MSP Cybersecurity

8 Anti-Phishing Tips for MSPs

Adrien Gendre

April 21, 2022

22 min

Security is tough to prioritize for clients and managed service providers (MSPs) alike. Paying for cybersecurity can feel like a cost-sink or an insurance premium. But the reality is that cybersecurity can drive revenue for MSPs when done right. With phishing regularly claiming the highest number of victims from year to year, focusing on the provision of effective, business-oriented anti-phishing services is an excellent way to elevate your security services.

To help you deliver cybersecurity services that keep your clients secure and boost your bottom line, we gathered eight essential anti-phishing tips.

1. Make sure your anti-phishing tools are easy to configure

Cybersecurity tools often require precise configuration in order to work properly in the client's environment. Moreover, once you have configured a tool, you'll need to check to confirm everything's still set up correctly or adjust it accordingly once a week or every two weeks.

Misconfiguration is often the culprit behind security breaches, so regular check-ins are essential. That's why highly complex and configurable tools can be a problem for MSPs. If you have the time to configure such tools correctly, they can be great for your clients' cybersecurity. But over time, it's more than likely that you'll end up needing that hour or two you spent every other week configuring such solutions.

In the long run, the simpler a solution is to deploy and configure, the less your configuration will decay over time. As a result, your clients will stay safe for longer.

  1. 2. Only rely on secure email gateways (SEGs) in specific circumstances

For years, SEGs were the default anti-phishing tool. And in fact, they’re still useful in select circumstances—specifically, for on-premise email environments.

But as organizations move away from on-prem solutions in favor of the cloud’s greater scalability, agility, and availability, SEGs have become outdated. If they’re charged with protecting Microsoft 365 environments, MSPs will want to avoid SEG-based solutions because they:

  • Rely on known malware signatures and IP and domain blacklists to identify known threats, but have little to no defense against unknown threats.
  • Require a change in mail exchange (MX) records, making it a highly visible anti-phishing tool that attackers can plan around.
  • Require time-consuming maintenance, such as MX records updates, quarantine management, and continual threat monitoring.
    Download eBook to see the phishing statistics and trends that defined 2021
  1. 3. Justify your fee with proactive communication

Once you’ve identified a solution that works for you, it can be tempting to just review the reporting, confirm that the tool is catching phishing and spam emails, and attend to the other aspects of your service.

However, this renders your work invisible to the client. Make sure you schedule quarterly reviews to walk through the number of threats you protected your client against, the preventative measures you took, and your plans going forward. 

Moreover, if you’re seeing that your client or one of your clients’ employees is being hit with an unusually large volume of phishing attempts, alert your client to the situation. If a phishing email gets through your filters, it can reflect poorly on your services. Being the first to make contact about a high volume of phishing attempts enables you to warn your clients about ongoing threats and offer phishing training and education. Additionally, it shows that you’re defending your client against an active threat.

  1. 4. Phishing awareness training is a must

This can be difficult to deliver across your client base, but it’s a crucial element of your overall cybersecurity services. The human element is the weakest link in any defensive system. Not only does phishing awareness training help reduce click rates and improve the adoption of security best practices, but it’s also a visible, proactive aspect of your security offering. What’s more, some tools provide automated phishing awareness training, which can help busy MSPs save time when providing training across their client base.

  1. 5. Opt for an anti-phishing solution that simplifies remediation

Cybersecurity is a moving target. Attackers grow more advanced every year, and so do our defenses, but they don't always advance at the same rate. This gap ensures that no defense can be considered perfect. There will always be an opportunity for attackers to slip through the cracks and land a potentially devastating blow.

The last thing you want in this situation is to spend hours on investigation and response. Many anti-phishing solutions require MSPs to spend a significant amount of time searching for and remediating email threats. More than this, if a phishing threat was delivered to more than one client, you will need to repeat that process tenant by tenant. Opt for an anti-phishing solution that will both remediate threats automatically and also allow you to remediate across tenants.

  1. 6. Don’t let your client dictate the solution

When you identify a solution for an anti-phishing tool, don’t let your client change your mind simply because they prefer one tool or the other. Standardizing your cybersecurity stack is a key strategy to ensure you can provide maximum protection for your clients and for preserving your margins. 

For one, you’ll need to take time to learn the solution your client is asking for. You’ll need to see if it integrates with the rest of your stack, and spend time making that integration if it does. Then, you’ll need to set aside dedicated time to check on just that one solution and its particular quirks on a regular basis. That’s a lot of time—time you could have otherwise spent generating revenue.

Moreover, it will take time to build up expertise in that tool. While you’re still learning the ropes, it’s unlikely you’ll have an optimized implementation, potentially putting your client at risk.

  1. 7. Don’t necessarily turn down business if a client wants you to use a different solution

Nobody wants to turn down business unless they have to. Even if one of your clients comes to you with a list of cybersecurity requirements and preferred email security vendors and tools that they like to see in their environment, you can potentially persuade them to conform to your standardized stack instead.

Convey that you’ll be more cost-effective if you’re working with the stack you recommend. If you can help them transition away from an environment that doesn’t fully mesh with your stack to one that does, offer to provide guidance and support. Tell them why you’ve selected the tooling you have. 

Running a business is tough—especially if you first got into being an MSP out of a love of systems administration rather than a love of business administration. With a little bit of creativity and communication, you can find a path forward even when potential customers feel too precious about the tooling and environment they’re used to.

  1. 8. Remember that no solution is a permanent fix

Cybersecurity in general and phishing in particular are highly dynamic. Every now and again, there’s a fundamental shift in the way we do business, which results in a corresponding shift in the way that attackers target those businesses. Just look at the rise and fall of SEGs as an example.

This has two implications: First, you can’t purchase one anti-phishing tool and stop evaluating its efficacy, and second, any vendor you do purchase a tool from should emphasize and communicate ongoing development and updates on that tool.

If you’re exploring anti-phishing tools and investigating how best to deliver this service to your customers, now may be the best time to start demoing solutions to see whether they can be used in accordance with the advice provided in this article.

New call-to-action