How does your MSP manage security?

Published:
Updated:
Most MSPs worth their salt are already offering cybersecurity to their customers. But cybersecurity as a service is wide encompassing and can mean many things.  So where are MSPs falling in this spectrum?
 
Critical alerting allows MSPs to separate noise from attack
At ConnectWise 2016, CEO Arnie Bellini said if you’re selling managed services without managed security, you’re selling a hot dog without a bun. And indeed, this is true. But it is equally true that most MSPs worth their salt are already offering cybersecurity to their customers. One of our MSP clients told me, that he felt:

[I]f you’re not providing security offerings to your customers then you’re not doing your job.

But cybersecurity as a service is wide encompassing and can mean simply offering a firewall to a client’s set-up or it can mean offering full-on cybersecurity monitoring and remediation. So where are MSPs falling in this spectrum? What types of security should an MSP offer in order to do their job properly? What can MSPs do to stay on top of their client’s security? Read on to learn more

MSP managed security is already here
Today, most MSPS now have security baked into their offerings such as:
  • firewall protection
  • antivirus software
  • antimalware protection
  • dns which is real-time link analysis to ensure users are not going to bad place
  • content filtering
Indeed, these offerings and their lookalikes cover over 50% of the cybersecurity universe.  Moreover, by simply adding tools like encryption, 2 factor authentication and password management tools, most clients can decrease their chances of being attacked by 70%.
 
Vulnerability won’t change. MSP customers are still at risk
What cannot be changed are the sources of vulnerability. What makes customers vulnerable is not a lack of security offerings. Instead, companies and clients remain vulnerable because of human beings. Human factors are the source of 90% of attacks. Unfortunately, no amount of cybersecurity preparation can change human behavior.
Humans are susceptible to being tricked into clicking on a malicious link or opening an infected email that looks like it’s from a friend. The future of cybersecurity might be able to find ways to expedite the remediation but not prevent the attack itself.

Critical alerting is half the battle
On a practical level, it’s impossible to stay on top of the numerous alerts which any cybersecurity monitoring tool creates. Instead, MSPs need an alerting tool that lets them know when a serious intrusion has taken place.

According to George Bardissi, CEO of the eponymous Bardissi Enterprises:

To do cybersecurity as a service, you need software to monitor and look for breaches, malicious traffic, etc. Those things create alerts. Those alerts have to go somewhere. …. There’s a lot of noise [in the monitoring] and you need alerts for high severity intrusions. That is half the battle.

Furthermore, high severity intrusions are very time sensitive. If a hacker is in the middle of infiltrating a client’s IT infrastructure, their MSP wants to be alerted immediately so they can get ahead of and avert the attacker. Fortunately, there are tools like OnPage to provide MSPs with this level of critical alerting.

Conclusion
MSPs are continuously adding to and improving their cybersecurity offerings. OnPage’s critical alerting tool provides MSPs with the necessary alerting to ensure they stay on top of intrusions. OnPage also serves as a tool that can elevate the MSPs’ offerings above the competition.
 
To learn 7 more MSP best practices, download our whitepaper.
0
613 Views

Comments (0)

Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.