Have you ever wondered how apartment complexes can offer internet services as an extra cost to your rent bill? If you are someone like me, you may be wondering if the same thing is possible in, for example, an office building that you own that includes various businesses. After spending several hours researching this, the laws and regulations are difficult to both understand and be able to adhere to. I first would recommend simply following the steps involved with your current ISP’s reseller program to discuss this with them directly, as I am sure they are aware of how to proceed with the project. Different states and countries require different forms and laws to adhere to, leading to even more confusion.
Regarding all the privacy concerns, laws, and regulations, these would be somewhat similar to the same steps one takes to secure their own IT operations. Other than that, it looks like Form 477: https://us-fcc.app.box.com/v/Form477Instructions is one of the primary documents one must submit twice a year or so; this document is utilized by the FCC to determine which providers are servicing various areas. Per several resources, one cannot offer their ISP’s services at a lower rate than they do, but I am sure some programs and discounts can make this more appealing to customers. Furthermore, there are several federal, state, and local grants and programs to benefit ISPs, including the Community Connect Program.
In simple terms, becoming your own ISP is somewhat of a false statement; in reality, one would be merely passing on their ISP’s services to their tenants. As everything in the tech world revolves around contracts and TOSs (Terms of Service), reselling internet connections can be a challenging thing to do, however, can open additional revenue streams. There are several areas in the project that would need to be planned for and agreed upon by both your current ISP, your organization, and any tenants that fall under your area of coverage. For example, how many lines would each tenant require? What would be the agreed-upon rate-limited speed? Who is responsible for each network’s operation and performance? Without answering these questions, one opens themselves up to a wide array of possible complications down the road.
The biggest challenge of this project is the administrative/support side. Since one would be the tenant’s ISP, customers are going to go to them most likely when issues occur. Also, abuse notices and things of that nature will come to the organization reselling data services, and they can’t just be ignored. If cybercrime exists on the network, the ISP could be at fault and would have to report it. Cyberattack? Same thing. While I am sure most of the responsibility lies on the actual ISP and not the organization reselling it, one would need to ensure that this is the case and find out when this doesn’t apply.
Now, say one successfully manages to resell their ISP’s internet services to tenants, what else could one do to increase profits? Even if an organization chooses not to include IT support/security with this project, we all know if a tenant’s computer has an issue, they will most likely contact the ISP even if it has nothing to do with the Internet; due to this, one should include it in their billing, so they don’t do it for free and without any form of insurance/SLA coverage. At this point, an organization would be tiptoeing towards becoming an MSP (Managed Services Provider), where an external organization handles various technological aspects of an organization for them. Additionally, thanks to the current state of phone technology, offering VOIP phone services would be another excellent revenue stream, along with cybersecurity, backups, physical security (cameras, locks, etc.), and general managerial and financial services.
If the organization that is reselling their ISP’s services does decide to offer at least minimal service requests, this opens both increased profits and headaches. First, one would have to create contracts that state what is and isn’t covered, state the minimal uptime of the network, SLAs used to guarantee ticket completion times, and most likely, hire additional IT technicians to build, manage, and support each tenant’s network. High minimum prices for technicians to make the trip to their office would be ideal to thwart a high number of low-priority tickets.
Since many organizations implement some form of ticketing system, one could utilize their current technology in creating certain SLAs for their customers. Furthermore, one can create online help centers for end-users existing outside of their organization; this would help alleviate the number of tickets one would have to deal with.
As for the legal concerns of becoming an ISP/MSP, several areas need attention, and they vary (in the U.S.) from state to state. For starters, addressing the type of data involved with each tenant is an excellent starting task. For example, for those dealing with patient information (medical clinics), one would need to be in alignment with security standards such as ISO/IEC 27002, Health Insurance Portability & Accountability Act of 1996 (42 USC §1320-d), Gramm-Leach-Bliley Act (15 USC §6801-6809), COPAA (15 USC §6501-6506), and FTC Section 5 (15 USC §45).
Internet privacy laws are nothing to scoff at, and due to the always-increasing number of cyberthreats out there, as well as the somewhat cloudy realm of what data is allowed to be recorded and stored, one should take a deep dive into the dos and don’ts of internet privacy. I talk more about internet privacy laws in previous posts, so I won’t get too in-depth with them. For starters, here are a few to think about:
- FTC Act of 1914
- ECPA (Electronic Communications Privacy Act) of 1986
- Computer Fraud and Abuse Act of 1986
- Children’s Online Privacy Protection Act of 1998
- CAN-SPAM Act of 2003
- Fair and Accurate Credit Transactions Act of 2003
- Financial Services Modernization Act of 1999
- Digital Millennium Copyright Act
For the hardware side of things, one can provide internet services to various tenants relatively simple. Let’s say you currently have two dedicated fiber runs to your building from your ISP, which connects to your server room. By merely adding additional server racks with switches throughout the building that connect to your main server room, one would need to run data cables to each tenant, then connect, for example, a switch and a WAP (wireless access point) located in each tenant’s office. As this project can quickly expand, the scalability of both the hardware and software needs to be considered. Also, due to the possibility of an immense amount of service requests, ideally, one would want to stick with the same brand of hardware and software that can be managed in the Cloud. Proper attention needs to be paid towards, for example, limiting the broadcast range of WAPs to ensure each tenant’s wireless network is limited to their equipment only. Furthermore, using VPNs or other relevant systems, the data for each tenant should be separated from the main ISP’s data.
Overall, becoming your own ISP looks great on paper, but once the sheer realization of all the paperwork and legal issues that can arrive occurs, the increase in revenue might be better gained in merely providing basic IT services, at least at first. Creating an IT department from scratch, something I talk about quite often on this site, is an excellent first step to becoming an ISP as you will have the framework to both manage and secure each tenant’s internet connection. As with everything in the tech world, research is vital to success. Take the time to carefully draft up a business plan, form your business concept, perform both a market and financial analysis, consult with your insurance companies, talk to lawyers, and above all, don’t rush into this project without calculating the possible risks and worst-case scenarios.
I hope this helps!