Getting the right tools for an MSP security stack is critical if you want to ensure your clients are well protected and your venture into managed security services is profitable. You need the right solutions in place, they must be scalable, and you will need staff well-versed in their use. Adding any new service or solution comes at a cost and requires a commitment of time to get the staff up to speed. The general rule is to keep your stack as lean as possible and have just enough solutions in an MSP software stack to get the job done. The more variety and complexity there is, the harder your services will be to manage.
While it would be convenient to offer the same MSP security stack to all clients, that is unlikely to be possible. Every client will have different security requirements and face different risks, so there is no perfect MSP security stack that will be right for all clients. What you should strive for is to get solutions in place that are the best possible fit for the clients you serve. Depending on the nature of the businesses you support, it may be necessary to have different packages of solutions to meet their needs. Clients of a particular type can be offered the same tech stack that you have deployed for similar clients. Deploying the same MSP security stack for clients of a particular type will make for efficient deployments and easier maintenance.
Your clients will have different budgets and different levels of risk tolerance. One popular approach is to provide managed security services with different service levels and varying degrees of protection. You can develop a package that offers the best of the best in security, a mid-range package, and a basic cybersecurity package that just provides the essentials.
The cybersecurity essentials package should consist of several security tools that protect against common threats such as malware, ransomware, and phishing, and address the most common attack vectors. A basic MSP security stack could include security tools in the following categories:
One useful approach is to follow a recognized cybersecurity framework, such as the NIST Cybersecurity Framework. You should provide solutions and services to address the five core functions: Identify, Protect, Detect, Respond, and Recover. Many MSPs focus on the protect function but would benefit from providing all clients with a security assessment to identify risks and determine exactly what needs to be protected. More comprehensive packages can be developed to provide greater protection, incorporating additional solutions and services. You may wish to add data loss prevention tools, email archiving, and vulnerability scanning, monitoring of clients’ environments, and developing a security incident and response plan.
When it comes to selecting the best tools for the job, the choice may seem overwhelming. Dozens of cybersecurity companies offer cybersecurity solutions, and there are hundreds of products to choose from. MSPs that are just starting to provide managed security services will do well to sign up with vendors that offer multiple solutions, and then use as many solutions from a single vendor as possible. One often experienced problem with tools selected from a wide range of vendors is compatibility. The tools were never designed to work with each other and often do not integrate well into an MSP security stack. Working with incompatible tools will add to the management burden, could result in alerts being missed, and ultimately will reduce the profitability of your services.
Some vendors’ solutions have been developed for SMB or enterprise use and are far from ideal for use by MSPs. Taking time to research the various solutions can save you many headaches down the line. Be sure to check business software review sites, forums, and MSP resources to find out from other MSPs what has proven to be successful and which products to avoid.