Kaseya has added a new solution to its compliance management platform that’s designed to help MSPs and IT professionals implement security plans based on the National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF).
Kaseya Compliance Manager for NIST CSF, as the system is officially known, allows users to compare current practices to CSF guidelines; generate white-label risk analysis reports identifying gaps in compliance; prepare “treatment plans” for closing those gaps complete with a scoring matrix that can be used to prioritize risks; and generate compliance summaries for use as documentation during audits.
After its initial survey of an environment, Kaseya Compliance Manager automatically rescans every month and then produces change summary reports and new treatment plans based on its findings.
“There is an incredible opportunity for MSPs to guide their customers through the growing data privacy and security regulatory space, and provide a much needed service that will also help grow their business,” said Mike Puglia, Kaseya’s chief strategy officer, in prepared remarks. “We see compliance as the next big managed service, and Kaseya Compliance Manager is built so that every MSP can capitalize on this market opportunity without the need for specialized expertise.”
One of the most widely respected standards for building and maintaining complete security strategies, NIST CSF defines comprehensive best practices for preventing, detecting, and responding to cyber-attacks. Numerous data privacy regulations, including the recently enacted California Consumer Privacy Act (CCPA) and the New York SHIELD Act, plus the Consumer Online Privacy Rights Act, a bill introduced in the U.S. House of Representatives last December, are based on NIST CSF standards.
“With Compliance Manager for NIST CSF, MSPs can now leverage a proven cybersecurity framework on behalf of their customers to safeguard them against mounting cybersecurity threats as well as put them on the road to success for adhering to new state data security regulations such as CCPA and NY SHIELD,” said Puglia in his media statement. “This product release is the latest of many new offerings in the Kaseya IT Complete platform that are purpose-built to give MSPs and IT teams the most comprehensive suite of IT infrastructure management solutions available on the market today.”
Fully 83% of MSPs support customers with compliance requirements, yet half assist end users with those mandates on an ad-hoc basis, according to Kaseya’s 2019 MSP Benchmark Survey. Less than 10% of MSPs offer compliance services presently, the same study shows, due to lack of required expertise. Kaseya Compliance Manager is designed to help channel pros without compliance-specific training turn data privacy into an incremental source of recurring revenue.
“Kaseya Compliance Manager and its many capabilities empower MSPs to ensure their small and medium-sized business customers are fully compliant with the growing list of regulatory standards worldwide, from start to finish,” said Max Pruger, general manager of compliance at Kaseya, in a press statement. “With Compliance Manager for NIST CSF, Kaseya is proud to have made it possible for MSPs and their customers to prepare for almost any future data privacy regulation and audit, while also enhancing the security of their IT environments accordingly.”
Kaseya Compliance Manager is based on technology from Kaseya’s RapidFire Tools unit, which the company acquired in September 2018. Originally called Audit Guru, the system also offers modules for meeting requirements associated with GDPR, HIPAA, and cyberinsurance policies.