How EDV Neumann Made lywand an Integral Part of its Service Portfolio

Introducing our Partner EDV Neumann

Over 30 Years of Experience in the IT Industry

EDV Neumann was founded back in 1993. Managing Director Frank Neumann has been working in the IT industry for over 30 years and has experienced the development from a classic system house to managed services provider at first hand. Today, the company has 14 employees and mainly serves small and medium-sized companies in the Karlsruhe region. The majority of customers have between one and ten employees. In total, EDV Neumann supports around 170 customers under managed service contracts and currently manages around 1500 devices.

From Traditional System House to MSP

The move to become a managed service provider took place in 2017, when the company was fundamentally restructured. Instead of traditional project business, the team consistently focused on recurring services such as monitoring and patch management.

“We made a radical cut back then,” says Frank Neumann. The company made a clear decision for its customers. “We basically told customers: either you book the model or we won't support you anymore.” Although this clear line was quite strict, only one customer was lost in the end. For Frank Neumann, this was definitely a confirmation of his strategy. It is crucial that an MSP defines its services itself and does not try to let each customer decide individually.

The advantage of this approach is particularly evident in the recurring revenues. Managed services ensure a stable “background noise” of monthly revenues and create planning security for the company.

The Path to Vulnerability Management and to lywand

NIS2 as a Trigger for More Security Transparency

EDV Neumann had already established a solid technical basis with monitoring and patch management. Nevertheless, one key question remained unanswered: how can the actual security status of the managed systems be systematically evaluated? Ultimately, the specific trigger for taking a closer look at vulnerability management was the NIS2 Directive.

A major customer of the system house is an automotive supplier and has to fulfill requirements within the framework of NIS2, including the reporting and management of security vulnerabilities. This also created a need for the IT service provider itself to record vulnerabilities in a more structured way. At the same time, the team wanted to check how well its own processes were actually working, particularly in patch management.

No Complete Security Overview Before lywand

Before the introduction of lywand, the analysis was mainly based on information from the RMM system. Although it was possible to see whether updates had been installed or were missing, a complete overview of security vulnerabilities was not possible. This changed fundamentally with lywand. In addition to operating system updates, vulnerabilities in third-party software or industry software are now also visible and the security situation of the systems can be displayed much more transparently.

The first personal contact with lywand finally came about at an MSP conference in May 2025, where Frank Neumann and the team discussed the use of the platform in more detail for the first time.

Integration of lywand into the Service Portfolio

Expansion of the Basic Package

The economical integration of lywand into the existing service portfolio is interesting. EDV Neumann's basic package originally consisted of a managed client service including monitoring and patch management. This package was adjusted slightly with the introduction of lywand. The price per device rose from 13 to 15 euros.

Despite this adjustment, there have been no negative reactions from customers, according to Frank Neumann. On the contrary: "Many customers react positively to the additional security analyses, especially when they can track the results and improvements.

Technical Rollout to all Clients

For the rollout, EDV Neumann first exported the customer list from the existing RMM system and imported it into lywand. The agent software was then installed automatically via a script in RMM - in silent mode, without any intervention by the customer. The rollout itself was completed within a few hours and went smoothly.

The technicians were then able to use the API to check whether the agent had been installed correctly on all systems. As a result, all 1500 supported devices were connected within a very short time.

Tangible Added Value Through the use of lywand

Initial Results and Surprising Findings

The initial analyses provided a much clearer picture of the actual security situation. Frank Neumann had initially expected that significantly more critical problems would become apparent. The reality was different: Many basic processes were already working well. At the same time, however, there were also some surprising findings. For example, 240 vulnerabilities were discovered even in the company's own system house, including in tools such as a password manager and an internal wiki. These results were a real eye-opener for the team.

Remediation of the Most Critical Vulnerabilities

One major advantage today is the better overview of customers' security ratings. The strategy is clear: the customers with the worst ratings are approached first. The team actively addresses these customers and clarifies together which measures make sense, such as updates from manufacturers or adjustments to the configuration.

New Service Potential Through Identified Vulnerabilities

For EDV Neumann, this approach also has an economic effect. The analysis of vulnerabilities is part of the service, but the actual rectification is billed as a service. This regularly results in additional project or support hours, while at the same time improving the customer's IT security. Since the introduction of lywand in January, this has already resulted in several additional service assignments.

More Efficient Processes Through Automation

In addition to improved transparency, the internal work routine has also changed. If a customer's security rating deteriorates, a ticket is automatically created. The technicians receive all relevant information on the vulnerabilities directly and no longer have to search for knowledge base articles or patch information themselves. This makes processing much more efficient.

Another advantage of the standardized service approach can also be seen in the team: as the same tools are used for all customers, it is much easier to train employees and scale processes better.

Frank Neumann Shares These Tips With Other MSPs

Frank Neumann gives several practical tips from his experience with the introduction of lywand:

• An important point is to test new services with particularly trusting customers first. If they are convinced, the service can usually be transferred to other customers.

• He also recommends using new tools consistently for all customers - both for existing contracts and new customers. Especially in sales, a security analysis can be a very convincing argument.

• At the same time, you should not try to fix every single vulnerability immediately. In practice, it makes more sense to focus on critical vulnerabilities first and implement improvements step by step.

• Another important factor is your own team. Technicians should be involved in the evaluation of new tools at an early stage instead of simply imposing decisions from above.

Conclusion

EDV Neumann's experience shows very clearly how vulnerability management can be successfully integrated into an MSP model. The key lies not only in the technology, but above all in clear standards, automated processes and a pragmatic approach.

With lywand, the team was able to make vulnerabilities more transparent, provide customers with more targeted advice and at the same time tap into new service potential. This creates a win-win situation for managed service providers: more security for customers and new opportunities for service and consulting.