MSP Cybersecurity

Transitioning to Managed Security Services: Choosing Your Security Stack

Adrien Gendre

June 03, 2021

16 min

COVID-19 put a spotlight on the importance of MSPs. The push for cloud adoption during the pandemic also highlighted the need for MSSPs, with an IDC study showing that six in 10 companies agreed that cloud growth led to managed security investments. SMBs, who are less likely to have a cybersecurity professional in-house, have the greatest need for MSPs and MSSPs.

Because of this greater demand for security, as an MSP you may be considering transitioning to managed security services or becoming an MSSP. This requires building a security stack designed for scalability to meet the increasing cybersecurity challenges facing businesses of all sizes.

Core solutions for the security stack

There’s no one-size-fits-all security stack. MSPs need a stack that meets the needs of their client base. You have to know what type of threats you are defending against and what type of assets you’re protecting.

However, there are basic areas where threats are most commonly found and that all companies need to protect: physical security of your entire system, the network’s perimeter, and data. Security systems should focus on protecting these areas and also handle incident response, prevent data leakage and loss, defend from intrusion, and offer forensics and discovery. While MSSPs need more robust stacks than MSPs, there are core solutions that are required in any security stack:

  • Email security: Email is the most common attack vector, but email security is often left up to the email client, which is usually weak. Too many users continue to struggle with recognizing a phishing email or malicious links and attachments. Offering email security provides defense against any company’s biggest attack surface.
  • Firewalls: Yes, the perimeter is moving, and there’s a greater emphasis on protecting the edge. Firewalls are still the most vital layer of defense for the network’s perimeter.
  • Endpoint security: Each device needs its own layer of security.
  • Backup/Data Loss Prevention (DLP): The increasing boldness of ransomware attacks shows the importance of having a vibrant backup and DLP system should data be locked or otherwise compromised by a threat actor.
  • DNS filtering: Corporate websites are another favored attack vector. DNS filtering protects from web-based attacks but also offers a second layer of defense for email security and phishing.

Webinar Replay: The Channel Opportunity for Microsoft 365: An MSPs Guide to Creating Managed Microsoft Services

Of course, there are other solutions that could be included, depending on customer need, such as vulnerability scanning tools, endpoint detection and response (EDR), SIEM, identity and access management, or helpdesks. But the above core solutions are the primary layers for any security stack because they cover the basics across every organization.

Important characteristics in security solutions

No matter how effective the core solutions and the different security layers are against potential threats, they have to be user friendly, or they are worthless to the MSP and the client.

  • Transparency: Security solutions should be seamless and transparent to users, and the routine involved to follow the security protocols simple. If the workflow is disrupted or the security system is too complicated, users will look for ways to bypass it, rendering it useless.
  • Simplicity: Busy MSPs need solutions that are easy to deploy, configure, and maintain.
  • Automation: Routine tasks and incident response should be automated to the fullest. Search for solutions that automate those tasks that are most time-consuming and counterproductive.
  • Analytics: Security analytics should be MSP friendly, with actionable, high-level reports about clients’ network activity.

Evaluating and choosing vendors

While the solutions are the main attraction, MSPs must choose their vendors with care. Even though a particular solution could have everything the MSP is looking for, the vendor might be a bad fit. Evaluating the vendor is as important as evaluating the solution. The goal should be for the vendor to be a long-term, trusted partner. So, when evaluating potential vendors, keep in mind the following:

  • Reputation: Talk to other MSPs, business associates, industry leaders—anyone whose opinion you trust implicitly. Ask for their opinion and advice.
  • Solutions offered: Do the solutions meet your requirements for your security stack? Will they enhance or impede other solutions in your stack?
  • Integrated features: Do the solutions include integrated features that can enhance your managed security offering? Do you need to purchase additional tools or add-ons?
  • Partner benefits: Does the vendor have a partner program? What are the perks? How can it help you scale your business?
  • Compliance: Does the vendor offer the credentials that will allow the MSP and customers to meet industry and government compliance and regulations? Can they cover data privacy laws like GDPR?
  • Cost: Does the vendor provide the solutions you need in the right price range? What is covered under the fees? Are there any hidden expenses?

Customers want security, and they want to get it in the same way they get many of their other networking solutions today: in the cloud and from their MSP. Having the ability to build the right type of security stack that will scale to customer needs will allow MSPs to make the transition to MSSPs.

To learn how to capitalize on the cybersecurity opportunity for MSPs with Microsoft 365, download the eBook, “The Channel Opportunity with Microsoft 365: An MSP’s Guide to Managed Microsoft 365 Security.”