration that takes 18 months instead of six

49
00:02:02,200 --> 00:02:04,560
because the architecture was never designed for cloud.

50
00:02:04,560 --> 00:02:07,480
A compliance incident because data loss prevention policies

51
00:02:07,480 --> 00:02:08,560
were never enforced.

52
00:02:08,560 --> 00:02:10,800
By then the debt is structural, it's not fixable

53
00:02:10,800 --> 00:02:12,520
with another app or another automation.

54
00:02:12,520 --> 00:02:13,520
This is where you come in,

55
00:02:13,520 --> 00:02:16,000
but only if you're positioned as the architect of control,

56
00:02:16,000 --> 00:02:17,640
not the builder of features.

57
00:02:17,640 --> 00:02:20,280
The consultant who sees entropy wins the contract.

58
00:02:20,280 --> 00:02:23,720
The one who sees we need a power app loses to the lowest bidder.

59
00:02:23,720 --> 00:02:25,120
That's the fundamental distinction.

60
00:02:25,120 --> 00:02:27,200
One consultant diagnoses the disease,

61
00:02:27,200 --> 00:02:28,600
the other treats the symptom.

62
00:02:28,600 --> 00:02:30,920
Most organizations are operating in reactive mode.

63
00:02:30,920 --> 00:02:32,200
They solve yesterday's problems

64
00:02:32,200 --> 00:02:34,000
while entropy accumulates in the background

65
00:02:34,000 --> 00:02:35,840
by the time leadership notices.

66
00:02:35,840 --> 00:02:38,440
Through an audit failure, a breach, a failed migration,

67
00:02:38,440 --> 00:02:39,920
the problem is no longer technical.

68
00:02:39,920 --> 00:02:42,920
It's architectural, the system has too many possible states,

69
00:02:42,920 --> 00:02:46,000
too many configuration parts, too many undocumented dependencies,

70
00:02:46,000 --> 00:02:47,800
too many teams making independent decisions

71
00:02:47,800 --> 00:02:49,080
without shared governance.

72
00:02:49,080 --> 00:02:50,680
And here's what matters, they know this,

73
00:02:50,680 --> 00:02:53,480
CISOs know it, CFOs know it, Chief Risk Officers know it,

74
00:02:53,480 --> 00:02:55,560
but most IT teams don't know how to articulate it.

75
00:02:55,560 --> 00:02:56,840
They don't have a language for it.

76
00:02:56,840 --> 00:02:58,640
They don't have a framework for measuring it.

77
00:02:58,640 --> 00:03:00,160
They don't have a path to fixing it.

78
00:03:00,160 --> 00:03:02,160
That's your opening, that's your positioning.

79
00:03:02,160 --> 00:03:04,800
You become the person who sees the entropy, quantifies it,

80
00:03:04,800 --> 00:03:07,280
and builds a remediation roadmap that actually works.

81
00:03:07,280 --> 00:03:08,720
The consultant who treats identities,

82
00:03:08,720 --> 00:03:10,400
sprawl, power platform chaos,

83
00:03:10,400 --> 00:03:13,640
and a Zua cost entropy as separate problems loses every time.

84
00:03:13,640 --> 00:03:16,280
The consultant who treats them as symptoms of one problem,

85
00:03:16,280 --> 00:03:19,480
architectural entropy across the entire Microsoft control plane

86
00:03:19,480 --> 00:03:20,480
becomes indispensable.

87
00:03:20,480 --> 00:03:24,920
This is the shift from I build apps to I architect control systems.

88
00:03:24,920 --> 00:03:28,040
It's the difference between 80K annually and 100K plus,

89
00:03:28,040 --> 00:03:30,400
why companies are drowning in architectural debt.

90
00:03:30,400 --> 00:03:33,200
Understanding why organizations end up in this position

91
00:03:33,200 --> 00:03:35,720
requires looking at how they actually adopted cloud

92
00:03:35,720 --> 00:03:37,040
and Microsoft technologies.

93
00:03:37,040 --> 00:03:39,640
It wasn't strategic, it was reactive.

94
00:03:39,640 --> 00:03:42,080
Organizations adopted cloud, Microsoft 365,

95
00:03:42,080 --> 00:03:45,200
Azure Power Platform, without establishing control planes first.

96
00:03:45,200 --> 00:03:46,560
They didn't build identity governance

97
00:03:46,560 --> 00:03:47,920
before rolling out EntraID.

98
00:03:47,920 --> 00:03:49,800
They didn't implement data loss prevention

99
00:03:49,800 --> 00:03:51,280
before enabling Power Platform.

100
00:03:51,280 --> 00:03:52,920
They didn't establish subscription governance

101
00:03:52,920 --> 00:03:54,800
before spinning up Azure resources.

102
00:03:54,800 --> 00:03:56,560
They just started using the tools.

103
00:03:56,560 --> 00:03:58,440
Each new tool added complexity,

104
00:03:58,440 --> 00:04:00,880
without simplifying the underlying architecture.

105
00:04:00,880 --> 00:04:04,240
Co-pilot arrived, and suddenly there is AI interacting

106
00:04:04,240 --> 00:04:06,400
with sensitive data without governance.

107
00:04:06,400 --> 00:04:08,800
Agents launched and nobody knows which autonomous systems

108
00:04:08,800 --> 00:04:10,360
have access to which resources.

109
00:04:10,360 --> 00:04:11,920
Fabric launched and the data estate

110
00:04:11,920 --> 00:04:13,360
became even more fragmented.

111
00:04:13,360 --> 00:04:16,200
Every innovation added another layer of possible states

112
00:04:16,200 --> 00:04:18,200
without reducing the layers below it.

113
00:04:18,200 --> 00:04:19,400
Teams operate in silos.

114
00:04:19,400 --> 00:04:21,120
IT doesn't know what Power Platform is building.

115
00:04:21,120 --> 00:04:23,600
Security doesn't see the EntraID drift accumulating

116
00:04:23,600 --> 00:04:24,520
in the background.

117
00:04:24,520 --> 00:04:26,640
Finance doesn't understand the Azure sprawl.

118
00:04:26,640 --> 00:04:28,960
Nobody owns the problem because everybody assumes

119
00:04:28,960 --> 00:04:30,480
someone else is managing it.

120
00:04:30,480 --> 00:04:31,960
The result is predictable.

121
00:04:31,960 --> 00:04:33,600
I've seen it hundreds of times.

122
00:04:33,600 --> 00:04:36,840
A financial services organization with fund 200 direct

123
00:04:36,840 --> 00:04:40,320
role assignments when best practice is 50 to 100.

124
00:04:40,320 --> 00:04:43,560
23 global administrators when the number should be three to five.

125
00:04:43,560 --> 00:04:45,080
No privileged identity management,

126
00:04:45,080 --> 00:04:47,960
no access reviews, no life cycle automation,

127
00:04:47,960 --> 00:04:49,960
service principles with permanent credentials

128
00:04:49,960 --> 00:04:51,560
and no rotation schedule.

129
00:04:51,560 --> 00:04:54,880
847 of them discovered in a single audit.

130
00:04:54,880 --> 00:04:57,560
A manufacturing company with 430 unmanaged power

131
00:04:57,560 --> 00:05:00,280
automate flows, 87 unmanaged canvas apps,

132
00:05:00,280 --> 00:05:03,320
zero data loss prevention policies, no environment tiering,

133
00:05:03,320 --> 00:05:06,280
citizen developers creating flows that export production data

134
00:05:06,280 --> 00:05:08,440
to personal one-drive accounts without approval.

135
00:05:08,440 --> 00:05:11,320
Nobody knows it's happening until the data is accidentally

136
00:05:11,320 --> 00:05:12,680
shared externally.

137
00:05:12,680 --> 00:05:16,000
An enterprise with Azure subscriptions organized by department

138
00:05:16,000 --> 00:05:19,000
instead of governance model, inconsistent tagging.

139
00:05:19,000 --> 00:05:21,840
Reserved instances that don't match actual usage.

140
00:05:21,840 --> 00:05:24,680
Multi-region deployments without clear failover strategy.

141
00:05:24,680 --> 00:05:27,960
Cost entropy building silently until the bill arrives

142
00:05:27,960 --> 00:05:29,800
and nobody can explain where the money went.

143
00:05:29,800 --> 00:05:30,880
These aren't edge cases.

144
00:05:30,880 --> 00:05:31,720
These are the norm.

145
00:05:31,720 --> 00:05:34,120
Most organizations have exceeded their entropy budget

146
00:05:34,120 --> 00:05:36,600
in at least one control plane, often all three.

147
00:05:36,600 --> 00:05:38,880
Most consultants treat these as separate problems,

148
00:05:38,880 --> 00:05:41,880
hire a security consultant to fix identity,

149
00:05:41,880 --> 00:05:44,400
hire an automation consultant to fix power platform,

150
00:05:44,400 --> 00:05:46,360
hire a cloud architect to fix Azure.

151
00:05:46,360 --> 00:05:48,120
Each consultant solves their piece.

152
00:05:48,120 --> 00:05:49,760
The organization still has entropy

153
00:05:49,760 --> 00:05:51,320
because the underlying problem,

154
00:05:51,320 --> 00:05:53,560
unclear ownership, no life cycle automation,

155
00:05:53,560 --> 00:05:56,800
no policy-driven access decisions, never gets addressed.

156
00:05:56,800 --> 00:05:58,760
The consultant who sees the pattern wins.

157
00:05:58,760 --> 00:06:00,360
The one who understands that enter ID

158
00:06:00,360 --> 00:06:02,200
isn't just an identity provider,

159
00:06:02,200 --> 00:06:04,880
but a distributed decision engine making thousands

160
00:06:04,880 --> 00:06:07,000
of real-time authorization decisions.

161
00:06:07,000 --> 00:06:09,200
The one who understands that every accept clause

162
00:06:09,200 --> 00:06:10,600
in a conditional access policy

163
00:06:10,600 --> 00:06:12,640
converts a deterministic security model

164
00:06:12,640 --> 00:06:14,000
into a probabilistic one.

165
00:06:14,000 --> 00:06:16,040
The one who understands that power platform

166
00:06:16,040 --> 00:06:18,480
without governance creates collaboration entropy

167
00:06:18,480 --> 00:06:21,520
that compounds faster than IT can remediate it,

168
00:06:21,520 --> 00:06:23,720
that consultant becomes the architect of necessity,

169
00:06:23,720 --> 00:06:24,960
not because they're smarter,

170
00:06:24,960 --> 00:06:26,600
because they're positioned differently.

171
00:06:26,600 --> 00:06:28,520
They're not competing on implementation speed.

172
00:06:28,520 --> 00:06:30,640
They're competing on the ability to reduce risk,

173
00:06:30,640 --> 00:06:33,480
enforce compliance and prevent the architectural decay

174
00:06:33,480 --> 00:06:34,520
that costs millions.

175
00:06:34,520 --> 00:06:36,480
This is the repositioning that separates

176
00:06:36,480 --> 00:06:39,560
80K consultants from 100K plus consultants.

177
00:06:39,560 --> 00:06:42,040
One builds features, the other architects control,

178
00:06:42,040 --> 00:06:44,400
one competes on hours, the other competes on outcomes,

179
00:06:44,400 --> 00:06:47,520
one loses to price, the other doesn't compete on price at all.

180
00:06:47,520 --> 00:06:49,840
The control plane model, to sell governance,

181
00:06:49,840 --> 00:06:52,600
you need to frame it in terms that executives understand.

182
00:06:52,600 --> 00:06:55,360
And that means understanding what a control plane actually is,

183
00:06:55,360 --> 00:06:57,720
and what it means when you exceed its entropy budget.

184
00:06:57,720 --> 00:07:00,280
A control plane is the set of systems, policies,

185
00:07:00,280 --> 00:07:02,360
and processes that enforce intent at scale.

186
00:07:02,360 --> 00:07:03,920
It's not a feature, it's the mechanism

187
00:07:03,920 --> 00:07:06,000
that makes behavior predictable and auditable.

188
00:07:06,000 --> 00:07:09,200
Microsoft has three primary control planes in 2026.

189
00:07:09,200 --> 00:07:15,360
Identity, EntryD, Productivity, Microsoft 365, Infrastructure, Azure.

190
00:07:15,360 --> 00:07:16,760
Each one has an entropy budget.

191
00:07:16,760 --> 00:07:19,880
The amount of complexity it can absorb before governance fails.

192
00:07:19,880 --> 00:07:22,520
Most organizations have exceeded their entropy budget

193
00:07:22,520 --> 00:07:23,840
in at least one plane.

194
00:07:23,840 --> 00:07:26,200
Often all three, start with identity.

195
00:07:26,200 --> 00:07:29,600
EntryD is not just an identity provider, that's the marketing term.

196
00:07:29,600 --> 00:07:31,920
Architecturally, it's a distributed decision engine

197
00:07:31,920 --> 00:07:35,320
making thousands of real-time authorization decisions every second.

198
00:07:35,320 --> 00:07:38,600
Every time a user signs in, every time a service requests access,

199
00:07:38,600 --> 00:07:40,880
every time an agent tries to use a resource,

200
00:07:40,880 --> 00:07:43,400
entry is making a decision, allow or deny.

201
00:07:43,400 --> 00:07:46,120
Based on what policy, here's where entropy enters.

202
00:07:46,120 --> 00:07:49,120
Every accept clause added to a conditional access policy

203
00:07:49,120 --> 00:07:52,680
converts a deterministic security model into a probabilistic one,

204
00:07:52,680 --> 00:07:55,440
your delegating decisions you never revisited.

205
00:07:55,440 --> 00:07:58,600
A policy says require MFA for all users except,

206
00:07:58,600 --> 00:08:01,800
and then six months later nobody remembers why that exception exists.

207
00:08:01,800 --> 00:08:03,880
It's still there, it's still creating risk,

208
00:08:03,880 --> 00:08:06,080
and it's still making the system less predictable.

209
00:08:06,080 --> 00:08:09,480
By the time you map the identity control plane in a typical enterprise,

210
00:08:09,480 --> 00:08:12,880
you find one 200 direct role assignments that should be 50.

211
00:08:12,880 --> 00:08:15,560
You find 23 global administrators that should be three.

212
00:08:15,560 --> 00:08:19,360
You find service principles with permanent credentials that should be time-bound.

213
00:08:19,360 --> 00:08:21,640
You find access reviews that were never automated.

214
00:08:21,640 --> 00:08:24,240
You find life cycle automation that was never implemented.

215
00:08:24,240 --> 00:08:26,240
The control plane has collapsed into chaos.

216
00:08:26,240 --> 00:08:27,480
Move to productivity.

217
00:08:27,480 --> 00:08:30,160
Microsoft 365 creates collaboration entropy.

218
00:08:30,160 --> 00:08:32,200
Unmanage teams with sensitive data.

219
00:08:32,200 --> 00:08:33,760
Shadow data stores in SharePoint.

220
00:08:33,760 --> 00:08:37,040
Uncontrolled co-pilot interactions with proprietary information.

221
00:08:37,040 --> 00:08:39,360
A citizen developer creates a flow in power automate

222
00:08:39,360 --> 00:08:42,360
that exports production data to a personal cloud storage account.

223
00:08:42,360 --> 00:08:44,320
Nobody approved it, nobody knows it exists,

224
00:08:44,320 --> 00:08:46,360
until it becomes a compliance incident.

225
00:08:46,360 --> 00:08:50,240
The productivity control plane is supposed to enforce what data can flow where,

226
00:08:50,240 --> 00:08:53,360
who can access what and what happens when policies are violated.

227
00:08:53,360 --> 00:08:55,840
But most organizations never built that control plane.

228
00:08:55,840 --> 00:08:57,240
They just enabled the tools,

229
00:08:57,240 --> 00:09:01,400
and now they have 430 unmanaged flows with no data loss prevention policies.

230
00:09:01,400 --> 00:09:03,680
87 unmanaged apps with no governance model.

231
00:09:03,680 --> 00:09:06,800
Citizen developers empowered to build without guardrails.

232
00:09:06,800 --> 00:09:09,720
Then infrastructure, Azure is a sprawl generator.

233
00:09:09,720 --> 00:09:11,120
Subscriptions multiply.

234
00:09:11,120 --> 00:09:13,000
Resources are created without governance.

235
00:09:13,000 --> 00:09:14,680
Cost entropy builds silently.

236
00:09:14,680 --> 00:09:17,840
A team spins up a development environment and forgets to delete it.

237
00:09:17,840 --> 00:09:19,360
Six months later it's still running.

238
00:09:19,360 --> 00:09:21,360
Nobody owns it, nobody monitors it.

239
00:09:21,360 --> 00:09:24,200
The bill arrives and nobody can explain where the money went.

240
00:09:24,200 --> 00:09:28,600
The infrastructure control plane is supposed to enforce consistent governance across all resources.

241
00:09:28,600 --> 00:09:32,920
Consistent tagging, consistent access controls, consistent cost management.

242
00:09:32,920 --> 00:09:35,880
But most organizations never established that baseline.

243
00:09:35,880 --> 00:09:37,520
They just started using Azure.

244
00:09:37,520 --> 00:09:41,520
And now they have subscriptions organized by department instead of governance model.

245
00:09:41,520 --> 00:09:44,480
Reserved instances that don't match actual usage.

246
00:09:44,480 --> 00:09:46,960
Multi-region deployments without clear failover strategy.

247
00:09:46,960 --> 00:09:47,800
Here's what matters.

248
00:09:47,800 --> 00:09:51,480
The consultant who understands these three planes as interconnected systems.

249
00:09:51,480 --> 00:09:54,040
Not separate tools becomes the architect of necessity.

250
00:09:54,040 --> 00:09:55,640
This is not about individual features.

251
00:09:55,640 --> 00:09:58,400
It's about how intent is enforced across the entire system.

252
00:09:58,400 --> 00:10:02,120
How decisions are made, how policies are applied, how behavior is audited.

253
00:10:02,120 --> 00:10:06,400
When you frame it this way, you're no longer competing on hourly rate or implementation speed.

254
00:10:06,400 --> 00:10:11,880
You're competing on the ability to reduce risk, enforce compliance and prevent the architectural decay that costs millions.

255
00:10:11,880 --> 00:10:17,080
You're competing on necessity, a breach costs two millions, an audit failure costs 500K in fines.

256
00:10:17,080 --> 00:10:19,440
A failed migration costs one million in rework.

257
00:10:19,440 --> 00:10:22,880
A governance remediation costs 150K and prevents all three.

258
00:10:22,880 --> 00:10:23,840
One is a project.

259
00:10:23,840 --> 00:10:24,920
The other is insurance.

260
00:10:24,920 --> 00:10:27,080
This is the positioning that commands premium pricing.

261
00:10:27,080 --> 00:10:30,120
Not because you're smarter, because you're solving a different problem.

262
00:10:30,120 --> 00:10:32,760
You're not building features, you're architecting control.

263
00:10:32,760 --> 00:10:37,480
And control is what keeps systems predictable, compliant and secure at scale.

264
00:10:37,480 --> 00:10:39,360
The three-plane assessment framework.

265
00:10:39,360 --> 00:10:43,480
To position yourself as an architect, you need a diagnostic lens that reveals entropy.

266
00:10:43,480 --> 00:10:44,920
Most consultants don't have one.

267
00:10:44,920 --> 00:10:47,920
They walk into an organization and ask, what do you need built?

268
00:10:47,920 --> 00:10:52,240
The right question is, how much entropy are you carrying and where is it creating the most risk?

269
00:10:52,240 --> 00:10:56,680
The three-plane assessment is how you uncover the hidden problems that executives don't yet see.

270
00:10:56,680 --> 00:10:57,880
It's your diagnostic tool.

271
00:10:57,880 --> 00:11:02,280
It's also your first engagement and it's paid work, not a free discovery call.

272
00:11:02,280 --> 00:11:03,520
Start with the identity plane.

273
00:11:03,520 --> 00:11:04,880
Map all identity types.

274
00:11:04,880 --> 00:11:05,960
Human identities.

275
00:11:05,960 --> 00:11:07,240
Service identities.

276
00:11:07,240 --> 00:11:08,360
Agent identities.

277
00:11:08,360 --> 00:11:09,480
Guest identities.

278
00:11:09,480 --> 00:11:10,880
Measure role assignment drift.

279
00:11:10,880 --> 00:11:16,720
Count how many direct role assignments exist versus how many should exist based on the organization's size and structure.

280
00:11:16,720 --> 00:11:18,440
Quantify privileged account creep.

281
00:11:18,440 --> 00:11:19,800
How many global administrators?

282
00:11:19,800 --> 00:11:22,200
How many service accounts with permanent credentials?

283
00:11:22,200 --> 00:11:27,600
Assess conditional access coverage. What percentage of sign-in events are evaluated by conditional access policies?

284
00:11:27,600 --> 00:11:29,600
What percentage bypass them entirely?

285
00:11:29,600 --> 00:11:31,720
When you run this assessment, you'll find patterns.

286
00:11:31,720 --> 00:11:36,480
Most organizations will have 40% or more of identities with excessive permissions.

287
00:11:36,480 --> 00:11:40,160
60% or more of privileged accounts with no just-in-time controls.

288
00:11:40,160 --> 00:11:44,680
80% or more of conditional access policies with accept clauses that undermine security.

289
00:11:44,680 --> 00:11:48,120
These numbers are directional, but they're consistent across industries.

290
00:11:48,120 --> 00:11:51,880
Move to the productivity plane, inventory, all collaboration tools.

291
00:11:51,880 --> 00:11:57,160
Teams, SharePoint, OneDrive, Power Platform, Measure Shadow IT, how many apps existed aren't governed?

292
00:11:57,160 --> 00:11:59,080
How many flows? How many canvas apps?

293
00:11:59,080 --> 00:12:00,760
Assess data loss prevention coverage.

294
00:12:00,760 --> 00:12:03,600
What percentage of data flows are protected by DLP policies?

295
00:12:03,600 --> 00:12:04,880
What percentage move freely?

296
00:12:04,880 --> 00:12:06,880
They evaluate co-pilot governance maturity.

297
00:12:06,880 --> 00:12:11,280
Other policies controlling which data co-pilot can access or is co-pilot accessing everything.

298
00:12:11,280 --> 00:12:13,800
Standard findings. 300 ungoverned flows.

299
00:12:13,800 --> 00:12:16,360
50 unmanaged teams with sensitive data.

300
00:12:16,360 --> 00:12:19,760
Zero visibility into co-pilot interactions with proprietary information.

301
00:12:19,760 --> 00:12:24,560
A citizen developer created a flow last month that exports customer data to a personal cloud storage account.

302
00:12:24,560 --> 00:12:27,040
Nobody approved it. Nobody knows it exists.

303
00:12:27,040 --> 00:12:30,240
Until it becomes a compliance incident, then the infrastructure plane.

304
00:12:30,240 --> 00:12:31,840
Map subscription structure.

305
00:12:31,840 --> 00:12:35,360
Our subscriptions organized by business unit or by governance model,

306
00:12:35,360 --> 00:12:36,680
measure governance consistency.

307
00:12:36,680 --> 00:12:40,040
Do all subscriptions have consistent tagging, consistent access controls,

308
00:12:40,040 --> 00:12:43,840
consistent cost management policies, evaluate cost optimization maturity?

309
00:12:43,840 --> 00:12:47,160
Our reserved instances being used are they matching actual consumption,

310
00:12:47,160 --> 00:12:51,440
assessed disaster recovery readiness can the organization actually recover from a regional failure,

311
00:12:51,440 --> 00:12:52,520
or is it theoretical?

312
00:12:52,520 --> 00:12:53,400
Standard findings.

313
00:12:53,400 --> 00:12:56,160
Subscriptions organized by department, not governance,

314
00:12:56,160 --> 00:12:58,520
inconsistent tagging across environments.

315
00:12:58,520 --> 00:13:01,280
Reserved instances that don't match actual usage.

316
00:13:01,280 --> 00:13:04,240
Multi-region deployments without clear failover strategy.

317
00:13:04,240 --> 00:13:07,680
A development environment was spun up six months ago and never deleted.

318
00:13:07,680 --> 00:13:11,600
It's still running. It's still costing money. Nobody owns it.

319
00:13:11,600 --> 00:13:13,120
Here's the critical part.

320
00:13:13,120 --> 00:13:15,440
The assessment itself becomes your first engagement.

321
00:13:15,440 --> 00:13:17,880
Not a free discovery call, not a two hour workshop.

322
00:13:17,880 --> 00:13:21,920
A paid diagnostic that costs 8K to 15K and takes two to three weeks.

323
00:13:21,920 --> 00:13:25,400
It delivers a 20 page risk report that shows exactly where the entropy is

324
00:13:25,400 --> 00:13:27,240
and what it's costing the organization.

325
00:13:27,240 --> 00:13:30,960
This report becomes your sales document for the remediation engagement.

326
00:13:30,960 --> 00:13:32,880
It becomes the justification for the investment.

327
00:13:32,880 --> 00:13:36,120
It becomes the baseline that makes your remediation work measurable.

328
00:13:36,120 --> 00:13:37,880
You can show before and after metrics.

329
00:13:37,880 --> 00:13:40,280
Roll assignments reduced by 85%.

330
00:13:40,280 --> 00:13:43,240
Privileged accounts brought under just in time control.

331
00:13:43,240 --> 00:13:44,680
Compliance gaps closed.

332
00:13:44,680 --> 00:13:46,240
Audit findings eliminated.

333
00:13:46,240 --> 00:13:49,680
The assessment positions you as the expert who sees what others miss.

334
00:13:49,680 --> 00:13:51,560
It establishes credibility.

335
00:13:51,560 --> 00:13:54,320
It demonstrates that you understand their specific situation,

336
00:13:54,320 --> 00:13:56,160
not generic best practices.

337
00:13:56,160 --> 00:13:59,040
And it creates a clear path to the remediation engagement,

338
00:13:59,040 --> 00:14:02,080
which is where the real value lives and where the real money is made.

339
00:14:02,080 --> 00:14:03,880
Most consultants give away discovery.

340
00:14:03,880 --> 00:14:05,320
They compete on the free call.

341
00:14:05,320 --> 00:14:07,560
They hope to convert it to a project.

342
00:14:07,560 --> 00:14:10,920
The 100K consultant charges for discovery because discovery is work.

343
00:14:10,920 --> 00:14:12,200
It's valuable work.

344
00:14:12,200 --> 00:14:16,400
It's the work that justifies everything that comes after the client scenario A,

345
00:14:16,400 --> 00:14:18,040
identity entropy collapse.

346
00:14:18,040 --> 00:14:21,360
Let's ground this in a real scenario that shows how entropy compounds

347
00:14:21,360 --> 00:14:23,200
and how it becomes your entry point.

348
00:14:23,200 --> 00:14:27,440
A global financial services firm with 8,000 employees across 15 regions

349
00:14:27,440 --> 00:14:29,040
had grown through acquisition.

350
00:14:29,040 --> 00:14:32,080
Each acquisition brought its own active directory forest.

351
00:14:32,080 --> 00:14:35,400
Its own intratenant configuration, its own identity governance model.

352
00:14:35,400 --> 00:14:39,240
By 2025, the organization had consolidated into a single tenant.

353
00:14:39,240 --> 00:14:41,320
But the entropy never got cleaned up.

354
00:14:41,320 --> 00:14:45,600
What they actually had, 1,200 direct role assignments when best practices 50 to 100.

355
00:14:45,600 --> 00:14:49,120
23 global administrators when the number should be 3 to 5.

356
00:14:49,120 --> 00:14:50,840
No privileged identity management.

357
00:14:50,840 --> 00:14:51,840
No access reviews.

358
00:14:51,840 --> 00:14:53,120
No life cycle automation.

359
00:14:53,120 --> 00:14:57,120
Security audit flagged 847 service principles with permanent credentials

360
00:14:57,120 --> 00:14:58,520
and no rotation schedule.

361
00:14:58,520 --> 00:15:00,440
Nobody knew those service principles existed.

362
00:15:00,440 --> 00:15:02,080
Nobody knew what they had access to.

363
00:15:02,080 --> 00:15:04,160
Nobody knew when they were created or why.

364
00:15:04,160 --> 00:15:05,040
Then the breach happened.

365
00:15:05,040 --> 00:15:08,960
A compromised service account from an acquired company had access to core financial systems.

366
00:15:08,960 --> 00:15:11,320
The attacker used it for 6 months before detection.

367
00:15:11,320 --> 00:15:14,800
By the time the organization realized what happened, the damage was substantial.

368
00:15:14,800 --> 00:15:18,480
2.3 million dollars in forensics, remediation and regulatory fines.

369
00:15:18,480 --> 00:15:19,960
The breach made the board meeting.

370
00:15:19,960 --> 00:15:21,680
The CEO had to notify regulators.

371
00:15:21,680 --> 00:15:25,480
The organization faced customer notification costs and reputational damage.

372
00:15:25,480 --> 00:15:26,400
But here's what matters.

373
00:15:26,400 --> 00:15:27,760
The breach wasn't the root cause.

374
00:15:27,760 --> 00:15:29,160
The breach was the symptom.

375
00:15:29,160 --> 00:15:31,120
The root cause was architectural entropy.

376
00:15:31,120 --> 00:15:34,720
The organization had 1,200 identities with excessive permissions.

377
00:15:34,720 --> 00:15:37,720
847 service principles with permanent credentials.

378
00:15:37,720 --> 00:15:41,800
No automation to detect when a service account was being used inappropriately.

379
00:15:41,800 --> 00:15:44,560
No policies to revoke access when it wasn't needed.

380
00:15:44,560 --> 00:15:48,280
No life cycle automation to retire service principles when projects ended.

381
00:15:48,280 --> 00:15:50,760
The organization realized the problem wasn't the breach.

382
00:15:50,760 --> 00:15:53,440
It was the architectural decay that made the breach possible.

383
00:15:53,440 --> 00:15:57,640
They engaged a consultant, not you yet, to implement EntraID governance.

384
00:15:57,640 --> 00:16:01,000
That consultant built the features, access reviews, entitlement management,

385
00:16:01,000 --> 00:16:02,520
privilege identity management.

386
00:16:02,520 --> 00:16:04,440
The consultant implemented the tools.

387
00:16:04,440 --> 00:16:08,560
The organization still had entropy because the consultant didn't address the underlying problem.

388
00:16:08,560 --> 00:16:09,600
Unclear ownership.

389
00:16:09,600 --> 00:16:10,760
No life cycle automation.

390
00:16:10,760 --> 00:16:12,800
No policy-driven access decisions.

391
00:16:12,800 --> 00:16:13,680
Enter you.

392
00:16:13,680 --> 00:16:17,280
You position this as an architectural entropy remediation engagement.

393
00:16:17,280 --> 00:16:18,640
You start with the assessment.

394
00:16:18,640 --> 00:16:20,320
Map all 1,200 roll assignments.

395
00:16:20,320 --> 00:16:22,400
Identify which are legitimate and which are drift.

396
00:16:22,400 --> 00:16:24,440
Establish a baseline risk score.

397
00:16:24,440 --> 00:16:28,560
Document the current state in the 20 page report that shows exactly where the entropy is.

398
00:16:28,560 --> 00:16:30,000
Then the remediation phase.

399
00:16:30,000 --> 00:16:31,640
Implement life cycle automation.

400
00:16:31,640 --> 00:16:35,040
So access is provisioned from HR systems, not ad hoc tickets.

401
00:16:35,040 --> 00:16:39,840
Establish roll-based access control with clear ownership so every roll has a business justification.

402
00:16:39,840 --> 00:16:42,440
Enable just in time access for privileged rolls.

403
00:16:42,440 --> 00:16:44,680
So standing admin access doesn't exist.

404
00:16:44,680 --> 00:16:47,640
Automate access reviews with AI-driven recommendations.

405
00:16:47,640 --> 00:16:50,160
So reviews complete in two weeks instead of eight.

406
00:16:50,160 --> 00:16:53,520
After 12 weeks, roll assignments reduced to 180.

407
00:16:53,520 --> 00:16:55,160
That's an 85% reduction.

408
00:16:55,160 --> 00:16:56,400
Global admins reduced to four.

409
00:16:56,400 --> 00:16:58,280
That's an 82% reduction.

410
00:16:58,280 --> 00:17:01,200
100% of privileged access now time bound.

411
00:17:01,200 --> 00:17:04,840
Access reviews automated and completing in two weeks instead of eight.

412
00:17:04,840 --> 00:17:08,800
Audit result zero findings related to identity governance.

413
00:17:08,800 --> 00:17:12,520
This engagement costs 120,000 to 180,000 dollars.

414
00:17:12,520 --> 00:17:13,960
It takes 12 weeks.

415
00:17:13,960 --> 00:17:18,320
But the value is measured in risk reduction, audit compliance and incident prevention,

416
00:17:18,320 --> 00:17:19,960
not in the number of apps built.

417
00:17:19,960 --> 00:17:21,880
The organization avoided another breach.

418
00:17:21,880 --> 00:17:23,200
They passed their audit.

419
00:17:23,200 --> 00:17:24,880
They reduced their regulatory risk.

420
00:17:24,880 --> 00:17:28,240
This is the engagement model that generates 100k plus annually.

421
00:17:28,240 --> 00:17:32,120
This is what separates the commodity consultant from the architect of necessity.

422
00:17:32,120 --> 00:17:35,520
One consultant sees we need to implement EntraID governance.

423
00:17:35,520 --> 00:17:39,200
The other consultant sees you have architectural entropy that's creating

424
00:17:39,200 --> 00:17:41,560
breach risk, audit risk and compliance risk.

425
00:17:41,560 --> 00:17:45,120
I can quantify it, remediate it and prevent the next incident.

426
00:17:45,120 --> 00:17:47,920
Same tools, different positioning, different pricing,

427
00:17:47,920 --> 00:17:51,440
different client acquisition strategy, client scenario B,

428
00:17:51,440 --> 00:17:53,960
power platform governance chaos.

429
00:17:53,960 --> 00:17:55,840
Identity is one plane.

430
00:17:55,840 --> 00:18:00,760
Productivity entropy is equally destructive and it's where most organizations are completely blind.

431
00:18:00,760 --> 00:18:07,560
A mid-market manufacturing company with 2,000 employees adopted power platform to empower citizen developers.

432
00:18:07,560 --> 00:18:08,800
The narrative was compelling.

433
00:18:08,800 --> 00:18:11,720
Business users could build apps without IT bottlenecks.

434
00:18:11,720 --> 00:18:15,000
Operations could create automations without waiting for custom development.

435
00:18:15,000 --> 00:18:17,960
Finance could build dashboards without hiring data analysts.

436
00:18:17,960 --> 00:18:20,640
The organization enabled the platform and stepped back.

437
00:18:20,640 --> 00:18:24,160
By 2025, they had 430 unmanaged flows.

438
00:18:24,160 --> 00:18:28,760
87 unmanaged canvas apps, zero data loss prevention policies, no environment tearing,

439
00:18:28,760 --> 00:18:30,880
no solution management, no governance model.

440
00:18:30,880 --> 00:18:36,400
Citizen developers were creating flows that accessed sensitive manufacturing data without approval.

441
00:18:36,400 --> 00:18:37,600
Nobody knew what they were building.

442
00:18:37,600 --> 00:18:39,640
Nobody knew what data they were accessing.

443
00:18:39,640 --> 00:18:41,720
Nobody knew what could go wrong until it did.

444
00:18:41,720 --> 00:18:47,080
A citizen developer in operations created a flow that exported production schedules to a personal one drive,

445
00:18:47,080 --> 00:18:48,440
the flow ran every day.

446
00:18:48,440 --> 00:18:51,800
It exported the complete manufacturing schedule for the next quarter.

447
00:18:51,800 --> 00:18:56,720
When the data was accidentally shared externally, a misconfigured sharing setting, a forwarded email,

448
00:18:56,720 --> 00:19:01,720
a compromised account, the company faced compliance violations and customer notification costs.

449
00:19:01,720 --> 00:19:04,880
The breach exposed proprietary manufacturing data to competitors.

450
00:19:04,880 --> 00:19:06,800
The organization had to notify customers.

451
00:19:06,800 --> 00:19:08,200
They faced regulatory fines.

452
00:19:08,200 --> 00:19:09,400
The damage was substantial.

453
00:19:09,400 --> 00:19:11,120
But again, the breach wasn't the root cause.

454
00:19:11,120 --> 00:19:13,280
The root cause was architectural entropy.

455
00:19:13,280 --> 00:19:17,240
The organization had empowered citizen development without establishing governance.

456
00:19:17,240 --> 00:19:19,520
430 flows with no approval process.

457
00:19:19,520 --> 00:19:21,440
87 apps with no data classification.

458
00:19:21,440 --> 00:19:24,120
No policies controlling what data could flow where.

459
00:19:24,120 --> 00:19:26,680
No visibility into what citizen developers were building.

460
00:19:26,680 --> 00:19:30,280
They hired a consultant to set up power platform governance.

461
00:19:30,280 --> 00:19:32,040
That consultant created environments.

462
00:19:32,040 --> 00:19:33,360
Set up DLP policies.

463
00:19:33,360 --> 00:19:36,000
Trained admins on the power platform admin center.

464
00:19:36,000 --> 00:19:40,480
The organization still had entropy because 200 flows were already built without governance.

465
00:19:40,480 --> 00:19:43,400
Citizen developers didn't understand why their flows were being blocked.

466
00:19:43,400 --> 00:19:46,280
There was no clear policy for what was allowed and what wasn't.

467
00:19:46,280 --> 00:19:48,360
No ownership model for existing apps.

468
00:19:48,360 --> 00:19:53,160
The governance was imposed from above, not integrated into the development process.

469
00:19:53,160 --> 00:19:53,920
Enter you.

470
00:19:53,920 --> 00:19:57,920
You position this as power platform entropy remediation and governance maturity.

471
00:19:57,920 --> 00:20:03,040
You start with the assessment, inventory all 430 flows, classify them by risk level, critical,

472
00:20:03,040 --> 00:20:07,720
high, medium, low, identify which ones violate data classification policies.

473
00:20:07,720 --> 00:20:09,040
Assess which ones should be retired.

474
00:20:09,040 --> 00:20:12,520
You discover 180 flows are duplicative or obsolete.

475
00:20:12,520 --> 00:20:16,080
120 flows access sensitive data without proper controls.

476
00:20:16,080 --> 00:20:17,440
80 flows are often.

477
00:20:17,440 --> 00:20:18,440
Nobody knows who owns them.

478
00:20:18,440 --> 00:20:19,440
They're still running.

479
00:20:19,440 --> 00:20:20,440
They're still accessing data.

480
00:20:20,440 --> 00:20:22,000
Nobody's responsible for them.

481
00:20:22,000 --> 00:20:23,520
Then the remediation phase.

482
00:20:23,520 --> 00:20:25,480
Retire the obsolete flows.

483
00:20:25,480 --> 00:20:26,800
Establish environment tiering.

484
00:20:26,800 --> 00:20:29,360
So sandbox is for experimentation.

485
00:20:29,360 --> 00:20:30,360
Development is for building.

486
00:20:30,360 --> 00:20:32,000
Test is for validation.

487
00:20:32,000 --> 00:20:34,360
Production is for live workloads.

488
00:20:34,360 --> 00:20:38,480
Implement data loss prevention policies that allow citizen developers to build but prevent

489
00:20:38,480 --> 00:20:40,000
data exfiltration.

490
00:20:40,000 --> 00:20:43,440
Establish a governance model with clear ownership and approval workflows.

491
00:20:43,440 --> 00:20:44,560
Automate compliance monitoring.

492
00:20:44,560 --> 00:20:47,000
So violations are detected in real time.

493
00:20:47,000 --> 00:20:50,720
For 8 weeks, flow inventory reduced from 430 to 210.

494
00:20:50,720 --> 00:20:52,200
That's a 51% reduction.

495
00:20:52,200 --> 00:20:54,800
All remaining flows classified and governed.

496
00:20:54,800 --> 00:20:58,200
Citizen developers trained and empowered to build safely.

497
00:20:58,200 --> 00:20:59,720
Compliance monitoring automated.

498
00:20:59,720 --> 00:21:00,720
Cost.

499
00:21:00,720 --> 00:21:03,640
60,000 to 90,000 dollars for the assessment and remediation.

500
00:21:03,640 --> 00:21:09,800
But this engagement often leads to a 6-12 month advisory retainer at 8,000 to 12,000 dollars

501
00:21:09,800 --> 00:21:13,880
per month to maintain governance as citizen development continues.

502
00:21:13,880 --> 00:21:15,840
That's recurring revenue, not project revenue.

503
00:21:15,840 --> 00:21:21,840
The three years, the retainer is worth $360,000 versus the projects one time 60 to 90,000.

504
00:21:21,840 --> 00:21:26,080
This is where the real business model lives, not in one time remediation projects, in ongoing

505
00:21:26,080 --> 00:21:29,080
advisory relationships that scale without proportional effort.

506
00:21:29,080 --> 00:21:32,800
This is how you transition from hourly billing to retainer based recurring revenue.

507
00:21:32,800 --> 00:21:37,520
This is how you build a predictable scalable consulting business that generates 100K+ annually

508
00:21:37,520 --> 00:21:38,840
without burning out.

509
00:21:38,840 --> 00:21:43,520
The consultant who sees power platform as a tool to build apps, loses to the lowest bidder.

510
00:21:43,520 --> 00:21:47,480
The consultant who sees power platform as a governance problem that requires ongoing management

511
00:21:47,480 --> 00:21:49,000
becomes indispensable.

512
00:21:49,000 --> 00:21:53,440
Same platform, different positioning, different pricing, different business model, the pricing

513
00:21:53,440 --> 00:21:55,840
shift from projects to retainers.

514
00:21:55,840 --> 00:22:00,440
Once you understand how to position governance, the pricing model changes fundamentally.

515
00:22:00,440 --> 00:22:05,800
Most consultants price by the hour or by the project, $150,000 to $250,000 per hour or

516
00:22:05,800 --> 00:22:08,880
$50,000 to $150,000 per project.

517
00:22:08,880 --> 00:22:12,560
This model commoditizes you because clients can compare your rate to others.

518
00:22:12,560 --> 00:22:15,400
They can shop, they can negotiate, they can find someone cheaper.

519
00:22:15,400 --> 00:22:18,720
You're competing on price because that's the only dimension that matters when the deliverable

520
00:22:18,720 --> 00:22:19,880
is generic.

521
00:22:19,880 --> 00:22:25,840
The 100K+ consultant prices by value and risk mitigation, not by hours or deliverables.

522
00:22:25,840 --> 00:22:30,000
The pricing model has three tiers and each tier builds on the previous one.

523
00:22:30,000 --> 00:22:35,200
Assessment tier 8,000 to 15,000 for a 2-3 week diagnostic that uncovers entropy across

524
00:22:35,200 --> 00:22:36,680
one or more control planes.

525
00:22:36,680 --> 00:22:38,160
This is not a free discovery call.

526
00:22:38,160 --> 00:22:41,640
This is paid work that delivers a risk report and a remediation roadmap.

527
00:22:41,640 --> 00:22:44,400
You're charging for your expertise, your analysis and your time.

528
00:22:44,400 --> 00:22:46,600
You're signalling that your knowledge is valuable.

529
00:22:46,600 --> 00:22:49,920
Clients understand this because the assessment is low risk and high value.

530
00:22:49,920 --> 00:22:51,240
They get a concrete deliverable.

531
00:22:51,240 --> 00:22:54,480
They understand exactly where their entropy is and what it's costing them.

532
00:22:54,480 --> 00:23:00,600
Remediation tier 80,000 to 200,000 depending on complexity and scope typically 8 to 16 weeks.

533
00:23:00,600 --> 00:23:04,360
This is where you implement the governance model, automate the controls and establish

534
00:23:04,360 --> 00:23:05,360
the baseline.

535
00:23:05,360 --> 00:23:07,040
This is where you deliver measurable outcomes.

536
00:23:07,040 --> 00:23:09,200
Roll assignments reduced by 85%.

537
00:23:09,200 --> 00:23:11,440
Privileged accounts brought under just in time control.

538
00:23:11,440 --> 00:23:12,920
Compliance gaps closed.

539
00:23:12,920 --> 00:23:14,440
Audit findings eliminated.

540
00:23:14,440 --> 00:23:18,240
The client sees before and after metrics that justify the investment.

541
00:23:18,240 --> 00:23:23,360
Advisory retainer tier 8,000 to 15,000 per month for ongoing governance maturity, policy updates

542
00:23:23,360 --> 00:23:24,360
and optimization.

543
00:23:24,360 --> 00:23:26,120
This is where the real money lives.

544
00:23:26,120 --> 00:23:28,480
Recurring revenue that scales without additional effort.

545
00:23:28,480 --> 00:23:33,160
A $10,000 per month retainer requires maybe 20 to 30 hours per month of your time.

546
00:23:33,160 --> 00:23:37,840
That's half an FTE, but it generates $120,000 annually in recurring revenue.

547
00:23:37,840 --> 00:23:42,840
With 3 to 4 retainers you have 360,000 to 480,000 in recurring revenue.

548
00:23:42,840 --> 00:23:48,080
That means you only need to close 1 to 2 new remediation engagements per year to hit 500 K+ annual

549
00:23:48,080 --> 00:23:49,080
revenue.

550
00:23:49,080 --> 00:23:50,520
This is the power of the retainer model.

551
00:23:50,520 --> 00:23:52,680
It creates a stable, predictable business.

552
00:23:52,680 --> 00:23:55,520
It aligns consultant incentives with client outcomes.

553
00:23:55,520 --> 00:23:59,240
If you're on a retainer, you want the governance to work well and stay stable.

554
00:23:59,240 --> 00:24:01,920
You don't want to create churn that requires constant rework.

555
00:24:01,920 --> 00:24:05,560
You're invested in the client's success, not in selling them the next project.

556
00:24:05,560 --> 00:24:09,040
You can understand this model because it aligns with their business reality.

557
00:24:09,040 --> 00:24:10,560
Governance isn't a one-time project.

558
00:24:10,560 --> 00:24:11,920
It's an ongoing practice.

559
00:24:11,920 --> 00:24:17,040
As the organization grows, as new tools are adopted, as policies drift, as threats evolve.

560
00:24:17,040 --> 00:24:18,600
Governance requires continuous attention.

561
00:24:18,600 --> 00:24:22,320
The advisory retainer gives them access to expertise without having to hire full-time

562
00:24:22,320 --> 00:24:23,320
staff.

563
00:24:23,320 --> 00:24:26,520
They get a trusted advisor who understands their environment and their risk profile.

564
00:24:26,520 --> 00:24:28,680
The retainer also creates customer lock-in.

565
00:24:28,680 --> 00:24:32,600
Once a client has been on a retainer for 6 months or more, they're unlikely to switch.

566
00:24:32,600 --> 00:24:33,600
Switching costs are high.

567
00:24:33,600 --> 00:24:37,440
They'd have to find a new consultant, get them up to speed on the governance model,

568
00:24:37,440 --> 00:24:38,720
rebuild the relationship.

569
00:24:38,720 --> 00:24:41,840
This is why retainer clients are your most valuable customers.

570
00:24:41,840 --> 00:24:43,160
They're not one-time revenue.

571
00:24:43,160 --> 00:24:46,040
They're multi-year relationships that scale your business.

572
00:24:46,040 --> 00:24:48,400
The retainer also creates opportunities for upselling.

573
00:24:48,400 --> 00:24:52,560
As you work with the client, you will identify new problems that require remediation work.

574
00:24:52,560 --> 00:24:57,440
A client on a $10,000 per month identity governance retainer might also need productivity,

575
00:24:57,440 --> 00:24:59,360
governance or infrastructure optimization.

576
00:24:59,360 --> 00:25:03,000
You can propose follow-on remediation engagements that expand the scope and increase

577
00:25:03,000 --> 00:25:04,760
the overall relationship value.

578
00:25:04,760 --> 00:25:09,880
This is the pricing shift that separates 80k consultants from 100k+ consultants.

579
00:25:09,880 --> 00:25:11,400
One sells hours or deliverables.

580
00:25:11,400 --> 00:25:15,640
The other sells risk reduction and compliance assurance on an ongoing basis.

581
00:25:15,640 --> 00:25:16,640
One competes on cost.

582
00:25:16,640 --> 00:25:18,480
The other doesn't compete on cost at all.

583
00:25:18,480 --> 00:25:22,520
The pricing conversation never happens because the client understands that governance is

584
00:25:22,520 --> 00:25:24,240
a necessity, not a luxury.

585
00:25:24,240 --> 00:25:26,200
They're not asking, "Can we afford this?"

586
00:25:26,200 --> 00:25:28,640
They're asking, "Can we afford not to do this fair?"

587
00:25:28,640 --> 00:25:32,960
The positioning shift, from builder to architect, pricing is one dimension.

588
00:25:32,960 --> 00:25:33,960
The positioning is the other.

589
00:25:33,960 --> 00:25:38,840
And positioning determines whether clients see you as a commodity or as a necessity.

590
00:25:38,840 --> 00:25:42,680
You're linked in profile, your website and your pitch all need to reflect the shift from

591
00:25:42,680 --> 00:25:44,360
builder to architect.

592
00:25:44,360 --> 00:25:49,640
Most consultant profiles say something like, "I implement power apps, Azure solutions,

593
00:25:49,640 --> 00:25:51,040
Android ID governance."

594
00:25:51,040 --> 00:25:55,000
This positions you as a builder competing on technical skill and delivery speed.

595
00:25:55,000 --> 00:25:58,680
You're in a race to the bottom with every other consultant who can code or configure.

596
00:25:58,680 --> 00:26:02,920
The 100k+ positioning says, "I architect control systems that reduce architect

597
00:26:02,920 --> 00:26:05,920
control entropy and enforce governance at scale."

598
00:26:05,920 --> 00:26:09,880
This positions you as a strategist competing on risk reduction and business impact.

599
00:26:09,880 --> 00:26:11,400
You're not competing on technical skill.

600
00:26:11,400 --> 00:26:15,520
You're competing on whether the client's systems are predictable, compliant and secure.

601
00:26:15,520 --> 00:26:18,160
Your case studies need to reflect this shift too.

602
00:26:18,160 --> 00:26:22,360
Most consultant case studies say, "We build 12 power apps in three months."

603
00:26:22,360 --> 00:26:24,680
Or, "We migrated 50 servers to Azure."

604
00:26:24,680 --> 00:26:25,680
This is a delivery story.

605
00:26:25,680 --> 00:26:27,360
It's about speed and volume.

606
00:26:27,360 --> 00:26:32,880
The 100k+ case study says, "We reduce identity risk by 85%, automated compliance,

607
00:26:32,880 --> 00:26:35,280
and prevented a $2 million breach."

608
00:26:35,280 --> 00:26:36,280
This is an outcome story.

609
00:26:36,280 --> 00:26:38,960
It's about risk mitigation and business value.

610
00:26:38,960 --> 00:26:40,880
Your speaking engagements need to shift as well.

611
00:26:40,880 --> 00:26:45,120
The commodity consultant speaks about power apps best practices or, as your governance

612
00:26:45,120 --> 00:26:46,320
frameworks.

613
00:26:46,320 --> 00:26:52,040
The 100k+ consultant speaks about why architectural entropy is the real cost of cloud adoption,

614
00:26:52,040 --> 00:26:55,040
or how to measure and mitigate control plane drift.

615
00:26:55,040 --> 00:26:57,200
You're not teaching people how to use tools.

616
00:26:57,200 --> 00:27:00,320
You're teaching them how to think about governance as a strategic problem.

617
00:27:00,320 --> 00:27:01,720
Your content needs to shift too.

618
00:27:01,720 --> 00:27:04,960
The commodity consultant publishes tutorials on how to use tools.

619
00:27:04,960 --> 00:27:09,920
The 100k+ consultant publishes frameworks for thinking about governance, risk and architectural

620
00:27:09,920 --> 00:27:10,920
necessity.

621
00:27:10,920 --> 00:27:12,520
You're not competing on technical knowledge.

622
00:27:12,520 --> 00:27:14,240
You're competing on strategic insight.

623
00:27:14,240 --> 00:27:17,160
This positioning shift is what allows you to command premium pricing.

624
00:27:17,160 --> 00:27:20,520
When you're positioned as a builder, you're competing against other builders on speed and

625
00:27:20,520 --> 00:27:21,520
cost.

626
00:27:21,520 --> 00:27:25,040
When you're positioned as an architect of necessity, you're competing against the cost

627
00:27:25,040 --> 00:27:28,080
of not having governance, and that cost is always higher than your feet.

628
00:27:28,080 --> 00:27:30,440
The positioning shift also changes who you sell to.

629
00:27:30,440 --> 00:27:35,680
Instead of selling to IT operations managers, you're selling to CSOs, CFOs and chief risk

630
00:27:35,680 --> 00:27:36,680
officers.

631
00:27:36,680 --> 00:27:38,160
These buyers have bigger budgets.

632
00:27:38,160 --> 00:27:39,800
They have longer decision cycles.

633
00:27:39,800 --> 00:27:41,960
They have higher tolerance for consulting fees.

634
00:27:41,960 --> 00:27:43,280
They're not buying implementation.

635
00:27:43,280 --> 00:27:45,880
They're buying risk mitigation and compliance assurance.

636
00:27:45,880 --> 00:27:46,880
This is critical.

637
00:27:46,880 --> 00:27:50,840
The IT operations manager is asking, "Can we afford to hire this consultant?"

638
00:27:50,840 --> 00:27:54,000
The CSO is asking, "Can we afford not to hire this consultant?"

639
00:27:54,000 --> 00:27:55,000
One is a cost center.

640
00:27:55,000 --> 00:27:57,200
The other is a risk management investment.

641
00:27:57,200 --> 00:27:58,640
The conversation is completely different.

642
00:27:58,640 --> 00:28:01,720
Your positioning also determines how you talk about competitors.

643
00:28:01,720 --> 00:28:04,640
The commodity consultant compares themselves to other consultants.

644
00:28:04,640 --> 00:28:08,240
The 100K+ consultant compares themselves to the cost of inaction.

645
00:28:08,240 --> 00:28:09,720
You're not cheaper than the other guy.

646
00:28:09,720 --> 00:28:11,160
You're cheaper than a breach.

647
00:28:11,160 --> 00:28:12,720
You're cheaper than an audit failure.

648
00:28:12,720 --> 00:28:14,600
You're cheaper than a failed migration.

649
00:28:14,600 --> 00:28:19,320
This is the mindset shift that separates commodity consultants from architects of necessity.

650
00:28:19,320 --> 00:28:20,520
You're not selling hours.

651
00:28:20,520 --> 00:28:21,840
You're not selling deliverables.

652
00:28:21,840 --> 00:28:24,440
You're selling the prevention of architectural decay.

653
00:28:24,440 --> 00:28:28,960
You're selling the ability to keep systems predictable, compliant and secure at scale.

654
00:28:28,960 --> 00:28:33,880
That's worth whatever you charge because the alternative is exponentially more expensive.

655
00:28:33,880 --> 00:28:36,080
The client acquisition strategy inbound.

656
00:28:36,080 --> 00:28:39,640
Once your position as an architect inbound leads start to come naturally.

657
00:28:39,640 --> 00:28:40,720
You don't have to chase them.

658
00:28:40,720 --> 00:28:44,320
They come to you because you've articulated their problem better than they could articulated

659
00:28:44,320 --> 00:28:45,320
themselves.

660
00:28:45,320 --> 00:28:49,960
Inbound client acquisition happens through thought, leadership, content and community presence.

661
00:28:49,960 --> 00:28:51,320
The mechanism is straightforward.

662
00:28:51,320 --> 00:28:56,400
You publish content about architectural entropy, governance frameworks and control plane maturity.

663
00:28:56,400 --> 00:29:00,720
This content attracts IT architects and security leaders who are struggling with the same problems.

664
00:29:00,720 --> 00:29:03,520
They reach out to you because you've named the disease.

665
00:29:03,520 --> 00:29:05,960
You've given them language for what they're experiencing.

666
00:29:05,960 --> 00:29:07,200
You've shown them a path forward.

667
00:29:07,200 --> 00:29:09,400
The content types that work are specific.

668
00:29:09,400 --> 00:29:13,960
Long form articles on architectural entropy and how it compounds over time.

669
00:29:13,960 --> 00:29:19,160
Frameworks for assessing control plane maturity across identity, productivity and infrastructure.

670
00:29:19,160 --> 00:29:23,360
Case studies showing before and after metrics that prove the value of remediation.

671
00:29:23,360 --> 00:29:27,320
Videos explaining why feature work is commoditized but governance is premium.

672
00:29:27,320 --> 00:29:31,880
LinkedIn posts that challenge conventional thinking about cloud adoption and governance.

673
00:29:31,880 --> 00:29:33,120
Distribution channels matter.

674
00:29:33,120 --> 00:29:34,400
But you don't need to be everywhere.

675
00:29:34,400 --> 00:29:38,560
You need to be authoritative in the niche of Microsoft architectural governance.

676
00:29:38,560 --> 00:29:42,640
LinkedIn is your primary channel because your target buyers, CISOs, IT directors, chief

677
00:29:42,640 --> 00:29:44,320
risk officers are active there.

678
00:29:44,320 --> 00:29:45,880
Your strategy is straightforward.

679
00:29:45,880 --> 00:29:50,880
Two to three times per week about architectural governance, identity, entropy, control plane maturity

680
00:29:50,880 --> 00:29:52,760
and the business case for governance.

681
00:29:52,760 --> 00:29:55,160
Engage with other architects and security leaders.

682
00:29:55,160 --> 00:29:56,680
Comment thoughtfully on their posts.

683
00:29:56,680 --> 00:29:57,920
Build relationships.

684
00:29:57,920 --> 00:29:59,840
Share your case studies and frameworks.

685
00:29:59,840 --> 00:30:04,920
Make them specific enough to be useful but abstract enough to be applicable across industries.

686
00:30:04,920 --> 00:30:09,000
The inbound mechanism takes three to six months to build momentum, but once it's working,

687
00:30:09,000 --> 00:30:11,200
it generates 30 to 50% of your pipeline.

688
00:30:11,200 --> 00:30:15,440
This is high quality pipeline because the leads are already educated about the problem.

689
00:30:15,440 --> 00:30:17,120
They're actively seeking a solution.

690
00:30:17,120 --> 00:30:19,640
They've self-qualified by engaging with your content.

691
00:30:19,640 --> 00:30:24,600
Conversion rates on inbound leads are typically 20 to 30% because they're not cold prospects.

692
00:30:24,600 --> 00:30:27,600
They're warm prospects who already understand the value of governance.

693
00:30:27,600 --> 00:30:29,640
They've already decided they need to do something.

694
00:30:29,640 --> 00:30:31,080
They're just deciding who to hire.

695
00:30:31,080 --> 00:30:32,800
The sales process is shorter too.

696
00:30:32,800 --> 00:30:37,680
Cold outreach might take 12 weeks or more to move from first contact to signed engagement.

697
00:30:37,680 --> 00:30:42,360
Inbound leads often move from first conversation to assessment engagement in 4 to 6 weeks.

698
00:30:42,360 --> 00:30:44,160
They're already convinced of the problem.

699
00:30:44,160 --> 00:30:46,880
They just need to understand your specific approach and your pricing.

700
00:30:46,880 --> 00:30:47,880
Here's what matters.

701
00:30:47,880 --> 00:30:50,440
Inbound leads don't require you to be a salesperson.

702
00:30:50,440 --> 00:30:52,160
They require you to be a thought leader.

703
00:30:52,160 --> 00:30:53,160
You're not selling.

704
00:30:53,160 --> 00:30:54,160
You're educating.

705
00:30:54,160 --> 00:30:55,160
You're sharing frameworks.

706
00:30:55,160 --> 00:30:56,440
You're publishing case studies.

707
00:30:56,440 --> 00:30:58,000
You're building authority in a niche.

708
00:30:58,000 --> 00:31:00,840
The sales happen naturally because people reach out to you.

709
00:31:00,840 --> 00:31:02,720
This is also how you build defensibility.

710
00:31:02,720 --> 00:31:06,520
If you're the person who publishes the framework for measuring architectural entropy, you're

711
00:31:06,520 --> 00:31:09,120
the person everyone calls when they need to measure it.

712
00:31:09,120 --> 00:31:12,880
If you're the person who articulates why control plane governance matters, you're the

713
00:31:12,880 --> 00:31:15,040
person everyone calls when they need governance.

714
00:31:15,040 --> 00:31:16,480
You've made yourself the obvious choice.

715
00:31:16,480 --> 00:31:17,800
The content also compounds.

716
00:31:17,800 --> 00:31:21,880
A linked in post you published today might generate a lead 6 months from now.

717
00:31:21,880 --> 00:31:25,880
A framework you share might be referenced in an article someone writes next year.

718
00:31:25,880 --> 00:31:29,760
Your thought leadership becomes an asset that generates leads long after you've created it.

719
00:31:29,760 --> 00:31:31,720
This is why inbound is so valuable.

720
00:31:31,720 --> 00:31:34,840
The effort you put in upfront generates returns for years.

721
00:31:34,840 --> 00:31:36,480
But inbound takes time to build.

722
00:31:36,480 --> 00:31:38,320
You need to establish credibility.

723
00:31:38,320 --> 00:31:39,800
You need to publish consistently.

724
00:31:39,800 --> 00:31:41,360
You need to engage authentically.

725
00:31:41,360 --> 00:31:44,400
You need to build relationships with other architects and security leaders.

726
00:31:44,400 --> 00:31:48,960
This is a 3 to 6 month play before you see meaningful pipeline generation.

727
00:31:48,960 --> 00:31:50,720
Most consultants don't have the patience for it.

728
00:31:50,720 --> 00:31:52,240
They want leads immediately.

729
00:31:52,240 --> 00:31:53,960
So they do outbound instead.

730
00:31:53,960 --> 00:31:55,240
Outbound works faster.

731
00:31:55,240 --> 00:31:56,560
But it's also more exhausting.

732
00:31:56,560 --> 00:32:00,520
It requires constant prospecting, constant rejection, constant follow-up.

733
00:32:00,520 --> 00:32:02,600
The optimal strategy is to run both.

734
00:32:02,600 --> 00:32:06,000
Do outbound to generate immediate pipeline while you're building inbound.

735
00:32:06,000 --> 00:32:09,120
As inbound builds momentum, it gradually replaces outbound.

736
00:32:09,120 --> 00:32:11,080
By month 12, you might be 50/50.

737
00:32:11,080 --> 00:32:14,640
By month 18, inbound is generating more pipeline than outbound.

738
00:32:14,640 --> 00:32:18,480
By month 24, you're mostly inbound with selective outbound to fill gaps.

739
00:32:18,480 --> 00:32:19,800
This is the long term play.

740
00:32:19,800 --> 00:32:23,200
You're building a business that generates leads without constant prospecting.

741
00:32:23,200 --> 00:32:26,520
You're building authority that makes you the obvious choice when someone needs governance

742
00:32:26,520 --> 00:32:27,520
remediation.

743
00:32:27,520 --> 00:32:32,520
You're building a moat around your consulting practice that competitors can't easily replicate.

744
00:32:32,520 --> 00:32:36,600
The client acquisition strategy outbound inbound takes time to build.

745
00:32:36,600 --> 00:32:39,800
Outbound fills the pipeline while you're establishing thought leadership.

746
00:32:39,800 --> 00:32:44,040
The acquisition is targeted, direct outreach to companies that have entropy signals.

747
00:32:44,040 --> 00:32:48,400
Entropy signals are indicators that a company is struggling with architectural decay.

748
00:32:48,400 --> 00:32:53,960
Recent breaches, failed audits, migration delays, high-cloud spend without corresponding value.

749
00:32:53,960 --> 00:32:56,040
Rapid adoption of new tools without governance.

750
00:32:56,040 --> 00:33:00,040
These are all signals that the organization has exceeded its entropy budget somewhere.

751
00:33:00,040 --> 00:33:02,480
You find these signals through multiple channels.

752
00:33:02,480 --> 00:33:05,480
News monitoring for breach announcements and regulatory fines.

753
00:33:05,480 --> 00:33:09,160
Linked in research for company announcements about new cloud initiatives, industry reports

754
00:33:09,160 --> 00:33:11,920
from analyst firms tracking cloud adoption.

755
00:33:11,920 --> 00:33:15,160
Direct research on company websites, earnings calls and job postings.

756
00:33:15,160 --> 00:33:19,120
A company that's hiring five security engineers is dealing with a security problem.

757
00:33:19,120 --> 00:33:23,080
A company that's announcing a co-pilot rollout is about to discover governance gaps.

758
00:33:23,080 --> 00:33:27,120
A company that's migrating to Azure is going to face cost and compliance challenges.

759
00:33:27,120 --> 00:33:29,040
The outbound approach is specific.

760
00:33:29,040 --> 00:33:31,280
Identify a target company with entropy signals.

761
00:33:31,280 --> 00:33:33,320
Research the CISO or IT director.

762
00:33:33,320 --> 00:33:36,400
Craft a personalized email that references their specific situation.

763
00:33:36,400 --> 00:33:37,880
The email doesn't pitch a solution.

764
00:33:37,880 --> 00:33:42,440
It asks a question that forces them to think about their control plane maturity.

765
00:33:42,440 --> 00:33:43,440
Example.

766
00:33:43,440 --> 00:33:48,080
I noticed your company announced a Microsoft 365 co-pilot rollout last month.

767
00:33:48,080 --> 00:33:52,280
Most organizations deploying co-pilot without first establishing data, loss prevention governance

768
00:33:52,280 --> 00:33:54,560
end up with significant compliance risk.

769
00:33:54,560 --> 00:34:00,240
Have you established DLP policies for co-pilot interactions with proprietary information?

770
00:34:00,240 --> 00:34:02,000
This email works because it's specific.

771
00:34:02,000 --> 00:34:03,600
It references their situation.

772
00:34:03,600 --> 00:34:05,720
It raises the concern they might not have considered.

773
00:34:05,720 --> 00:34:06,720
It's not salesy.

774
00:34:06,720 --> 00:34:07,720
It's consultative.

775
00:34:07,720 --> 00:34:10,080
It's asking a question that makes them think.

776
00:34:10,080 --> 00:34:14,000
Response rates on personalized outbound are typically 5 to 10%.

777
00:34:14,000 --> 00:34:18,320
From those responses, 20 to 30% convert to a discovery conversation.

778
00:34:18,320 --> 00:34:19,480
The math is straightforward.

779
00:34:19,480 --> 00:34:21,240
Send 100 personalized emails.

780
00:34:21,240 --> 00:34:23,160
Get 5 to 10 responses.

781
00:34:23,160 --> 00:34:25,760
Convert one to three of those to discovery conversations.

782
00:34:25,760 --> 00:34:28,120
The discovery conversation is where you pitch the assessment.

783
00:34:28,120 --> 00:34:32,560
I can spend two weeks understanding your identity, productivity and infrastructure control

784
00:34:32,560 --> 00:34:36,760
planes and deliver a risk report that shows you exactly where your entropy is and

785
00:34:36,760 --> 00:34:38,200
what it's costing you.

786
00:34:38,200 --> 00:34:41,040
The assessment is $10,000 and takes two weeks.

787
00:34:41,040 --> 00:34:44,200
Most companies will say yes to this because it's low risk.

788
00:34:44,200 --> 00:34:48,320
Small investment, short timeline, high value, they get a risk report and a remediation road

789
00:34:48,320 --> 00:34:49,320
map.

790
00:34:49,320 --> 00:34:52,880
The assessment almost always leads to a remediation engagement because the report shows

791
00:34:52,880 --> 00:34:54,760
them problems they didn't know they had.

792
00:34:54,760 --> 00:34:56,320
You've quantified the entropy.

793
00:34:56,320 --> 00:34:57,320
You've shown them the risk.

794
00:34:57,320 --> 00:34:58,520
You've given them a road map.

795
00:34:58,520 --> 00:35:02,600
The decision to remediate is almost inevitable because the alternative is to leave the entropy

796
00:35:02,600 --> 00:35:04,840
in place and hope nothing bad happens.

797
00:35:04,840 --> 00:35:08,000
That's not a business decision that's gambling.

798
00:35:08,000 --> 00:35:12,280
Outbound works best when you're targeting 20 to 30 companies per month, personalizing

799
00:35:12,280 --> 00:35:14,880
each email and following up systematically.

800
00:35:14,880 --> 00:35:18,280
This approach generates two to four discovery conversations per month.

801
00:35:18,280 --> 00:35:23,440
That converts to one assessment engagement and 0.3 to 0.5 remediation engagements.

802
00:35:23,440 --> 00:35:28,760
At 120,000 average remediation value that's 40 to 60,000 per month in closed business from

803
00:35:28,760 --> 00:35:29,760
outbound.

804
00:35:29,760 --> 00:35:32,960
This is the foundation of a predictable pipeline while inbound is building.

805
00:35:32,960 --> 00:35:34,720
You're not dependent on inbound leads.

806
00:35:34,720 --> 00:35:37,680
You're generating your own pipeline through systematic outreach.

807
00:35:37,680 --> 00:35:41,440
You're not competing on price because you're reaching out to companies with specific problems.

808
00:35:41,440 --> 00:35:44,680
You're competing on your ability to diagnose and remediate those problems.

809
00:35:44,680 --> 00:35:47,680
The key to outbound is consistency and personalization.

810
00:35:47,680 --> 00:35:49,480
Generic emails get deleted.

811
00:35:49,480 --> 00:35:50,800
Personalized emails get responses.

812
00:35:50,800 --> 00:35:54,640
You need to research each company, find the specific entropy signal, reference it in

813
00:35:54,640 --> 00:35:56,640
your email, ask a specific question.

814
00:35:56,640 --> 00:35:59,240
Make it about their situation, not about your services.

815
00:35:59,240 --> 00:36:00,560
You also need to follow up.

816
00:36:00,560 --> 00:36:02,640
Most people won't respond to the first email.

817
00:36:02,640 --> 00:36:06,760
Follow up after one week, follow up again after two weeks, after three touches, move on.

818
00:36:06,760 --> 00:36:08,240
But don't give up on the company.

819
00:36:08,240 --> 00:36:09,520
Revisit them in three months.

820
00:36:09,520 --> 00:36:10,600
Something will have changed.

821
00:36:10,600 --> 00:36:13,640
A new announcement, a new hire, a new entropy signal.

822
00:36:13,640 --> 00:36:15,440
Your persistence will eventually connect.

823
00:36:15,440 --> 00:36:19,040
The combination of inbound and outbound creates a diversified pipeline.

824
00:36:19,040 --> 00:36:22,760
Inbound generates high quality warm leads that convert quickly.

825
00:36:22,760 --> 00:36:26,080
Outbound generates volume and fills gaps while inbound is building.

826
00:36:26,080 --> 00:36:30,280
Together they create a predictable scalable client acquisition engine that generates consistent

827
00:36:30,280 --> 00:36:31,920
pipeline month after month.

828
00:36:31,920 --> 00:36:33,920
The assessment, a sales tool.

829
00:36:33,920 --> 00:36:37,360
The assessment is not just a diagnostic, it's your most powerful sales tool.

830
00:36:37,360 --> 00:36:39,480
And most consultants completely misunderstand this.

831
00:36:39,480 --> 00:36:41,120
Most consultants give away discovery.

832
00:36:41,120 --> 00:36:43,720
They offer a free assessment or a two hour discovery call.

833
00:36:43,720 --> 00:36:45,000
They think this builds trust.

834
00:36:45,000 --> 00:36:46,000
It doesn't.

835
00:36:46,000 --> 00:36:49,160
It signals that your expertise isn't valuable enough to charge for.

836
00:36:49,160 --> 00:36:52,760
Free discovery attracts tire kickers and budget constrained prospects.

837
00:36:52,760 --> 00:36:57,000
Pay discovery attracts serious buyers who understand that diagnosis costs money.

838
00:36:57,000 --> 00:36:59,280
Pay assessments, signal three things.

839
00:36:59,280 --> 00:37:00,600
First that you're serious.

840
00:37:00,600 --> 00:37:02,000
You're not desperate for work.

841
00:37:02,000 --> 00:37:03,800
You're selective about who you work with.

842
00:37:03,800 --> 00:37:05,360
Second that your time is valuable.

843
00:37:05,360 --> 00:37:08,040
You're not giving away analysis that took years to develop.

844
00:37:08,040 --> 00:37:10,720
Third that the output will be worth the investment.

845
00:37:10,720 --> 00:37:12,320
You're not doing a generic assessment.

846
00:37:12,320 --> 00:37:15,320
You're doing a specific diagnostic tailored to their environment.

847
00:37:15,320 --> 00:37:19,040
The assessment costs $8 to $15,000 and takes two to three weeks.

848
00:37:19,040 --> 00:37:21,040
It's scoped to one or more control planes.

849
00:37:21,040 --> 00:37:24,200
Identity governance, productivity governance, infrastructure governance.

850
00:37:24,200 --> 00:37:30,080
The output is a 20 to 30 page risk report with current state analysis, entropy quantification,

851
00:37:30,080 --> 00:37:33,840
risk scoring, compliance gaps and a remediation roadmap.

852
00:37:33,840 --> 00:37:34,840
Here's what makes it work.

853
00:37:34,840 --> 00:37:37,920
The assessment is designed to uncover problems the client didn't know they had.

854
00:37:37,920 --> 00:37:42,680
If the assessment only confirms what they already know, it won't drive a remediation engagement.

855
00:37:42,680 --> 00:37:46,040
You need to find the hidden entropy, the drift that's accumulated over years.

856
00:37:46,040 --> 00:37:47,840
The policies that are no longer enforced.

857
00:37:47,840 --> 00:37:49,520
The often resources creating risk.

858
00:37:49,520 --> 00:37:52,200
The service accounts with permanent credentials.

859
00:37:52,200 --> 00:37:54,240
The unmanaged flows accessing sensitive data.

860
00:37:54,240 --> 00:37:55,920
The Azure subscriptions nobody owns.

861
00:37:55,920 --> 00:38:00,160
The assessment establishes you as the expert who understands their specific situation.

862
00:38:00,160 --> 00:38:03,640
By the time you present the report, the client has already decided you're the right person

863
00:38:03,640 --> 00:38:04,880
to fix the problem.

864
00:38:04,880 --> 00:38:07,480
The remediation engagement is almost a foregone conclusion.

865
00:38:07,480 --> 00:38:08,760
You've diagnosed the disease.

866
00:38:08,760 --> 00:38:09,880
You've shown them the cost.

867
00:38:09,880 --> 00:38:11,040
You've given them a roadmap.

868
00:38:11,040 --> 00:38:14,760
The decision to remediate is inevitable because the alternative is to leave the entropy in

869
00:38:14,760 --> 00:38:15,840
place.

870
00:38:15,840 --> 00:38:19,480
The assessment also creates a baseline that makes the remediation work measurable.

871
00:38:19,480 --> 00:38:21,280
You can show before and after metrics.

872
00:38:21,280 --> 00:38:26,400
All assignments reduced by 85% privileged accounts brought under just in time control.

873
00:38:26,400 --> 00:38:27,400
Compliance gaps closed.

874
00:38:27,400 --> 00:38:30,080
Flow inventory reduced by 50%.

875
00:38:30,080 --> 00:38:33,960
These metrics are what justify the remediation investment to the CFO and the board.

876
00:38:33,960 --> 00:38:35,520
You're not asking them to trust you.

877
00:38:35,520 --> 00:38:37,400
You're showing them measurable outcomes.

878
00:38:37,400 --> 00:38:40,840
The assessment should be structured to take two to three weeks of work, not eight weeks.

879
00:38:40,840 --> 00:38:43,240
You're not doing the full remediation in the assessment.

880
00:38:43,240 --> 00:38:46,720
You're doing enough work to understand the problem and recommend a solution.

881
00:38:46,720 --> 00:38:50,880
The remediation is where the real work happens and where the real value is captured.

882
00:38:50,880 --> 00:38:53,920
Think about the assessment as the sales conversation that happens on paper.

883
00:38:53,920 --> 00:38:55,240
You're asking questions.

884
00:38:55,240 --> 00:38:56,680
You're analyzing responses.

885
00:38:56,680 --> 00:38:57,880
You're quantifying risk.

886
00:38:57,880 --> 00:38:59,200
You're presenting findings.

887
00:38:59,200 --> 00:39:00,560
You're recommending next steps.

888
00:39:00,560 --> 00:39:04,120
By the time the client finishes reading the report, they understand exactly what's wrong,

889
00:39:04,120 --> 00:39:06,160
why it matters and what needs to happen next.

890
00:39:06,160 --> 00:39:08,200
The pricing of the assessment is also strategic.

891
00:39:08,200 --> 00:39:12,920
Eight to 15,000 is enough to signal seriousness, but not so much that it's a barrier to entry.

892
00:39:12,920 --> 00:39:17,200
Most companies with entropy problems can justify eight to 15,000 for a diagnostic.

893
00:39:17,200 --> 00:39:21,800
They can't justify 120,000 for remediation without first understanding the problem.

894
00:39:21,800 --> 00:39:23,360
The assessment gets you in the door.

895
00:39:23,360 --> 00:39:25,800
The remediation is where you capture the real value.

896
00:39:25,800 --> 00:39:28,520
The assessment also creates a natural upsell path.

897
00:39:28,520 --> 00:39:31,920
Once you've completed the identity plane assessment, the client often wants to address

898
00:39:31,920 --> 00:39:34,320
the productivity plane or the infrastructure plane.

899
00:39:34,320 --> 00:39:37,080
One assessment often leads to two or three follow-on assessments.

900
00:39:37,080 --> 00:39:38,760
Each one expands the relationship.

901
00:39:38,760 --> 00:39:41,960
Each one identifies new remediation opportunities.

902
00:39:41,960 --> 00:39:46,160
By the time you're done with assessments, you've got a clear roadmap for multiple remediation

903
00:39:46,160 --> 00:39:48,640
engagements that will occupy you for the next year.

904
00:39:48,640 --> 00:39:51,920
This is how you build a predictable, scalable consulting business.

905
00:39:51,920 --> 00:39:53,560
Assessments lead to remediation.

906
00:39:53,560 --> 00:39:55,720
Remediation leads to advisory retainers.

907
00:39:55,720 --> 00:39:58,480
Advisory retainers lead to follow-on remediation.

908
00:39:58,480 --> 00:40:00,360
Each engagement expands the relationship.

909
00:40:00,360 --> 00:40:02,760
Each one increases the lifetime value of the client.

910
00:40:02,760 --> 00:40:07,320
Each one makes you more indispensable because you understand their environment better than anyone else.

911
00:40:07,320 --> 00:40:10,360
The assessment is the bridge between positioning and pricing.

912
00:40:10,360 --> 00:40:13,960
It's how you move from being a commodity consultant to being an architect of necessity.

913
00:40:13,960 --> 00:40:17,080
It's how you demonstrate value before asking for the big investment.

914
00:40:17,080 --> 00:40:20,280
It's how you make the case that governance isn't a cost.

915
00:40:20,280 --> 00:40:23,880
It's insurance against catastrophic failure.

916
00:40:23,880 --> 00:40:26,440
The remediation engagement scope and delivery.

917
00:40:26,440 --> 00:40:30,880
Once the assessment is sold, the remediation engagement is where you deliver measurable value.

918
00:40:30,880 --> 00:40:33,440
This is where you move from diagnosis to treatment.

919
00:40:33,440 --> 00:40:35,880
And it's where you prove that governance isn't theoretical.

920
00:40:35,880 --> 00:40:36,960
It's operational.

921
00:40:36,960 --> 00:40:41,800
The remediation engagement is typically 8 to 16 weeks and costs $80,000 to $200,000,

922
00:40:41,800 --> 00:40:43,320
depending on scope and complexity.

923
00:40:43,320 --> 00:40:44,720
It's structured in phases.

924
00:40:44,720 --> 00:40:46,280
Planning takes weeks one and two.

925
00:40:46,280 --> 00:40:48,880
Implementation takes weeks three through 12.

926
00:40:48,880 --> 00:40:51,280
Optimization takes weeks 13 through 16.

927
00:40:51,280 --> 00:40:52,720
Planning phase is critical.

928
00:40:52,720 --> 00:40:54,720
You finalize the remediation roadmap.

929
00:40:54,720 --> 00:40:56,240
You establish governance models.

930
00:40:56,240 --> 00:40:58,400
You define ownership and approval workflows.

931
00:40:58,400 --> 00:40:59,880
You set up the technical environment.

932
00:40:59,880 --> 00:41:00,960
You're not building yet.

933
00:41:00,960 --> 00:41:01,760
You're planning.

934
00:41:01,760 --> 00:41:02,760
You're getting alignment.

935
00:41:02,760 --> 00:41:06,120
You're making sure everyone understands what's happening and why it matters.

936
00:41:06,120 --> 00:41:07,720
This is where you prevent scope creep.

937
00:41:07,720 --> 00:41:10,280
This is where you establish clear success criteria.

938
00:41:10,280 --> 00:41:12,440
Implementation phase is where the real work happens.

939
00:41:12,440 --> 00:41:16,160
You deploy the controls for identity that means conditional access policies,

940
00:41:16,160 --> 00:41:20,400
data loss prevention rules, life cycle, automation, access reviews.

941
00:41:20,400 --> 00:41:22,680
For productivity that means environment tearing,

942
00:41:22,680 --> 00:41:27,680
DLP policies, governance models, for infrastructure that means subscription organization,

943
00:41:27,680 --> 00:41:30,000
tagging standards, cost management policies.

944
00:41:30,000 --> 00:41:31,440
You're not just configuring tools,

945
00:41:31,440 --> 00:41:34,600
you're building systems that enforce policy at scale.

946
00:41:34,600 --> 00:41:36,320
Migration is part of implementation.

947
00:41:36,320 --> 00:41:39,280
You migrate existing configurations to the new model.

948
00:41:39,280 --> 00:41:41,840
You move role assignments from direct to role-based.

949
00:41:41,840 --> 00:41:44,680
You migrate flows from unmanage to governed environments.

950
00:41:44,680 --> 00:41:48,600
You move subscriptions from ad hoc organization to governance-based structure.

951
00:41:48,600 --> 00:41:49,920
Migration is the risky part.

952
00:41:49,920 --> 00:41:51,240
It's where things can break.

953
00:41:51,240 --> 00:41:53,960
It's where you need careful planning and extensive testing.

954
00:41:53,960 --> 00:41:55,840
Training happens during implementation too.

955
00:41:55,840 --> 00:41:57,920
Admins need to understand the new governance model.

956
00:41:57,920 --> 00:42:00,000
Users need to understand why policies exist.

957
00:42:00,000 --> 00:42:03,360
Citizen developers need to understand how to build within guardrails.

958
00:42:03,360 --> 00:42:06,640
Training is how you prevent the new governance from being circumvented.

959
00:42:06,640 --> 00:42:10,160
If people don't understand why a policy exists, they'll find ways around it.

960
00:42:10,160 --> 00:42:12,840
If they understand the business case, they'll work within it.

961
00:42:12,840 --> 00:42:15,280
Optimization phase is weeks 13 through 16.

962
00:42:15,280 --> 00:42:17,120
You monitor and refine the controls.

963
00:42:17,120 --> 00:42:18,440
You address edge cases.

964
00:42:18,440 --> 00:42:20,280
You establish ongoing governance processes.

965
00:42:20,280 --> 00:42:22,600
You're not done when implementation is complete.

966
00:42:22,600 --> 00:42:25,320
You're done when the governance is stable and sustainable.

967
00:42:25,320 --> 00:42:27,440
When admins can operate it without your help.

968
00:42:27,440 --> 00:42:29,880
When the organization has the skills to maintain it.

969
00:42:29,880 --> 00:42:34,640
The key to a successful remediation is clear ownership and decision-making authority.

970
00:42:34,640 --> 00:42:37,640
You need a sponsor, usually the CSO or IT director,

971
00:42:37,640 --> 00:42:40,560
who has budget authority and can make decisions quickly.

972
00:42:40,560 --> 00:42:45,240
You need a working group with identity architect, security engineer and compliance officer

973
00:42:45,240 --> 00:42:48,200
who can provide input and execute the technical work.

974
00:42:48,200 --> 00:42:51,240
You need executive alignment on what success looks like.

975
00:42:51,240 --> 00:42:55,240
The remediation should be delivered by you with heavy involvement from the client's team.

976
00:42:55,240 --> 00:42:57,840
This is not a "we'll do it and hand it off" engagement.

977
00:42:57,840 --> 00:42:59,600
It's a "we'll do it together" engagement.

978
00:42:59,600 --> 00:43:01,040
The client's team does half the work.

979
00:43:01,040 --> 00:43:02,160
You guide and oversee.

980
00:43:02,160 --> 00:43:06,480
This approach builds client capability so they can maintain the governance after your gone.

981
00:43:06,480 --> 00:43:07,960
It also creates accountability.

982
00:43:07,960 --> 00:43:10,760
The client's team is invested in the success of the remediation.

983
00:43:10,760 --> 00:43:14,680
The remediation should produce measurable outcomes, role assignments reduced,

984
00:43:14,680 --> 00:43:17,560
privileged accounts brought under control, compliance gaps closed,

985
00:43:17,560 --> 00:43:18,800
audit readiness improved.

986
00:43:18,800 --> 00:43:21,880
These outcomes should be documented and presented to the CSO and board.

987
00:43:21,880 --> 00:43:23,560
This is what justifies the investment.

988
00:43:23,560 --> 00:43:26,800
This is what creates the foundation for the advisory retainer.

989
00:43:26,800 --> 00:43:29,400
The remediation also creates opportunities for upselling.

990
00:43:29,400 --> 00:43:33,920
Once you've fixed identity governance, you can remediate productivity or infrastructure governance.

991
00:43:33,920 --> 00:43:36,880
Most organizations need work across all three planes.

992
00:43:36,880 --> 00:43:41,000
So the initial remediation often leads to two or three follow-on engagements.

993
00:43:41,000 --> 00:43:42,640
Each one expands the relationship.

994
00:43:42,640 --> 00:43:45,040
Each one increases the lifetime value of the client.

995
00:43:45,040 --> 00:43:48,280
This is the engagement model that generates consistent revenue.

996
00:43:48,280 --> 00:43:50,080
Assessments at 8 to 15,000,

997
00:43:50,080 --> 00:43:52,320
remediation at 80 to 200,000,

998
00:43:52,320 --> 00:43:54,960
advisory retainers at 8 to 15,000 monthly.

999
00:43:54,960 --> 00:43:59,960
Each client generates 50 to 300,000 annually in revenue across all three tiers.

1000
00:43:59,960 --> 00:44:05,160
With three to five clients, you're at 150,000 to 1.5 million in annual revenue.

1001
00:44:05,160 --> 00:44:08,080
The remediation engagement is where you prove your value.

1002
00:44:08,080 --> 00:44:10,640
It's where you show that governance isn't a cost.

1003
00:44:10,640 --> 00:44:14,200
It's a risk management investment that prevents catastrophic failure.

1004
00:44:14,200 --> 00:44:16,720
It's where you demonstrate that you're not just an implementer.

1005
00:44:16,720 --> 00:44:20,360
You're an architect who understands how systems work at scale.

1006
00:44:20,360 --> 00:44:23,040
The advisory retainer building recurring revenue.

1007
00:44:23,040 --> 00:44:25,320
The remediation is one-time revenue.

1008
00:44:25,320 --> 00:44:29,680
The advisory retainer is recurring revenue that scales your business without proportional effort.

1009
00:44:29,680 --> 00:44:33,640
The advisory retainer is typically 8,000 to 15,000 per month

1010
00:44:33,640 --> 00:44:35,880
and is structured as an ongoing engagement.

1011
00:44:35,880 --> 00:44:37,920
It includes quarterly governance reviews

1012
00:44:37,920 --> 00:44:41,480
where you assess the current state of the control planes and identify drift.

1013
00:44:41,480 --> 00:44:45,160
Policy updates as the organization adopts new tools or faces new threats.

1014
00:44:45,160 --> 00:44:48,680
Optimization recommendations to improve efficiency and reduce cost.

1015
00:44:48,680 --> 00:44:51,880
Emerging threat monitoring to stay ahead of new attack vectors

1016
00:44:51,880 --> 00:44:55,840
and access to you for questions and escalations when governance issues arise.

1017
00:44:55,840 --> 00:44:58,600
The retainer is sold at the end of the remediation engagement.

1018
00:44:58,600 --> 00:44:59,840
The pitch is straightforward.

1019
00:44:59,840 --> 00:45:02,480
We've built this governance model and established the baseline.

1020
00:45:02,480 --> 00:45:06,480
To keep it working and evolving, we recommend an ongoing advisory engagement.

1021
00:45:06,480 --> 00:45:10,160
Most clients will say yes because they understand that governance isn't a one-time project.

1022
00:45:10,160 --> 00:45:11,600
It's an ongoing practice.

1023
00:45:11,600 --> 00:45:14,600
As the organization grows as new tools are adopted,

1024
00:45:14,600 --> 00:45:17,000
as policies drift, as threats evolve,

1025
00:45:17,000 --> 00:45:19,200
governance requires continuous attention.

1026
00:45:19,200 --> 00:45:24,000
The retainer is attractive to clients because it gives them predictable access to expertise

1027
00:45:24,000 --> 00:45:25,880
without having to hire full-time staff.

1028
00:45:25,880 --> 00:45:30,080
When they get a trusted advisor who understands their environment and their risk profile,

1029
00:45:30,080 --> 00:45:34,080
they get someone who knows where the entropy is and how to prevent it from accumulating,

1030
00:45:34,080 --> 00:45:37,480
they get peace of mind knowing that governance is being actively managed,

1031
00:45:37,480 --> 00:45:39,080
not just implemented and forgotten.

1032
00:45:39,080 --> 00:45:44,080
For you, the retainer is valuable because it's recurring revenue that scales without proportional effort.

1033
00:45:44,080 --> 00:45:48,880
A $10,000 per month retainer requires maybe 20 to 30 hours per month of your time.

1034
00:45:48,880 --> 00:45:53,680
That's half an FTE, but it generates $120,000 annually in recurring revenue.

1035
00:45:53,680 --> 00:45:58,480
With three to four retainers, you have 360,000 to 480,000 in recurring revenue.

1036
00:45:58,480 --> 00:46:02,680
That means you only need to close one to two new remediation engagements per year

1037
00:46:02,680 --> 00:46:05,080
to hit 500 K+ annual revenue.

1038
00:46:05,080 --> 00:46:06,680
This is the power of the retainer model.

1039
00:46:06,680 --> 00:46:08,680
It creates a stable, predictable business.

1040
00:46:08,680 --> 00:46:10,080
The revenue is predictable.

1041
00:46:10,080 --> 00:46:11,280
The workload is predictable.

1042
00:46:11,280 --> 00:46:13,880
You're not dependent on constant prospecting and closing.

1043
00:46:13,880 --> 00:46:17,680
You've got a base of recurring revenue that pays the bills and funds your business growth.

1044
00:46:17,680 --> 00:46:21,080
The retainer also aligns consultant incentives with client outcomes.

1045
00:46:21,080 --> 00:46:24,880
If you're on a retainer, you want the governance to work well and stay stable.

1046
00:46:24,880 --> 00:46:27,880
You don't want to create churn that requires constant rework.

1047
00:46:27,880 --> 00:46:31,480
You're invested in the client's success, not in selling them the next project.

1048
00:46:31,480 --> 00:46:34,880
This is different from the project model where you might be incentivized to create problems

1049
00:46:34,880 --> 00:46:36,280
so you can sell solutions.

1050
00:46:36,280 --> 00:46:38,280
The retainer also creates customer lock-in.

1051
00:46:38,280 --> 00:46:42,280
Once a client has been on a retainer for six months or more, they're unlikely to switch.

1052
00:46:42,280 --> 00:46:43,480
Switching costs are high.

1053
00:46:43,480 --> 00:46:47,880
They'd have to find a new consultant to get them up to speed on the governance model, rebuild the relationship.

1054
00:46:47,880 --> 00:46:50,680
This is why retainer clients are your most valuable customers.

1055
00:46:50,680 --> 00:46:51,880
They're not one-time revenue.

1056
00:46:51,880 --> 00:46:54,680
They're multi-year relationships that scale your business.

1057
00:46:54,680 --> 00:46:57,280
The retainer also creates opportunities for upselling.

1058
00:46:57,280 --> 00:47:01,480
As you work with the client, you'll identify new problems that require remediation work.

1059
00:47:01,480 --> 00:47:06,280
A client on a $10,000 per month identity governance retainer might also need productivity governance

1060
00:47:06,280 --> 00:47:07,880
or infrastructure optimization.

1061
00:47:07,880 --> 00:47:11,280
You can propose follow-on remediation engagements that expand the scope

1062
00:47:11,280 --> 00:47:13,280
and increase the overall relationship value.

1063
00:47:13,280 --> 00:47:15,680
The retainer is also how you build defensibility.

1064
00:47:15,680 --> 00:47:19,680
If you're the person managing a client's governance, you're the person they call when something breaks.

1065
00:47:19,680 --> 00:47:22,080
You're the person they trust with their risk management.

1066
00:47:22,080 --> 00:47:26,080
You've made yourself indispensable because you understand their environment better than anyone else.

1067
00:47:26,080 --> 00:47:29,480
This is the business model that generates sustainable, scalable revenue.

1068
00:47:29,480 --> 00:47:31,680
Assessments generate initial engagement.

1069
00:47:31,680 --> 00:47:35,880
Remediation generates substantial upfront revenue and establishes credibility.

1070
00:47:35,880 --> 00:47:39,880
Advisory retainers generate predictable recurring revenue that funds the business

1071
00:47:39,880 --> 00:47:42,080
and allows you to be selective about new projects.

1072
00:47:42,080 --> 00:47:44,880
By year two or three, most of your revenue comes from retainers.

1073
00:47:44,880 --> 00:47:47,880
You're no longer dependent on closing new projects every month.

1074
00:47:47,880 --> 00:47:51,080
You've got a base of recurring revenue that's stable and predictable.

1075
00:47:51,080 --> 00:47:53,680
You're running a business, not trading time for money.

1076
00:47:53,680 --> 00:47:55,680
Positioning against competitors.

1077
00:47:55,680 --> 00:47:57,680
You're not competing against other consultants.

1078
00:47:57,680 --> 00:48:00,680
You're competing against the cost of inaction.

1079
00:48:00,680 --> 00:48:03,680
Most of your competitors are positioned as builders or implementers.

1080
00:48:03,680 --> 00:48:05,880
They sell hours, projects or deliverables.

1081
00:48:05,880 --> 00:48:08,080
They compete on speed, cost and delivery quality.

1082
00:48:08,080 --> 00:48:11,080
They're racing to the bottom because that's the only dimension that matters

1083
00:48:11,080 --> 00:48:12,480
when the deliverable is generic.

1084
00:48:12,480 --> 00:48:17,280
A client comparing your $50,000 remediation to another consultant's 30,000 remediation

1085
00:48:17,280 --> 00:48:18,680
is making the wrong comparison.

1086
00:48:18,680 --> 00:48:21,480
The real comparison is what's the cost of not having governance.

1087
00:48:21,480 --> 00:48:25,280
If a breach costs $2 million, a failed audit cost $500,000 in fines

1088
00:48:25,280 --> 00:48:27,880
or a failed migration cost $1 million in rework,

1089
00:48:27,880 --> 00:48:31,680
then $150,000 for governance remediation is a bargain.

1090
00:48:31,680 --> 00:48:35,280
Your job in the sales process is to make this comparison explicit.

1091
00:48:35,280 --> 00:48:36,880
You quantify the cost of entropy.

1092
00:48:36,880 --> 00:48:38,280
You say it clearly.

1093
00:48:38,280 --> 00:48:42,480
Your current identity governance posture creates a breach risk of $2 million or more.

1094
00:48:42,480 --> 00:48:47,080
Our remediation costs $150,000 and reduces that risk by 85%.

1095
00:48:47,080 --> 00:48:49,680
This is how you position against lower cost competitors.

1096
00:48:49,680 --> 00:48:51,080
You're not more expensive.

1097
00:48:51,080 --> 00:48:52,080
You're more valuable.

1098
00:48:52,080 --> 00:48:53,880
You're not charging more for the same work.

1099
00:48:53,880 --> 00:48:57,480
You're charging appropriately for work that prevents catastrophic failure.

1100
00:48:57,480 --> 00:49:00,280
You're also positioned differently from the big consulting firms,

1101
00:49:00,280 --> 00:49:02,680
Deloitte, Accenture, McKinsey.

1102
00:49:02,680 --> 00:49:06,480
These firms are generalists who sell broad transformation programs.

1103
00:49:06,480 --> 00:49:10,480
You're a specialist who focuses on architectural governance in the Microsoft ecosystem.

1104
00:49:10,480 --> 00:49:13,480
Specialists are more valuable than generalists for specific problems

1105
00:49:13,480 --> 00:49:16,480
because they have deeper expertise and faster execution.

1106
00:49:16,480 --> 00:49:18,880
A client with a specific identity governance problem

1107
00:49:18,880 --> 00:49:23,680
would rather hire a specialist than pay a generalist $500 per hour to learn the domain.

1108
00:49:23,680 --> 00:49:25,280
Specialists also move faster.

1109
00:49:25,280 --> 00:49:26,680
You know the Microsoft ecosystem.

1110
00:49:26,680 --> 00:49:27,680
You know the tools.

1111
00:49:27,680 --> 00:49:28,480
You know the patterns.

1112
00:49:28,480 --> 00:49:29,880
You know what works and what doesn't.

1113
00:49:29,880 --> 00:49:31,680
A generalist is learning as they go.

1114
00:49:31,680 --> 00:49:33,880
A specialist is executing from experience.

1115
00:49:33,880 --> 00:49:36,080
This speed difference is worth money to the client.

1116
00:49:36,080 --> 00:49:40,480
It means faster remediation, faster time to value, faster risk reduction.

1117
00:49:40,480 --> 00:49:43,080
You're also positioned differently from the Microsoft partners.

1118
00:49:43,080 --> 00:49:46,880
Microsoft partners are incentivized to sell Microsoft licenses and services.

1119
00:49:46,880 --> 00:49:51,480
You're incentivized to help the client optimize their existing Microsoft investments.

1120
00:49:51,480 --> 00:49:53,280
This creates a natural differentiation.

1121
00:49:53,280 --> 00:49:57,080
You're the trusted advisor who helps them get value from what they've already bought.

1122
00:49:57,080 --> 00:50:01,080
Not the vendor trying to sell them more partners also have conflicts of interest.

1123
00:50:01,080 --> 00:50:04,280
If a partner recommends a solution that requires buying more licenses,

1124
00:50:04,280 --> 00:50:08,480
are they recommending it because it's the best solution or because it generates revenue?

1125
00:50:08,480 --> 00:50:09,680
You don't have that conflict.

1126
00:50:09,680 --> 00:50:11,480
You're recommending what's best for the client.

1127
00:50:11,480 --> 00:50:14,080
You're not making money if they buy more licenses.

1128
00:50:14,080 --> 00:50:17,680
You're making money if their governance improves and their risk decreases.

1129
00:50:17,680 --> 00:50:20,680
This positioning also changes how you talk about your competitors.

1130
00:50:20,680 --> 00:50:22,680
You don't compare yourself to other consultants.

1131
00:50:22,680 --> 00:50:26,480
You don't say I'm cheaper than that guy or I'm faster than that firm.

1132
00:50:26,480 --> 00:50:28,680
You compare yourself to the cost of inaction.

1133
00:50:28,680 --> 00:50:33,880
You say the cost of not having governance is exponentially higher than the cost of implementing it.

1134
00:50:33,880 --> 00:50:36,280
Your positioning also determines your pricing power.

1135
00:50:36,280 --> 00:50:40,680
When you're positioned as a builder, you're competing against other builders on speed and cost.

1136
00:50:40,680 --> 00:50:45,080
When you're positioned as an architect of necessity, you're competing against the cost of inaction.

1137
00:50:45,080 --> 00:50:46,680
The conversation is completely different.

1138
00:50:46,680 --> 00:50:48,680
The client isn't asking can we afford this?

1139
00:50:48,680 --> 00:50:51,280
They're asking can we afford not to do this?

1140
00:50:51,280 --> 00:50:54,080
This is the positioning that generates premium pricing.

1141
00:50:54,080 --> 00:50:56,480
This is the positioning that makes you indispensable.

1142
00:50:56,480 --> 00:51:02,480
This is the positioning that separates commodity consultants from architects of necessity.

1143
00:51:02,480 --> 00:51:06,080
The pricing negotiation went to hold, went to bend.

1144
00:51:06,080 --> 00:51:10,880
Pricing is a negotiation. You need principles for when to hold firm and when to be flexible.

1145
00:51:10,880 --> 00:51:13,880
Without principles, you'll discount yourself into poverty.

1146
00:51:13,880 --> 00:51:16,280
With the wrong principles, you'll price yourself out of deals.

1147
00:51:16,280 --> 00:51:21,880
Your baseline pricing is 8 to 15,000 for assessments, 80 to 200,000 for remediation,

1148
00:51:21,880 --> 00:51:24,280
and 8 to 15,000 per month for retainers.

1149
00:51:24,280 --> 00:51:27,280
This pricing is not arbitrary. It's based on the value you deliver.

1150
00:51:27,280 --> 00:51:28,680
But pricing is also contextual.

1151
00:51:28,680 --> 00:51:35,880
A $500 million enterprise with 10,000 employees has a different risk profile than a $50 million company with 1,000 employees.

1152
00:51:35,880 --> 00:51:38,680
Your pricing should scale with the scope and complexity.

1153
00:51:38,680 --> 00:51:42,480
For large enterprises with high complexity, price at the top of your range,

1154
00:51:42,480 --> 00:51:47,680
15,000 assessments, 200,000 remediation, 15,000 monthly retainers.

1155
00:51:47,680 --> 00:51:49,680
These organizations have substantial budgets.

1156
00:51:49,680 --> 00:51:53,080
They have regulatory requirements. They have complex environments.

1157
00:51:53,080 --> 00:51:55,880
The entropy they are dealing with is correspondingly complex.

1158
00:51:55,880 --> 00:51:59,480
The risk is higher. The value of remediation is higher, price accordingly.

1159
00:51:59,480 --> 00:52:02,880
For mid-market companies with moderate complexity, price in the middle,

1160
00:52:02,880 --> 00:52:09,480
10 to 12,000 assessments, 120 to 150,000 remediation, 10 to 12,000 monthly retainers.

1161
00:52:09,480 --> 00:52:13,280
These organizations have meaningful budgets, but tighter constraints than enterprises.

1162
00:52:13,280 --> 00:52:17,680
They have compliance requirements, but not the regulatory intensity of financial services or health care.

1163
00:52:17,680 --> 00:52:21,880
Price in the middle. For smaller companies with lower complexity, price at the bottom.

1164
00:52:21,880 --> 00:52:27,080
8 to 10,000 assessments, 80 to 100,000 remediation, 8 to 10,000 monthly retainers.

1165
00:52:27,080 --> 00:52:30,480
These organizations have smaller budgets. They have fewer compliance requirements.

1166
00:52:30,480 --> 00:52:33,280
Their environments are less complex, price accordingly.

1167
00:52:33,280 --> 00:52:38,080
The key principle. Never discount based on the client's budget constraints.

1168
00:52:38,080 --> 00:52:41,880
If a client says we can only afford 60,000 for remediation,

1169
00:52:41,880 --> 00:52:44,680
the answer is not "Okay, I'll do it for 60,000 there."

1170
00:52:44,680 --> 00:52:46,880
That's how you end up under delivering and overworking.

1171
00:52:46,880 --> 00:52:49,480
The answer is "That scope won't work for 60,000."

1172
00:52:49,480 --> 00:52:53,280
Let's reduce the scope to fit the budget, or let's phase the engagement over time

1173
00:52:53,280 --> 00:52:54,880
so you can spread the cost.

1174
00:52:54,880 --> 00:52:56,880
This maintains your pricing integrity.

1175
00:52:56,880 --> 00:52:58,480
It ensures you're not under delivering.

1176
00:52:58,480 --> 00:53:00,680
It ensures you're not burning out on low margin work.

1177
00:53:00,680 --> 00:53:03,480
It also signals to the client that you're serious about your pricing.

1178
00:53:03,480 --> 00:53:05,880
You're not desperate. You're not willing to work for less.

1179
00:53:05,880 --> 00:53:07,680
This actually increases their respect for you.

1180
00:53:07,680 --> 00:53:10,480
However, there are situations where you should be flexible.

1181
00:53:10,480 --> 00:53:13,680
If a client is in a regulated industry with high compliance risk,

1182
00:53:13,680 --> 00:53:15,480
you can justify premium pricing.

1183
00:53:15,480 --> 00:53:17,280
Top of range, they have more to lose.

1184
00:53:17,280 --> 00:53:20,880
If a client is a nonprofit or government agency with genuine budget constraints,

1185
00:53:20,880 --> 00:53:22,880
you can offer a modest discount.

1186
00:53:22,880 --> 00:53:27,280
10 to 15% in exchange for a longer engagement or retainer commitment.

1187
00:53:27,280 --> 00:53:29,080
You're not discounting because they're broke.

1188
00:53:29,080 --> 00:53:32,080
You're adjusting price in exchange for something valuable to you.

1189
00:53:32,080 --> 00:53:35,480
If a client is a good cultural fit and has potential for multi-year,

1190
00:53:35,480 --> 00:53:38,680
multi-plane remediation, you can offer a package discount.

1191
00:53:38,680 --> 00:53:42,680
Bundle assessment plus remediation plus retainer for 10 to 15% off.

1192
00:53:42,680 --> 00:53:45,280
You're discounting because the lifetime value is high.

1193
00:53:45,280 --> 00:53:49,080
You're betting on a long-term relationship that will generate substantial revenue.

1194
00:53:49,080 --> 00:53:53,280
The principle, discounts are okay if they're tied to value or relationship duration,

1195
00:53:53,280 --> 00:53:55,280
not to the client's budget constraints.

1196
00:53:55,280 --> 00:53:58,880
Another principle always position the price in terms of value, not cost.

1197
00:53:58,880 --> 00:54:01,080
Don't say the assessment costs $10,000.

1198
00:54:01,080 --> 00:54:07,480
Say the assessment costs $10,000 and typically identifies $500,000 to $1,000,000 in risk that needs to be addressed.

1199
00:54:07,480 --> 00:54:11,680
Most clients recover the cost of the assessment in the first month of remediation.

1200
00:54:11,680 --> 00:54:15,080
This reframes the price as an investment with a clear return.

1201
00:54:15,080 --> 00:54:16,680
Pricing also signals quality.

1202
00:54:16,680 --> 00:54:19,880
Premium pricing signals that you are the best, that you have high standards,

1203
00:54:19,880 --> 00:54:22,080
and that you're selective about who you work with.

1204
00:54:22,080 --> 00:54:25,880
Low pricing signals that you're a commodity and that you're desperate for work.

1205
00:54:25,880 --> 00:54:27,480
Hold your pricing with confidence.

1206
00:54:27,480 --> 00:54:29,880
The clients who are serious about governance will pay it.

1207
00:54:29,880 --> 00:54:32,480
The clients who are shopping on price aren't your clients anyway.

1208
00:54:32,480 --> 00:54:34,680
Building a team went to higher.

1209
00:54:34,680 --> 00:54:37,280
At some point you'll have more work than you can do alone.

1210
00:54:37,280 --> 00:54:38,880
This is when you need to build a team.

1211
00:54:38,880 --> 00:54:40,880
And most consultants get this timing wrong.

1212
00:54:40,880 --> 00:54:43,680
The first hire is typically a junior consultant or engineer

1213
00:54:43,680 --> 00:54:46,480
who can handle implementation work under your supervision.

1214
00:54:46,480 --> 00:54:49,880
This person allows you to take on larger remediation engagements

1215
00:54:49,880 --> 00:54:52,480
and freeze you up to focus on sales and strategy.

1216
00:54:52,480 --> 00:54:54,280
You're not hiring because you're overworked.

1217
00:54:54,280 --> 00:54:57,680
You're hiring because you have a pipeline of work that justifies the investment.

1218
00:54:57,680 --> 00:55:00,480
You should hire when you have two to three months of backlogged work,

1219
00:55:00,480 --> 00:55:01,680
not when you're fully booked.

1220
00:55:01,680 --> 00:55:05,280
If you wait until you're fully booked, you'll be stretched thin and won't have time to sell.

1221
00:55:05,280 --> 00:55:08,280
You'll be so focused on delivery that you'll miss the next opportunity.

1222
00:55:08,280 --> 00:55:11,680
If you hire too early, you'll have bench time and wasted payroll.

1223
00:55:11,680 --> 00:55:14,280
The ideal timing is when you have a pipeline of work

1224
00:55:14,280 --> 00:55:17,280
that would keep the person 60 to 70% utilized.

1225
00:55:17,280 --> 00:55:21,080
That gives you room for training and ramp up without wasting money on idle capacity.

1226
00:55:21,080 --> 00:55:25,080
The second hire is typically a subject matter expert in one of the control planes.

1227
00:55:25,080 --> 00:55:28,880
An identity architect, a security engineer, a data governance specialist.

1228
00:55:28,880 --> 00:55:31,880
This person brings deep expertise that allows you to take on

1229
00:55:31,880 --> 00:55:34,680
more complex engagements and command higher pricing.

1230
00:55:34,680 --> 00:55:36,380
You're not hiring another generalist.

1231
00:55:36,380 --> 00:55:38,880
You're hiring a specialist who can handle the hard problems

1232
00:55:38,880 --> 00:55:41,280
while you focus on client relationships and strategy.

1233
00:55:41,280 --> 00:55:43,880
The third hire is typically a business operations person

1234
00:55:43,880 --> 00:55:46,280
who handles sales proposals and delivery management.

1235
00:55:46,280 --> 00:55:49,880
This person frees you up to focus on the technical and strategic work.

1236
00:55:49,880 --> 00:55:51,680
You're no longer spending time on admin.

1237
00:55:51,680 --> 00:55:53,280
You're not writing proposals.

1238
00:55:53,280 --> 00:55:54,480
You're not managing schedules.

1239
00:55:54,480 --> 00:55:57,080
You're focusing on the work that generates the most value.

1240
00:55:57,080 --> 00:55:59,880
As you grow, you'll need to decide on your business model.

1241
00:55:59,880 --> 00:56:04,080
Stay as a solo consultant, build a small boutique firm with 5 to 10 people.

1242
00:56:04,080 --> 00:56:06,880
Or scale to a larger firm with 20 or more people.

1243
00:56:06,880 --> 00:56:09,880
The solo consultant model is the most profitable in terms of margins,

1244
00:56:09,880 --> 00:56:12,280
70 to 80% but has a ceiling on revenue.

1245
00:56:12,280 --> 00:56:16,480
You can probably generate 300 to 500,000 annually working alone.

1246
00:56:16,480 --> 00:56:18,080
You're constrained by your own capacity.

1247
00:56:18,080 --> 00:56:19,680
You can only take on so many clients.

1248
00:56:19,680 --> 00:56:21,080
You can only work so many hours.

1249
00:56:21,080 --> 00:56:25,680
The boutique firm model with 5 to 10 people has lower margins, 40 to 50%,

1250
00:56:25,680 --> 00:56:28,680
but higher revenue potential, 1 to 3 million annually.

1251
00:56:28,680 --> 00:56:29,680
You've got leverage.

1252
00:56:29,680 --> 00:56:30,680
You've got team capacity.

1253
00:56:30,680 --> 00:56:32,280
You can take on larger engagements.

1254
00:56:32,280 --> 00:56:33,680
You can serve more clients.

1255
00:56:33,680 --> 00:56:35,880
You're building a business that's bigger than yourself.

1256
00:56:35,880 --> 00:56:39,080
The larger firm model with 20 or more people has even lower margins,

1257
00:56:39,080 --> 00:56:42,480
20 to 30%, but much higher revenue potential.

1258
00:56:42,480 --> 00:56:45,880
5 million or more annually, you're running a full service consulting firm.

1259
00:56:45,880 --> 00:56:47,280
You've got multiple service lines.

1260
00:56:47,280 --> 00:56:48,480
You've got geographic reach.

1261
00:56:48,480 --> 00:56:52,880
You've got the ability to serve enterprise clients with complex multi-year engagements.

1262
00:56:52,880 --> 00:56:54,280
The choice depends on your goals.

1263
00:56:54,280 --> 00:56:57,680
If you want to maximize personal income, stay solo or build a small boutique.

1264
00:56:57,680 --> 00:57:01,480
If you want to build a scalable business that can be sold or scaled further,

1265
00:57:01,480 --> 00:57:03,680
invest in building a team and systems.

1266
00:57:03,680 --> 00:57:06,680
The key principle, higher for leverage, not to reduce your workload.

1267
00:57:06,680 --> 00:57:09,480
Each hire should allow you to take on more valuable work,

1268
00:57:09,480 --> 00:57:15,080
not just reduce your hours, a junior consultant should allow you to take on 2 to 3 times more remediation work.

1269
00:57:15,080 --> 00:57:18,880
A subject matter expert should allow you to take on more complex engagements

1270
00:57:18,880 --> 00:57:20,280
that command higher pricing.

1271
00:57:20,280 --> 00:57:23,280
A business operations person should allow you to focus on the work

1272
00:57:23,280 --> 00:57:24,680
that generates the most value.

1273
00:57:24,680 --> 00:57:27,880
This is the difference between hiring to reduce stress and hiring to scale.

1274
00:57:27,880 --> 00:57:29,880
One is tactical, the other is strategic.

1275
00:57:29,880 --> 00:57:31,680
You're not hiring because you're tired.

1276
00:57:31,680 --> 00:57:33,680
You're hiring because you've identified leverage

1277
00:57:33,680 --> 00:57:36,280
that will increase your revenue and impact.

1278
00:57:36,280 --> 00:57:39,680
Specialization versus generalization, the strategic choice.

1279
00:57:39,680 --> 00:57:43,280
As you grow, you'll face a choice that determines the trajectory of your business.

1280
00:57:43,280 --> 00:57:46,080
Go deeper in one domain or broader across domains.

1281
00:57:46,080 --> 00:57:49,280
This is the specialization versus generalization question

1282
00:57:49,280 --> 00:57:53,480
and it has profound implications for your positioning, pricing and market opportunity.

1283
00:57:53,480 --> 00:57:56,680
The specialist path means you focus on one control plane

1284
00:57:56,680 --> 00:57:59,080
and become the world's expert in that domain.

1285
00:57:59,080 --> 00:58:00,920
Identity governance, for example, you know,

1286
00:58:00,920 --> 00:58:02,280
enter ID inside and out.

1287
00:58:02,280 --> 00:58:04,680
You understand every nuance of conditional access.

1288
00:58:04,680 --> 00:58:07,480
You can architect complex access models that others can't.

1289
00:58:07,480 --> 00:58:09,880
You command premium pricing for identity work

1290
00:58:09,880 --> 00:58:12,080
because there are fewer specialists than generalists.

1291
00:58:12,080 --> 00:58:15,680
Specialists have less competition because there are fewer people willing to go deep enough

1292
00:58:15,680 --> 00:58:17,480
to become world class in one domain.

1293
00:58:17,480 --> 00:58:20,280
Most consultants stay generalists because it feels safer.

1294
00:58:20,280 --> 00:58:24,080
Browder market, more opportunities, less risk of market saturation,

1295
00:58:24,080 --> 00:58:25,480
but that safety comes at a cost.

1296
00:58:25,480 --> 00:58:28,480
You're competing against everyone else who's also a generalist.

1297
00:58:28,480 --> 00:58:31,480
You're competing on price because you're not differentiated.

1298
00:58:31,480 --> 00:58:34,480
The specialist path also gives you deeper expertise and faster execution.

1299
00:58:34,480 --> 00:58:36,880
You've solved identity governance problems a hundred times.

1300
00:58:36,880 --> 00:58:40,680
You know what works, you know what doesn't, you know the edge cases, you know the gotchas.

1301
00:58:40,680 --> 00:58:42,480
A generalist is learning as they go.

1302
00:58:42,480 --> 00:58:44,480
A specialist is executing from experience.

1303
00:58:44,480 --> 00:58:46,680
This speed difference is worth money to the client.

1304
00:58:46,680 --> 00:58:50,880
It means faster remediation, faster time to value, faster risk reduction.

1305
00:58:50,880 --> 00:58:54,680
The downside of specialization is that you have a smaller addressable market.

1306
00:58:54,680 --> 00:58:56,080
You're dependent on one domain.

1307
00:58:56,080 --> 00:59:00,280
If identity governance becomes commoditized or if the market shifts, you are vulnerable.

1308
00:59:00,280 --> 00:59:02,280
You've built your entire business around one thing.

1309
00:59:02,280 --> 00:59:04,680
If that thing changes, you have to change with it.

1310
00:59:04,680 --> 00:59:08,880
The generalist path means you offer comprehensive governance across all control planes.

1311
00:59:08,880 --> 00:59:11,880
Identity, productivity, infrastructure.

1312
00:59:11,880 --> 00:59:14,080
You can help clients with any governance problem.

1313
00:59:14,080 --> 00:59:18,080
You have a larger addressable market because you can serve clients with any governance need.

1314
00:59:18,080 --> 00:59:21,280
You have more opportunities for upselling because you can fix identity,

1315
00:59:21,280 --> 00:59:23,880
then sell productivity, then sell infrastructure.

1316
00:59:23,880 --> 00:59:28,280
The downside of generalization is that you're competing against specialists in each domain

1317
00:59:28,280 --> 00:59:29,480
and you're less differentiated.

1318
00:59:29,480 --> 00:59:31,880
You need deeper expertise across multiple domains.

1319
00:59:31,880 --> 00:59:33,080
Which is harder to build.

1320
00:59:33,080 --> 00:59:34,680
You're a mile wide and an inch deep.

1321
00:59:34,680 --> 00:59:36,880
Specialists are an inch wide and a mile deep.

1322
00:59:36,880 --> 00:59:39,480
Clients with specific problems prefer the specialist.

1323
00:59:39,480 --> 00:59:43,080
The optimal path for most consultants is specialist with adjacent expertise.

1324
00:59:43,080 --> 00:59:46,680
You specialize in one control plane, identity governance, for example,

1325
00:59:46,680 --> 00:59:49,480
and develop adjacent expertise in the others.

1326
00:59:49,480 --> 00:59:51,480
This allows you to be the expert in your primary domain,

1327
00:59:51,480 --> 00:59:53,880
while also being able to handle related work.

1328
00:59:53,880 --> 00:59:56,680
Your primary expertise is identity governance,

1329
00:59:56,680 --> 01:00:00,080
but you understand how identity connects to productivity governance

1330
01:00:00,080 --> 01:00:04,080
through co-pilot access control and infrastructure governance through Azure R-Back.

1331
01:00:04,080 --> 01:00:08,080
This positioning allows you to be the primary consultant for identity work

1332
01:00:08,080 --> 01:00:12,080
while also being a trusted advisor for broader governance questions.

1333
01:00:12,080 --> 01:00:14,480
As you grow, you can hire specialists in the adjacent domains

1334
01:00:14,480 --> 01:00:17,680
and position yourself as the orchestrator of comprehensive governance.

1335
01:00:17,680 --> 01:00:20,280
This is the path that leads to a million plus business.

1336
01:00:20,280 --> 01:00:21,880
You become known for one domain.

1337
01:00:21,880 --> 01:00:24,880
You build a team of specialists in other domains.

1338
01:00:24,880 --> 01:00:27,680
You position yourself as the architect who brings it all together.

1339
01:00:27,680 --> 01:00:29,680
The client's primary relationship is with you.

1340
01:00:29,680 --> 01:00:31,080
You understand their business.

1341
01:00:31,080 --> 01:00:32,880
You understand their risk profiles.

1342
01:00:32,880 --> 01:00:34,080
You coordinate the specialists.

1343
01:00:34,080 --> 01:00:36,480
You ensure consistency across all control planes.

1344
01:00:36,480 --> 01:00:38,480
This is also how you build a responsibility.

1345
01:00:38,480 --> 01:00:41,680
If you're the identity governance expert in the Microsoft ecosystem,

1346
01:00:41,680 --> 01:00:44,280
you're the obvious choice when someone needs identity working.

1347
01:00:44,280 --> 01:00:46,880
If you've built a team of specialists in other domains,

1348
01:00:46,880 --> 01:00:49,680
you're also the obvious choice for comprehensive governance.

1349
01:00:49,680 --> 01:00:52,280
You've made yourself indispensable because you're the only person

1350
01:00:52,280 --> 01:00:55,080
who understands all the pieces and how they fit together.

1351
01:00:55,080 --> 01:00:58,680
The specialist with adjacent expertise path also allows you to scale

1352
01:00:58,680 --> 01:00:59,880
without losing focus.

1353
01:00:59,880 --> 01:01:01,480
You're not trying to be everything to everyone.

1354
01:01:01,480 --> 01:01:02,880
You're the expert in one domain.

1355
01:01:02,880 --> 01:01:04,880
You're the coordinator of comprehensive governance.

1356
01:01:04,880 --> 01:01:07,880
You're the architect who understands how systems work at scale.

1357
01:01:07,880 --> 01:01:11,280
This is the positioning that generates sustainable, scalable revenue.

1358
01:01:11,280 --> 01:01:14,280
This is the positioning that allows you to command premium pricing.

1359
01:01:14,280 --> 01:01:17,480
This is the positioning that separates commodity consultants

1360
01:01:17,480 --> 01:01:19,480
from architects of necessity.

1361
01:01:19,480 --> 01:01:21,880
The 12-month plan to 100 K-plus.

1362
01:01:21,880 --> 01:01:25,080
Let's put this all together into a concrete plan for the next 12 months.

1363
01:01:25,080 --> 01:01:28,880
This is how you move from commodity consultant to architect of necessity.

1364
01:01:28,880 --> 01:01:32,680
This is how you build a business that generates consistent premium revenue.

1365
01:01:32,680 --> 01:01:33,880
Months 1 and 2.

1366
01:01:33,880 --> 01:01:35,880
Positioning and content foundation.

1367
01:01:35,880 --> 01:01:37,880
Start by rewriting your LinkedIn profile.

1368
01:01:37,880 --> 01:01:39,480
Remove the builder language.

1369
01:01:39,480 --> 01:01:41,280
Replace it with architect language.

1370
01:01:41,280 --> 01:01:43,880
You're not implementing power apps and Azure solutions.

1371
01:01:43,880 --> 01:01:47,680
You're architecting control systems that reduce architectural entropy

1372
01:01:47,680 --> 01:01:49,480
and enforce governance at scale.

1373
01:01:49,480 --> 01:01:51,080
Your headline isn't about tools.

1374
01:01:51,080 --> 01:01:52,280
It's about outcomes.

1375
01:01:52,280 --> 01:01:54,280
Your about section isn't about your certifications.

1376
01:01:54,280 --> 01:01:57,080
It's about the problems you solve and the frameworks you've developed.

1377
01:01:57,080 --> 01:02:00,080
Create a 10-point framework for assessing control plane maturity.

1378
01:02:00,080 --> 01:02:01,880
This is your intellectual property.

1379
01:02:01,880 --> 01:02:04,080
This is what differentiates you from everyone else.

1380
01:02:04,080 --> 01:02:05,480
It doesn't have to be complicated.

1381
01:02:05,480 --> 01:02:06,280
It's a checklist.

1382
01:02:06,280 --> 01:02:09,080
10 questions that assess the maturity of identity governance,

1383
01:02:09,080 --> 01:02:11,480
productivity governance and infrastructure governance.

1384
01:02:11,480 --> 01:02:13,480
You'll use this framework in assessments.

1385
01:02:13,480 --> 01:02:14,280
You'll publish it.

1386
01:02:14,280 --> 01:02:16,280
You'll build your entire positioning around it.

1387
01:02:16,280 --> 01:02:20,080
Publish your first five long-form pieces on architectural entropy and governance.

1388
01:02:20,080 --> 01:02:21,280
These are LinkedIn articles.

1389
01:02:21,280 --> 01:02:22,280
Block posts.

1390
01:02:22,280 --> 01:02:23,280
Medium pieces.

1391
01:02:23,280 --> 01:02:24,680
The titles are provocative.

1392
01:02:24,680 --> 01:02:28,080
Why your cloud migration is creating more risk than it's solving?

1393
01:02:28,080 --> 01:02:31,080
The hidden cost of unmanaged power platform flows.

1394
01:02:31,080 --> 01:02:32,280
Identity drift.

1395
01:02:32,280 --> 01:02:35,080
The invisible tax on your security budget.

1396
01:02:35,080 --> 01:02:36,680
You're not writing tutorials.

1397
01:02:36,680 --> 01:02:38,080
You're writing thought leadership.

1398
01:02:38,080 --> 01:02:39,080
You're naming problems.

1399
01:02:39,080 --> 01:02:40,080
You're offering frameworks.

1400
01:02:40,080 --> 01:02:42,080
You're building authority.

1401
01:02:42,080 --> 01:02:45,080
Identify 50 target companies with entropy signals.

1402
01:02:45,080 --> 01:02:48,080
These are companies that have announced cloud initiatives,

1403
01:02:48,080 --> 01:02:50,880
suffered breaches or are facing regulatory pressure.

1404
01:02:50,880 --> 01:02:52,280
You're going to reach out to them.

1405
01:02:52,280 --> 01:02:54,280
You're going to start the outbound process.

1406
01:02:54,280 --> 01:02:56,080
You're going to begin building your pipeline.

1407
01:02:56,080 --> 01:02:58,280
Start personalized outbound outreach.

1408
01:02:58,280 --> 01:02:59,680
Five to 10 emails per week.

1409
01:02:59,680 --> 01:03:01,080
These are not generic emails.

1410
01:03:01,080 --> 01:03:03,680
These are personalized to the company's situation.

1411
01:03:03,680 --> 01:03:05,880
You're referencing their specific entropy signal.

1412
01:03:05,880 --> 01:03:07,480
You're asking a specific question.

1413
01:03:07,480 --> 01:03:08,680
You're starting conversations.

1414
01:03:08,680 --> 01:03:10,080
You're planting seeds.

1415
01:03:10,080 --> 01:03:11,480
Months three and four.

1416
01:03:11,480 --> 01:03:13,280
Thought leadership and pipeline.

1417
01:03:13,280 --> 01:03:14,880
Continue publishing content.

1418
01:03:14,880 --> 01:03:16,480
Two to three LinkedIn posts per week.

1419
01:03:16,480 --> 01:03:18,680
Engage with other architects and security leaders.

1420
01:03:18,680 --> 01:03:19,880
Comment on their posts.

1421
01:03:19,880 --> 01:03:20,880
Build relationships.

1422
01:03:20,880 --> 01:03:22,680
Share your case studies and frameworks.

1423
01:03:22,680 --> 01:03:24,680
Make them specific enough to be useful,

1424
01:03:24,680 --> 01:03:27,480
but abstract enough to be applicable across industries.

1425
01:03:27,480 --> 01:03:29,480
Your outbound is generating responses now.

1426
01:03:29,480 --> 01:03:30,880
You're getting discovery conversations.

1427
01:03:30,880 --> 01:03:32,280
You're pitching assessments.

1428
01:03:32,280 --> 01:03:35,080
Summer saying, yes, you're closing your first assessment engagement.

1429
01:03:35,080 --> 01:03:36,480
This is your proof of concept.

1430
01:03:36,480 --> 01:03:37,680
This is your first case study.

1431
01:03:37,680 --> 01:03:39,480
This is your first opportunity to prove

1432
01:03:39,480 --> 01:03:40,480
that the framework works.

1433
01:03:40,480 --> 01:03:41,880
Continue outbound outreach.

1434
01:03:41,880 --> 01:03:43,680
You're now running a systematic process.

1435
01:03:43,680 --> 01:03:44,680
Research companies.

1436
01:03:44,680 --> 01:03:46,080
Identify entropy signals.

1437
01:03:46,080 --> 01:03:47,280
Personalize emails.

1438
01:03:47,280 --> 01:03:48,080
Follow up.

1439
01:03:48,080 --> 01:03:50,880
You're getting two to four discovery conversations per month.

1440
01:03:50,880 --> 01:03:53,480
That's converting to one assessment engagement per month.

1441
01:03:53,480 --> 01:03:54,880
You're building pipeline.

1442
01:03:54,880 --> 01:03:56,080
Months five and six.

1443
01:03:56,080 --> 01:03:57,880
First assessment and remediation.

1444
01:03:57,880 --> 01:03:59,480
Your first assessment is underway.

1445
01:03:59,480 --> 01:04:00,880
You're in the client's environment.

1446
01:04:00,880 --> 01:04:02,480
You're analyzing their control planes.

1447
01:04:02,480 --> 01:04:03,680
You're identifying entropy.

1448
01:04:03,680 --> 01:04:04,680
You're quantifying risk.

1449
01:04:04,680 --> 01:04:05,880
You're building the report.

1450
01:04:05,880 --> 01:04:07,280
This is where you prove your value.

1451
01:04:07,280 --> 01:04:09,280
This is where you show that the framework works.

1452
01:04:09,280 --> 01:04:11,280
You're also closing your second assessment.

1453
01:04:11,280 --> 01:04:12,480
Your outbound is working.

1454
01:04:12,480 --> 01:04:13,880
Your positioning is working.

1455
01:04:13,880 --> 01:04:15,280
You're getting inbound inquiries now.

1456
01:04:15,280 --> 01:04:16,880
People who've engaged with your content.

1457
01:04:16,880 --> 01:04:18,680
People who understand the problem.

1458
01:04:18,680 --> 01:04:20,080
People who are ready to buy.

1459
01:04:20,080 --> 01:04:21,280
By the end of month six,

1460
01:04:21,280 --> 01:04:22,680
your first assessment is complete.

1461
01:04:22,680 --> 01:04:24,080
You're presenting the report.

1462
01:04:24,080 --> 01:04:25,080
The client is shocked.

1463
01:04:25,080 --> 01:04:26,680
They didn't know they had this much entropy.

1464
01:04:26,680 --> 01:04:28,680
They didn't know the risk was this high.

1465
01:04:28,680 --> 01:04:29,880
They're ready to remediate.

1466
01:04:29,880 --> 01:04:31,880
You're closing your first remediation engagement.

1467
01:04:31,880 --> 01:04:34,480
This is 120 to 150,000 dollars.

1468
01:04:34,480 --> 01:04:36,280
This is your first big deal.

1469
01:04:36,280 --> 01:04:37,680
Months seven through nine.

1470
01:04:37,680 --> 01:04:40,080
Remediation execution and pipeline building.

1471
01:04:40,080 --> 01:04:41,680
Your first remediation is underway.

1472
01:04:41,680 --> 01:04:42,880
Your deploying controls.

1473
01:04:42,880 --> 01:04:43,680
Your training teams.

1474
01:04:43,680 --> 01:04:44,880
Your building governance.

1475
01:04:44,880 --> 01:04:46,080
This is the real work.

1476
01:04:46,080 --> 01:04:48,280
This is where you prove that you can execute.

1477
01:04:48,280 --> 01:04:51,280
This is where you build the case study that changes everything.

1478
01:04:51,280 --> 01:04:52,880
Your outbound is still running.

1479
01:04:52,880 --> 01:04:54,080
Your closing assessments.

1480
01:04:54,080 --> 01:04:55,880
Your closing your second remediation.

1481
01:04:55,880 --> 01:04:57,280
Your building pipeline.

1482
01:04:57,280 --> 01:04:58,680
You're getting inbound leads now.

1483
01:04:58,680 --> 01:04:59,880
People who've seen your content.

1484
01:04:59,880 --> 01:05:01,680
People who've engaged with your framework.

1485
01:05:01,680 --> 01:05:02,880
People who are ready to buy.

1486
01:05:02,880 --> 01:05:04,080
By the end of month nine,

1487
01:05:04,080 --> 01:05:05,680
your first remediation is complete.

1488
01:05:05,680 --> 01:05:06,880
You're presenting the outcomes.

1489
01:05:06,880 --> 01:05:09,680
Roll assignments reduced by 85%.

1490
01:05:09,680 --> 01:05:11,680
Prove-ledged accounts brought under control.

1491
01:05:11,680 --> 01:05:12,680
Compliance gaps closed.

1492
01:05:12,680 --> 01:05:13,680
The client is impressed.

1493
01:05:13,680 --> 01:05:15,480
They're ready for the advisory retainer.

1494
01:05:15,480 --> 01:05:18,280
Your closing your first ten thousand dollar per month retainer.

1495
01:05:18,280 --> 01:05:20,880
Months ten through twelve retainer and scaling.

1496
01:05:20,880 --> 01:05:22,280
You've got your first retainer.

1497
01:05:22,280 --> 01:05:24,280
You've got two remediation engagements in flight.

1498
01:05:24,280 --> 01:05:26,280
You've got three to four assessments in your pipeline.

1499
01:05:26,280 --> 01:05:28,280
Your generating consistent revenue.

1500
01:05:28,280 --> 01:05:29,880
Your building a predictable business.

1501
01:05:29,880 --> 01:05:31,680
Your thought leadership is paying dividends.

1502
01:05:31,680 --> 01:05:34,080
Your getting inbound leads without prospecting.

1503
01:05:34,080 --> 01:05:36,280
Your getting referrals from satisfied clients.

1504
01:05:36,280 --> 01:05:38,280
Your getting speaking opportunities.

1505
01:05:38,280 --> 01:05:39,680
Your getting media inquiries.

1506
01:05:39,680 --> 01:05:43,080
You're becoming known as the architect of necessity in the Microsoft ecosystem.

1507
01:05:43,080 --> 01:05:44,280
By the end of month twelve,

1508
01:05:44,280 --> 01:05:47,080
you've generated one hundred to one hundred fifty thousand in revenue.

1509
01:05:47,080 --> 01:05:48,280
You've got one retainer.

1510
01:05:48,280 --> 01:05:50,880
You've got two remediation engagements completed.

1511
01:05:50,880 --> 01:05:52,480
You've got a pipeline of assessments.

1512
01:05:52,480 --> 01:05:55,680
You're on track to hit two hundred to three hundred thousand in year two.

1513
01:05:55,680 --> 01:05:57,080
This is the twelve month plan.

1514
01:05:57,080 --> 01:06:00,880
This is how you move from commodity consultant to architect of necessity.

1515
01:06:00,880 --> 01:06:04,080
This is how you build a business that generates consistent premium revenue.

1516
01:06:04,080 --> 01:06:06,280
This is how you hit one hundred K plus.

1517
01:06:06,280 --> 01:06:07,280
The real work.

1518
01:06:07,280 --> 01:06:08,480
You now have the framework.

1519
01:06:08,480 --> 01:06:09,480
You have the positioning.

1520
01:06:09,480 --> 01:06:10,680
You have the pricing model.

1521
01:06:10,680 --> 01:06:12,680
You have the client acquisition strategy.

1522
01:06:12,680 --> 01:06:17,480
You know how to position yourself as an architect of necessity instead of a feature builder.

1523
01:06:17,480 --> 01:06:19,480
You know how to price governance instead of projects.

1524
01:06:19,480 --> 01:06:23,080
You know how to build a business around risk mitigation instead of hours.

1525
01:06:23,080 --> 01:06:24,080
But here's what matters.

1526
01:06:24,080 --> 01:06:26,080
This only works if you actually execute.

1527
01:06:26,080 --> 01:06:30,080
If you stay positioned as a builder, if you compete on cost, if you give away discovery,

1528
01:06:30,080 --> 01:06:31,080
nothing changes.

1529
01:06:31,080 --> 01:06:32,880
The framework only works if you apply it.

1530
01:06:32,880 --> 01:06:37,080
Start small, run one assessment, charge for it, get a risk report into a client's hands,

1531
01:06:37,080 --> 01:06:40,680
see what happens, see how they react when you quantify the entropy they didn't know they had.

1532
01:06:40,680 --> 01:06:44,080
See how fast they want to remediate once they understand the cost of inaction.

1533
01:06:44,080 --> 01:06:46,280
That's when you'll understand that this isn't theory.

1534
01:06:46,280 --> 01:06:48,880
This is how consulting actually works at the top level.

1535
01:06:48,880 --> 01:06:52,480
The consultants making one hundred K plus aren't smarter than you.

1536
01:06:52,480 --> 01:06:54,280
They're not better at coding or configuring.

1537
01:06:54,280 --> 01:06:55,880
They're just positioned differently.

1538
01:06:55,880 --> 01:06:59,880
They sell necessity, not features and necessity always beats cost.

1539
01:06:59,880 --> 01:07:03,480
If this episode helped you think differently about your consulting business,

1540
01:07:03,480 --> 01:07:05,280
please leave a review wherever you're listening.

1541
01:07:05,280 --> 01:07:06,680
Reviews tell us what resonates.

1542
01:07:06,680 --> 01:07:08,480
They tell us what you want to hear more about.

1543
01:07:08,480 --> 01:07:10,680
They help other architects find this conversation.

1544
01:07:10,680 --> 01:07:12,880
If you want to share your own entropy story,

1545
01:07:12,880 --> 01:07:15,480
discuss how you're repositioning your consulting practice

1546
01:07:15,480 --> 01:07:21,480
or suggest a future episode topic, connect with Mirko Peters on LinkedIn at M365 show.

1547
01:07:21,480 --> 01:07:22,480
He reads every message.

1548
01:07:22,480 --> 01:07:27,480
He's building this community of architects who understand that governance is where the premium revenue lives.

1549
01:07:27,480 --> 01:07:30,680
Until next time, stop building features, start architecting control.