So you’re an MSP and you have a solid set of loyal SME customers that you have been providing excellent services to for years now. But at the back of your mind you sense a threat on the horizon, more and more of your customers are asking about the security of their environment, they are concerned about breaches and compromises they read about in the media – you sense a shift in attitude and appetite for risk.
Basically your customers are demanding more than just traditional anti-virus and a secure email gateway. They really need a comprehensive cyber solution across the entire IT infrastructure. But where to begin? Cyber security analysts are expensive and scarce, you simply don’t have tools to deliver cyber services and well, even defining what the services might look like is a challenge.
Let’s start with some fundamental statistics … according to a recent survey conducted by ConnectWise, 82% of SMEs consider security to be in the top 5 business priorities. On the other side of the coin, MSP that have developed cyber services have seen a 32% increase in revenue.
So where to begin?
Let’s consider where you are today, you probably have excellent people, processes and tools for patch management, help desk, remote monitoring and backups. How then to build the necessary cyber skills and capabilities to deliver security services?
One of the first challenges is to identify the areas of capability required to get the ball rolling. The cyber security landscape is broad and complex, there is no shortage of vendors and products offering to ‘solve’ your cyber needs. Before plunging into the mire of product offerings , let’s cut through the vendor hype and consider the immediate needs of the customer.
Put simply, the immediate fundamental priorities are to secure the customer infrastructure from immediate threats and gain an understanding of network traffic to identify potential threats and policy violations. Oh and this needs to be achieved in a cost effective way that integrates into our existing tools and processes. Easy right?
Multi-tenancy is key here. Many cyber security tools are enterprise focused and not capable of servicing multiple discrete customers. MSP’s need multi-tenanted solutions that can be deployed across their entire customer base and integrate into existing tools. Multi-tenanted tools reduce costs, are easy to support and upgrade, can scale as new customers are on-boarded and typically are extensible allowing integration with your existing environment.
So returning to the base requirements, the minimal viable service needed to meet the needs of your SME customers. As a start, the fundamentals of an effective cyber security service should include network visibility and vulnerability management to protect against continuing threats.
Network visibility should encompass traditional network monitoring to characterise traffic patterns as well as network intrusion detection to identify threats and machine learning for anomaly detection. In this context we are really talking about a network detection and response (NDR) solution.
Vulnerability management is the other key component. Regular scanning of desktop and server devices to identify existing vulnerabilities and the required patches to provide continuous protection against existing and emerging threats.
Whilst there is no shortage of tools and technologies in the cyber security realm, this two pronged approach provides the most cost effective solution to meet the needs of SME’s, the best bang for your buck’ as it were. Of course, by way of conclusion, it would be remiss of me not to mention Byte25. We have a wealth of experience in helping MSP’s make the transition to develop cyber security services, helping MSP’s to drive new revenue streams, upskill their employees and more importantly meet the needs of their existing customers.
Talk to Byte25 to see how we can help you today.