I believe we are at the point where security must be addressed by managed service providers (MSPs), regardless of their service or market vertical expertise. The threats MSPs and their customers face is an undeniable reality. How MSPs address these threats, however, can vary depending on a number of factors. Here are a few examples.
Security Awareness
MSPs, especially smaller firms, used to be comfortable with handling a lot of different IT management tasks, including security. Firewall management, for example, has been a very common managed service for MSPs, even those not considering themselves “security experts.”
Today, MSPs need to have awareness and knowledge of security threats, regardless of whether they deliver any managed security offerings. The persistent and varied threats facing both “external” customers and “internal” MSP organizational risks are increasing each day. MSPs must maintain a general state of awareness and threshold knowledge about security in order to deliver even basic managed services.
Internal Expertise
The value proposition, back in the day, used to be that MSPs had a deep bench of talent to service customers who did not have such access to technical staff and tools. The same is true today. However, the skill sets and requirements for technical talent have evolved.
Today, we have a much wider array of technology and threats. MSPs have a lot more tools they can use and the risks facing MSPs and their customers has certainly increased. For this reason alone, MSPs who previously never offered security managed services must develop at least a basic knowledge and awareness of security in order to be relevant in today’s managed services world.
Partner or Referral
If you make the strategic decision not to offer security services (and there are some MSPs who arrive at this conclusion), you need to at least have a business partnership or referral strategy. Using a partner or referring the business out can make a lot of sense. It keeps your MSP practice focused on what you’re good at, but at the same time allows you to meet the security needs of your customers.
We live in a risky online world. Cyber threats are everywhere and they are only increasing in frequency and severity. MSPs must meet those cyber challenges. Either they will develop those skills internally or they must partner with companies who can assist them.
The security challenges are coming; whether you’re ready for them or not.