SEPTEMBER’S EQUIFAX BREACH is just the latest data security debacle to set records in size and scope. As we’ve heard so many times before, the company’s vulnerability lay not in breakthrough criminal technology, but in its failure to practice diligent patching and enforce established security measures.
That spells opportunity for channel pros willing to step up to address their clients’ security challenges and to assume patching and policing responsibilities. To those already in the service provider space, the move from MSP to MSSP may be well worth the additional certification requirements, new hires, and partnerships.
A managed security service provider, at a minimum, captures log data, understands how to read it, and sends it off to advanced specialist partners who complete more sophisticated forensics while taking responsibility for routine backups, anti-virus, patching, and user access and firewall management, as many MSPs already do. It also addresses the weakest security link in a typical organization by conducting end-user training.
Here’s a look at how two companies, using different springboards, are making the leap from MSP to MSSP.
Computer Solutions East: Differentiating Through Security
Luke Celente, managing partner of Computer Solutions East (CSE) Inc. in New Rochelle, N.Y., was feeling the pinch of managed services price wars. So, he decided to pull away from the pack racing to the bottom by becoming an MSSP.
The first step in that venture? Rebranding the firm’s services. “A lot of what we’ve been doing all along has been security-focused. It’s just not labeled that way,” says Celente, echoing a sentiment expressed by many MSPs. Starting in January, he intends to bundle backup, anti-virus, patch management, and other existing services; attach a name; and sell them as an MSSP offering.
He recognizes that current providers deliver other pieces of the security puzzle, so the next step will involve assessing the gaps. “As a big Microsoft partner, we’ll look at their enterprise security, Active Directory, mobility, and conditional access offerings.” Then he will decide what certifications and training his engineers need, and where they must partner with other providers.
The first gap to address will be filling the weakest link in clients’ security chain: employee education. “Part of meeting compliance requirements is conducting quarterly end-user training,” Celente notes. He would like to expand his team to provide that support, hopefully within the year, but will partner with others to offer that training at first.
Another gap Celente wants to pursue is log tracking and general IT forensics to supply the data for audits following a breach or breach attempt. After all, no channel pro can prevent every attack. “As an MSSP, we need to be able to capture the data, understand how to read the trail, and send it to an advanced security company that focuses on it full time,” Celente says.
He also intends to deploy mobile device management, starting with the introduction of Microsoft’s Intune product to his Office 365 customers who have implemented BYOD. “I use Microsoft as a great positioner to get that conversation started and shrink that attack surface,” Celente says, who emphasizes that providers need not do it all themselves. Penetration testing, intrusion prevention, and web proxy monitoring are three functions they can farm out to other experts.
“It’s a matter of creating your own framework and filling in the pieces internally or with partnerships, especially in the early stages. But you can make money along the way,” says Celente. “I find you become more profitable the more you partner.”