The HIPAA Guide - Celebrating 15 Years Online

Key Elements of the MSP Security Stack

Getting the right tools for an MSP security stack is critical if you want to ensure your clients are well protected and your venture into managed security services is profitable. You need the right solutions in place, they must be scalable, and you will need staff well-versed in their use. Adding any new service or solution comes at a cost and requires a commitment of time to get the staff up to speed. The general rule is to keep your stack as lean as possible and have just enough solutions in an MSP software stack to get the job done. The more variety and complexity there is, the harder your services will be to manage.

While it would be convenient to offer the same MSP security stack to all clients, that is unlikely to be possible. Every client will have different security requirements and face different risks, so there is no perfect MSP security stack that will be right for all clients. What you should strive for is to get solutions in place that are the best possible fit for the clients you serve. Depending on the nature of the businesses you support, it may be necessary to have different packages of solutions to meet their needs. Clients of a particular type can be offered the same tech stack that you have deployed for similar clients. Deploying the same MSP security stack for clients of a particular type will make for efficient deployments and easier maintenance.

Your clients will have different budgets and different levels of risk tolerance. One popular approach is to provide managed security services with different service levels and varying degrees of protection. You can develop a package that offers the best of the best in security, a mid-range package, and a basic cybersecurity package that just provides the essentials.

Essential Components of the MSP Security Stack

The cybersecurity essentials package should consist of several security tools that protect against common threats such as malware, ransomware, and phishing, and address the most common attack vectors. A basic MSP security stack could include security tools in the following categories:

  • Network Security – Firewalls to block malicious network traffic and secure the network perimeter.
  • Identity Protection and Access Management –Single Sign-on, multifactor authentication, and password management tools to protect against attacks on accounts, while improving the user experience.
  • Email Security – Spam filters/secure email gateways with advanced threat detection capabilities, including phishing detection, malicious link scanning, strong antivirus, and sandboxing for detecting zero-day malware.
  • Web Security – A DNS filter that protects against attacks on DNS services, blocks access to malicious websites, and allows control over the content that users can access. The solution should include a client for installation on endpoints for extending protection to remote workers.
  • Antivirus Software – Antivirus software is a must for general endpoint protection against malware and ransomware
  • Endpoint Protection Software – In addition to antivirus software, consider adding endpoint protection. This will scan the network in addition to endpoints and can identify anomalous behavior, indicative of a compromised network or endpoint.
  • Backup Tools – The key to a swift and full recovery is to have a robust backup strategy. Deploy tools and practice the 3-2-1 approach for data backups.
  • Security Awareness Training – Consider providing security awareness training in your standard package to address human weaknesses, including conducting phishing simulations. Vendors’ training solutions are generally low-maintenance solutions where the provision of training is largely automated. Security awareness training will augment your technical defenses and greatly improve resilience to phishing attempts.

One useful approach is to follow a recognized cybersecurity framework, such as the NIST Cybersecurity Framework. You should provide solutions and services to address the five core functions: Identify, Protect, Detect, Respond, and Recover. Many MSPs focus on the protect function but would benefit from providing all clients with a security assessment to identify risks and determine exactly what needs to be protected. More comprehensive packages can be developed to provide greater protection, incorporating additional solutions and services. You may wish to add data loss prevention tools, email archiving, and vulnerability scanning, monitoring of clients’ environments, and developing a security incident and response plan.

Selecting Tools for an MSP Security Stack

When it comes to selecting the best tools for the job, the choice may seem overwhelming. Dozens of cybersecurity companies offer cybersecurity solutions, and there are hundreds of products to choose from. MSPs that are just starting to provide managed security services will do well to sign up with vendors that offer multiple solutions, and then use as many solutions from a single vendor as possible. One often experienced problem with tools selected from a wide range of vendors is compatibility. The tools were never designed to work with each other and often do not integrate well into an MSP security stack. Working with incompatible tools will add to the management burden, could result in alerts being missed, and ultimately will reduce the profitability of your services.

HIPAA
Compliance
Checklist

Simple Guidelines
Immediate PDF Download

Immediate Access

Privacy Policy

Some vendors’ solutions have been developed for SMB or enterprise use and are far from ideal for use by MSPs. Taking time to research the various solutions can save you many headaches down the line. Be sure to check business software review sites, forums, and MSP resources to find out from other MSPs what has proven to be successful and which products to avoid.

Copyright © 2007-2023 The HIPAA Guide       Site Map      Privacy Policy       About The HIPAA Guide