Home / Nerdio Academy / Nerdio / Nerdio’s 5 Core Design Principles: What Sets Us Apart and Preps MSPs for Azure Success

Nerdio’s 5 Core Design Principles: What Sets Us Apart and Preps MSPs for Azure Success

Vadim Vladimirskiy
Vadim VladimirskiyFounder & CEO, Nerdio
0 commentsSeptember 18, 2019Articles

Underpinning Nerdio’s mission of empowering managed service providers (MSPs) to build successful cloud practices in Microsoft Azure through our easy to use deployment, pricing/packaging, management, and cost optimization IT automation software are five core product design principles:  

  1. No customer lock-in. Earn the business month-after-month through automation, simplification, and exceptional support.
  2. Stay out of the critical path. Don’t be in the way of the user accessing their workload.
  3. Pilot safely. Enable seamless trials, non-disruptive production pilots, and easy-to-scale transition to full production.
  4. Be native. Do not embed third-party software unnecessarily.  Instead build native code to integrate with Azure and the rest of the Microsoft technology stack.
  5. Be intuitive. IT is complex and so is Azure.  Simplify through intuitive UI and relentless automation.

These principles emerged from walking in our customers’ shoes for over a decade prior to embarking on the journey of building the Nerdio software.  This unique perspective provides us with a deep understanding of the world our MSP partners live in, the challenges they face, and the customer expectations they must live up to. We are fortunate to continue seeing the world through the eyes of the MSP and this enables Nerdio to solve the most challenging problems MSPs face in intuitive ways. 

After seeing a demo of Nerdio for Azure, an MSP often says: “How do you know our challenges so well?  Do you work here?”  Such feedback is powerful validation and confirmation that we’re on the right path.

Nerdio’s History and Value-add

Before founding Nerdio in 2016, we started a company called Adar in 2005 that embarked on a journey to build a unique MSP business using a new service delivery model.  Adar’s founders were IT veterans who set out to build a 100% recurring revenue-based MSP business that would deliver high quality IT-as-a-Service (ITaaS) by leveraging server virtualization, desktop virtualization, and hosting technologies to help organizations outsource not just their IT services -- like help desk and monitoring -- but all of the hardware and software components of the IT stack, too. 

This being before the days of the cloud, Hyper-V, and VDI, Adar had to innovate not only in creating this new service model, but also in designing a scalable technology stack that would perform well for the customers, be secure and compliant, and cost-effective to support thousands of deployments at scale. 

Fast forward to 2016 – Adar succeeded in building a large 100% MRR business with best-in-class margins and hundreds of worldwide customers across a diverse set of industries.

Empowering MSPs Based on Experience and Expertise

During this journey, much was learned about MSPs, their customers, and the technologies that work best.  In 2016, we decided to take these learnings and start a new company that would build a software platform to empower other MSPs to build successful cloud practices in their own geographic markets.  Nerdio for Azure was born and has become the gold standard automation platform for MSPs looking to build and grow their Azure practice. 

Before writing the first line of code, we spent countless hours defining the principles that would guide our product design efforts.  These principles emerged from building the type of business where Nerdio software would help others succeed, having seen all possible trade-offs and pitfalls. 

There are five core principles guiding our product strategy and helping us make the right day-to-day decisions in the face of competing priorities. 

Here, we will outline each of the five, explain them in detail, and illustrate why the alternative is not only less than optimal, but a bad idea for an MSP to bet their business on.


Principle #1: No Customer Lock-In

Recurring revenue streams are all the rage today--and for good reason. Recurring revenue provides predictability and dramatically increases valuations, but also comes with its unique set of challenges.  Acquiring customers is very expensive to begin with but keeping them is critical to the long-term survival of any recurring services business.  

Reducing customer churn is probably the single most significant lever that drives long-term recurring revenue growth and business value and as a result, companies should do everything possible to keep this churn as low as humanly possible. 


How to Reduce Customer Churn

There are several tactical things a company can do to reduce churn: have a dedicated Customer Success function focused on retention, sign long-term contracts with customers, offer loyalty discounts, and more.  Ultimately, a customer will churn if the reason to leave (e.g. better product and/or lower cost elsewhere) is greater than the reason to stay.  There is also a concept of switching costs, defined as the cost (either financial, time, risk, etc.) of leaving the current provider.  Switching costs increase the reason to keep the status quo even if there is a better alternative available elsewhere.  For instance, contracts that have early termination clauses increase switching costs and cause customers to stay put. 

Another way to increase switching costs is to “lock the customer” into a particular technology and make it very difficult for them to switch to another provider or technology stack.  For software providers it is very tempting to use this tactic and prevent customers from leaving even if the provider is no longer delivering enough value to justify the monthly price they are charging. 

Unfortunately, many companies do this, and we’ve seen our share of horror stories of partners trying to migrate away from their existing provider who is holding them hostage.  It is a painful process and one that costs more than they ultimately have accrued in long-term value by being with the vendor in the first place.


Nerdio Prefers Loyalty Instead

At Nerdio, we don’t believe in locking customers in to reduce churn or even in asking them to sign a termed contract.  We believe that users should derive value from our software, support, and education day after day and month after month and we need to keep earning their business for them to stay loyal, rather than strongarm them into “loyalty” against their will. 

This is the reason why we don’t have quotas, minimum commitments, or long-term contracts.  Our partners pay only for what they use and can leave at any time with ease.  Let’s look at a few lock-in mechanisms that others use --and what Nerdio stays away from.


Multi-tenant / Shared / Hoteling Environments

This IT infrastructure design goes by many names, but the result is the same in that it makes it difficult for customers to leave because parts of their IT system are intermingled with those of other customers. 

Vendors often justify sharing things like networks, Active Directory, and infrastructure services among customers by saying that it’s more cost effective.  They call them “platform services” and the pitch goes something like this: “Mr. Customer, why would you want to pay for your own Active Directory domain controller when we could safely combine your Active Directory together with other customers’ and save you a few dollars per month?” 

Sounds reasonable, right?  Maybe… until you consider the tradeoffs:

  • Moving to another provider becomes a monumental task because you can no longer take your AD domain controller VM and move it over. You must migrate everything out and rebuild the entire environment at the new provider.  This is good for the incumbent vendor but terrible and very expensive for the customer.
  • You can’t have full admin access to your own system. Why?  Because admins would have access to other customers’ data.  This means having to open a ticket for every possible change that needs to be made and being at the mercy of the provider to respond promptly.
  • Changes made to a shared platform environment on behalf of other customers can have a negative impact on your environment. Since things are shared, changes for one customer could have a far-reaching impact on many other customers.
  • Flexibility is lost. You can’t configure your environment exactly the way you want to because the provider must keep things standardized on behalf of all their customers.  This limits your ability to adapt the IT environment to fit the unique needs of your business.
  • Security can be compromised. A single customer can be attacked by ransomware and all other customers’ systems can be affected.  This also makes the ability to pass regulatory audits challenging and sometimes impossible.

Deep Integration Into the IT Environment With Custom Agents

Shared “platform” environments are not the only thing that locks customers into their current vendor’s platform.  We often see cloud automation software vendors create deep integrations between their own control plane and the customer’s IT environment.  This may be done in the form of an agent that runs inside the operating system of a VM and gets controlled by the global control plane of the vendor, or it may be some other mechanism that makes the individual VM dependent on the vendor’s service. 

This results in a situation where disconnecting the vendor’s service leaves the customer’s IT environment in an inoperable state since it can’t connect to the vendor’s service.  Migrating away from the vendor means rebuilding the entire environment to remove these dependencies.


Nerdio’s Approach: Single Stack Deployments

With Nerdio for Azure, every customer deployment is fully isolated, standalone and self-sufficient.  There are no shared resources and every customer’s environment can be managed fully with no admin restrictions (assuming proper permissions).  We call this “single stack” deployments.  Every customer account resides in its own Azure resource group and typically in its own Azure subscription. 

The Nerdio software can be easily turned off on an account and everything that’s already inside of the deployment will continue to function as is. Migration is unnecessary, security is maintained, and each environment can be fully customized in any way the customer sees fit.

But wait… isn’t this more expensive as I now need additional domain controllers and file server VMs?  Not really. In most environments the cost of these platform services is negligible relative to the cost of virtual desktops or application servers themselves.  There are also burstable VMsthat are often used for these roles and the tiny incremental cost is well worth it considering the above tradeoffs.

Not only is each Nerdio-deployed IT environment isolated and self-sufficient, it can also be easily disconnected from the Nerdio service without breaking the users’ ability to do their work.  The value-added management and auto-scaling capabilities of Nerdio would no longer be available but the IT system itself, as it is right now, would continue operating without any disruption.

Learn more about Nerdio for Azure


Principle #2: Stay Out of the Critical Path

It can be very tempting for software companies to introduce their own code into the connection path between the end-user and the IT infrastructure. There may be a cool feature the software vendor wants to enable and the easiest way to do this is to create a custom user app or have the end-user connect to the management backplane hosted by the software company before reaching their own workload.

This is a serious design flaw that can leave the user unable to work as a result of software vendor bug or outage!  Especially when working with Azure and virtual desktop workloads, users need to get to their IT environment hosted in Azure to be able to do their work. If the software vendor’s app malfunctions or their control plane that routes user connections is running slowly or is down, thousands of users could be stranded without the ability to work even if their own local environment and Microsoft’s cloud back-end is experiencing no issues.

Microsoft invests billions of dollars a year into their data centers and IT infrastructure. They create redundant and highly available environments and customers pay a premium for various levels of Service Level Agreements from Microsoft. They may also have redundant networking, firewalls, and internet connections at their on-premises environment to ensure they can always get to Azure.  However, if another vendor’s software sits in between the users and Azure, it becomes the single point of failure for this connection path.  Any issues with the vendor’s software or platform negate any benefits provided by a customer’s local redundancy and Azure’s high availability and SLAs.


What We See Others Do

Unfortunately, we see this simple design principle violated frequently by cloud automation software vendors.  For instance, some vendors will create what they believe to be “clever” features that can turn an Azure environment on when it detects a user login attempt.  In order to achieve this, they will build a customer end-user application that needs to be installed on every user’s desktop. The app will first communicate with the vendor’s control plane, the control plane will determine if the connecting user is authorized to power on the Azure environment, and if so, will turn it on.  Unfortunately, if the app or the control plane malfunction, then all users will be dead in the water without the ability to connect to their Azure desktops and other workloads.


Nerdio’s Approach: Redundancy, Reliability, Simplicity

We believe that our job at Nerdio is to help manage the Azure environment -- but in a way that doesn’t interfere with the user and their desktop. Therefore, we opt to use native Microsoft functionality instead of creating custom end-user app and routing connections through our own control plane. 

With Nerdio, deployed IT environments users connect directly to Azure from their own devices using Microsoft’s native clients.  This ensures that no matters what happens to our control plane, end-users continue to work uninterrupted. 

After all, that’s why companies migrate to the cloud; to improve systems reliability – not introduce a new single point of failure they can’t control.


Principle #3: Pilot Safely

What can be worse than deploying a pilot of a new technology and having the provisioning automation break or negatively impact the production environment? Cloud implementations are large, transformational changes and deploying such technologies into an existing production environment for purposes of a pilot is risky.


Deploying Trial into a Production Active Directory Environment

We hear stories from our partners time and time again about wanting to try a new technology (Windows Virtual Desktop, for instance) and using a deployment automation product to provision a trial.  The deployment goes right into an existing environment and makes changes that were unintended and not well understood by the partner.  These changes damage the existing environment and lead to the customer having a poor perception of the new technology even though it was the risky deployment automation that was at fault in the first place.

Extracting a trial account from a production environment is also a difficult task.  It requires careful removal of many elements without accidently deleting something that’s being used. Even when done properly some elements of the trial remain.


Nerdio’s Approach: High-Level Trial and Migration

Leveraging our experience across thousands of cloud deployments, Nerdio has perfected the trial and migration process.  This process consists of three, high-level phases:

  1. Deploy a non-disruptive trial in a “greenfield” environment
  2. Connect the trial to an existing environment for a “Production Pilot”
  3. Transition the “Production Pilot” to “Full Production” and scale


Let’s review what’s involved at each phase:

  1. Deploy a non-disruptive trial in a “greenfield” environment

Every new Nerdio for Azure deployment starts out as a “greenfield” environment.  This means that it is not integrated into an existing production system and can be safely used to play around with the new technology without the concern of messing something up.  At this stage, customers can create resources, install applications, test performance, and do general testing of Azure and Nerdio.

  1. Connect the trial to an existing environment for a “Production Pilot”

Once the trial environment is validated as something the customer wants to deploy, the next step becomes doing a limited pilot or proof-of-concept deployment with a small group of real users.  At this stage, it is necessary to connect the greenfield deployment to an existing production environment. 

Nerdio automates the process of connecting the two environments together by extending the networking and Active Directory of the existing environment into the new Azure deployment.  Once Nerdio’s Hybrid AD feature is enabled, the Nerdio Admin Portal can see objects in the existing AD and assign desktops to existing users without the need to re-create or modify these user accounts.

This enables a smooth and non-disruptive way to convert a trial environment into one that can be tested in production by a limited number of users. This process is safe because no changes are made to the existing user objects and newly created desktop resources are joined to the existing AD automatically.

  1. Transition the “Production Pilot” to “Full Production” and scale

Once the production pilot demonstrates that it meets predefined success metrics (e.g. users are satisfied with application compatibility and performance), Nerdio makes it simple to transition the environment into full production and scale the deployment to accommodate a larger user population.  This typically involves growing the size of the initial environment, creating new desktop pools with larger instances and auto-scale limits, and assigning more users to Azure resources.  At this stage, the Azure deployment has been fully tested in production and is ready to scale.


Want to learn about all things Azure in a timely basis? Subscribe to our newsletter!

Sign up now


Principle #4: Be Native

The cloud has introduced a significant paradigm shift both in the way software products are created and the way IT infrastructure is managed.  Legacy IT management software solutions aren’t good candidates for managing modern, cloud infrastructure.  An existing software product originally designed to manage on-premises, private cloud, or non-Azure public cloud environments often carries lots of “technical debt”.  Unfortunately, we see providers in the market retrofitting legacy products that were created many years ago and designed to manage legacy infrastructures marketing them as modern software that’s native to Azure.

When building automation software, there are many third-party products that could be integrated into the technology stack to simplify the development process. Tools like Terraform, Packer, Chef, and Puppet are great for deployment automation and infrastructure scripting. But the more such technologies are integrated into the core product, the more reliant it is on multiple vendors and the more complex it becomes.

It is also tempting to create a custom client app with branded icons and colors instead of using the built-in, out-of-the-box functionality that Microsoft provides.  Adding custom printer handling software, multi-factor authentication utilities, and OS agents can improve functionality in the short term (until Microsoft’s native tools add this functionality), but will also increase complexity and cost of the software and cause the customer to be locked into the vendor’s unique solution.


Nerdio’s Approach: Native Technology

Nerdio for Azure was designed from the ground up as a native Azure application using modern technology and carries no technical debt as the result any legacy roots.

When creating and enhancing Nerdio for Azure, we opt to use as much native Microsoft technology as possible and rarely, if ever, resort to using third-party code in our product. We leverage all the native APIs and scripting capabilities of Azure CLI and PowerShell and do not install any custom agents on each virtual machine running in Azure.  We also don’t replace the native Windows Virtual Desktop or RDP client with a custom application.

We strongly believe there is plenty of room for third-party functionality to be used to extend the underlying Microsoft and Nerdio technologies, but the set of tools used should be chosen by the customer for their specific use-case scenario. 

Nerdio for Azure fully supports third-party tools that many customers choose to integrate into their Nerdio deployments.  However, we try to provide a clean environment that can accommodate any third-party product, so the customer doesn’t have to be locked into one specific version.  The goal is to provide customers with the same flexibility and control in the cloud as they have with on-premises and private data center IT environments.


Principle #5: Be Intuitive

IT is complex.  Cloud is even more complex.  Azure is a collection of hundreds of services that are evolving at an amazing pace and it is difficult to keep up.

IT administration is concerned with only a subset of the availability functionality, but the native management portals are full of distractions and ways to easily make mistakes when making changes.  They also presume that the user has enough level of understanding of the fundamentals of Azure to be used properly – something that is challenging for many IT administrators and MSPs.

Flexibility and ease-of-use are at opposites ends of a spectrum.  The more flexible a management portal is, the more the user needs to know about the way that it works, the choices they need to make, and the ramifications of their decisions.  An overly simplistic UI may be easy to use but may be so rigid that it doesn’t accommodate real-world use-case scenarios.


What We See on the Market Today

All Azure deployment and management automation platforms can be mapped on this simplicity/flexibility spectrum.  Many claim their mission is to simplify Azure but offer a user interface that is overly complex, not user-friendly, and requires the operator to be well versed in the underlying Azure technologies.  Their deployment wizards require the user to spend many minutes making a multitude of choices without clear guidance as to what these choices should be.  Sometimes these products beg the question: “Why do I need it?  Can’t I do this in the Azure portal?”

They strive for simplicity but end up much further on the side of flexibility with a cobbled together UI that is confusing and difficult to use.


Nerdio’s Approach: Intuitive and Simple

Flexibility is important, but simplicity and intuitiveness are primary. Nerdio bridges the gap between simplicity and flexibility by:

  • Creating a user-interface (UI) that is intuitive to IT Administrators.Functions are grouped and laid out in a way that makes sense to those who work with IT.  The interface is clean and not overly “deep”, meaning that most actions can be accomplished in 3-clicks or less.
  • Giving users “packaged actions”. If certain sets of actions typically are performed in tandem, we package them together by default.  For example, expanding a virtual disk on a VM does not only grow the disk in Azure but extends the Windows volume inside the VM.  Archiving a user doesn’t only disable the AD account, but archives the mailbox, OneDrive data, personal Documents, and Desktop items and assigns them to the archived user’s manager.
  • Automating relentlessly. We script and automate as many of the actions as possible and provide them as simple point-and-click actions in the Nerdio Admin Portal UI.
  • Allowing for flexibility. Simplifying is great but it must come with a certain level of flexibility.  We first simplify but then allow users to follow the first simplified action with an ability to customize and achieve the desired level of flexibility.  For instance, deploying a new Nerdio for Azure account requires 3 clicks and less than 60 seconds of a user’s time.  However, once the standard environment is provisioned, every aspect of it can be easily customized to meet the customer’s unique requirements.

Nerdio’s unique approach and adherence to these five core product design principles is resonating well with the markets that we serve.  MSPs find it intuitive and easy to use but at the same time very powerful and complete. 

One MSP put it best: “We call it [Nerdio Admin Portal] our ‘magic tool’.  It knows what you want to do and even how you should do it – even when you don’t.”

Nerdio’s mission is to empower MSPs to build successful cloud practices in Microsoft Azure and our software design efforts are squarely focused on this objective.  We strive to earn our customers’ business month-after-month by making it easier for them to deploy, price, package, manage and optimize their Azure deployments.


Contact us today to learn more.

Get in touch