May 07, 2020
How MSPs Can Handle Their Own Security Gaps
As more small to medium businesses turn to managed service providers (MSPs) to oversee and manage all of their IT needs, there will be an increased emphasis on hiring MSPs that focus on cybersecurity.
In a recent study titled “Underserved and Unprepared: The State of SMB Cyber Security in 2019,” out of 850 small businesses surveyed, nine out of 10 would hire a new MSP if it had “the right cybersecurity solutions.”
With the managed IT services market expected to be worth roughly $258 billion by 2022, MSPs will need to adapt to meet SMBs’ increasing security concerns and goals.
Datto’s recently released State of the MSP Report also notes that “security concerns remain a top priority for MSPs and their clients.” The report points to the near doubling of ransomware and cybersecurity incidents: from 14 percent in 2017 to 30 percent in 2019.
In this article, we take a look at how MSPs can address gaps in their security and offer their SMB clients increased peace of mind when it comes to cybersecurity.
MSPs & Cybersecurity
Among the benefits of hiring managed IT services, one of the more commonly cited reasons is network security. In addition to helping SMBs stay on top of critical network and technological updates, MSPs can also work proactively with their clients to prevent cyberattacks and network failure due to ransomware. Contract IT providers can monitor applications, hardware, and various employee endpoints.
Datto’s recently released State of the Channel Ransomware Report noted several key statistics:
- In 2019, 85 percent of MSPs report ransomware as the most common malware threat to small to medium-sized businesses (SMBs).
- One in five SMBs report that they have fallen victim to a ransomware attack. (On average, SMBs who don’t outsource their IT services report facing more ransomware attacks.)
- When it comes to ransomware attacks, MSPs say the cost of downtime is 23 times greater than the ransom amount requested. According to research, the average ransom demand is $5,900 compared to the average cost of downtime coming in at a staggering $141,000.
How Can MSPs Address Security Gaps
The emergence of Managed Security Service Providers (MSSPs) has been giving MSPs a run for their money. However, MSSPs are not a threat as long as MSPs add managed security services to their client offerings.
MSSPs are known for providing managed firewalls, intrusion detection, virtual private network, vulnerability scanning, and antiviral services. They typically offer 24/7 monitored services to clients.
To bridge the security gap, MSPs can and should:
- Partner with an MSSP: This most economical way to increase cybersecurity offerings without having to invest heavily in tools and staff is to partner with an MSSP to expand their offerings.
- Adopt an Improved Alert System: Prevent workflow congestion and delays in responding to critical incidents by investing in and adopting alerting engines and tools.
- Offer VPN: As more businesses are hiring remote workers, there is a need for increased security as employees are connecting to the network from unsecured sites. Setting up a VPN would provide clients a secure and encrypted connection for all of its traffic.
- Offer Endpoint Protection: With more employees using various devices to access secure networks, the need for endpoint protection is critical. Not only should MSPs consider ways to separate endpoint devices from the main network, but they should also implement an antivirus endpoint protection solution.
- Consider the Big Picture: Over time, it's easy to create a tech stack of cybersecurity tools that not only overlap but also create gaps in coverage. Review your strategy in addition to the tools you use, and look at how you can consolidate and adopt a more holistic approach.
As the prevalence of cyberattacks on SMBs increases, MSPs need to consider how to remain viable in an environment that will put more and more emphasis on cybersecurity needs.