My career path has shifted in recent months, from running my own managed services company to jumping into the security space as a managed security services provider (MSSP). During this time, I’ve come to learn which tools are needed for the job and how to best utilize them to define a cyber security offering.
The tools and resources an IT security provider leverages should be tied to both securing your business and protecting your clients, which means selecting the right ones is extremely important. For any foundational security offering, I’ve found that the following five tools and components are most essential to thriving, and surviving, in this market.
1. Endpoint Protection
Today, cyber criminals are capable of attacking from all angles. What’s more, devices such as laptops, smartphones and tablets that are connected to a business’ network provide easy entry points for all types of threats. This has led to an emerging trend where traditional antivirus or antimalware is being coupled with other products or tools to provide “next-generation” endpoint protection.
As an MSP or MSSP, this allows you to better track malicious activity on the network- and endpoint-level, as well as block access attempts and other risky activity at these points of entry.
2. Basic Access Controls
Access control is a more complicated component to frame as a specific tool for security, but because of its universal applicability to security, it’s one of the most important concepts to understand. For access control to be most effective, it must provide identification, authentication and authorization capabilities. You need to be able to regulate who can view or have access to the network. Also, you should be able to pinpoint if the identity in use is authentic in order to authorize that access.
There are many tools out there that can help you manage access controls. If you need help or would like some direction, don’t hesitate to reach out to me.
3. Software and Patch Management
I originally thought of this as a core component to RMM, but I think RMM tools have become very sophisticated these days and I want to emphasize that you will be addressing software and/or patching updates whether it be with RMM or another product like IT security. Essentially, patch management allows you to update software to address vulnerabilities and better protect your clients.
It’s also important to note that you need to have a plan that the client understands as it relates to patch policy and procedure. There may be regulatory requirements and/or applications running that an update could have a direct impact on, so it’s helpful to outline this from the beginning.
Since I’ve brought up policies and procedures, I’ll add in documentation to help address this. In my opinion, this is the one category that often gets overlooked, but training videos, how to’s, configurations and asset management are all part of this. You need to be able to document everything you’re providing your clients in order to demonstrate your value or justify costs for your security offering.
5. Data Backup
When all else fails, you need to rely on most current backups to keep a business running. This goes further than just a tool or a product; it’s a process. With backup, there are a lot of different ways to go about it or things to think about, but the bottom line is that you need to offer a failsafe.
How long can a client be down before it starts negatively effecting the business, or how much data can they afford to lose altogether? You’ll want to consider having both a file-based backup and an image-based backup solution, and make this part of the process with your clients to determine Restore Point Objectives (RPOs) as well as Restore Time Objectives (RTOs).
Questions to Ask When Evaluating Tools
To consider all angles and ensure you’re picking the right tools for your offering, here are some important questions you should be asking yourselves:
- Where is the data? If you are using a vendor who provides you with access to a web portal, you need to know where they are going to store your data.
- What other tools are in the ecosystem? If a tool doesn’t integrate with your RMM or PSA, for example, does the tool still have the same value as before, or is it just another shiny object you want but don’t truly need?
- What are the support costs? Make sure you look at all the costs and resources (staff) required to support the tool, whether it’s controlled in your environment or managed by a vendor.
All in all, tools shouldn’t define your company, but they should definitely be a part of supporting the efficiency and productivity within your company. It’s OK to be picky and judicious when evaluating, but don’t spend too much time trying to find the best tool. The reality is, you’ll always be searching and adapting to the ever-changing threat landscape.
Handpicked for you:
By Lily Teplow
By Brian Downey
By Dave LeClair