Followers of this site have likely heard about the "master MSP" business model. Once a dominant conversation in the channel, now something that has largely become extinct. Or has it?
Master MSPs, the Early Years
I won't recount the exact reasons master MSPs came about, but the primary reason was to enable VARs and less mature MSPs to speed up more quickly and leverage a NOC and help desk if they had no intention of building them.
For a variety of reasons, the Master MSP business model began to phase out. One reason was MSPs' ability to develop "virtual" NOCs, obviating the need to build more traditional telco-style operations facilities more typically seen during the late 1990s and early 2000s.
I make this point: the Master MSP model served a legitimate purpose for a time, and then that time passed. Today, we are witnessing a similar "master MSP" model gain momentum, this time in the form of the outsourced Security Operation Center (SOC).
Master MSSP?
All MSPs are involved in security at a fundamental level; This has been true almost from the beginning of our profession. The latest marketing trends to convince MSPs to become MSSPs are mostly a marketing message designed to sell software to MSPs.
Even if you agree with me that MSPs have been helping their clients with security since the beginning, there are undoubtedly some areas where MSPs need to update their service offerings. Developing a SOC is one of those areas. I'll explain.
What's in a SOC?
A security operation center differs in a few key areas from a network operation center (sometimes called a help desk by some MSPs). To make matters slightly more confusing, a NOC can also contain the same SOC functions, depending on its setup.
A NOC is composed of both people and software systems centrally monitoring and managing client systems and networks. The NOC can be a physical place (the traditional method), or it can be virtual (management/monitoring systems are hosted in the cloud, and the people are remote). The point is, if you are a real MSP, you have a NOC.

