Increase Your MRR with Managed Security Services

If your company has made the transition from project-based IT sales and/or break-fix IT services to selling managed services, it’s a good sign that your customers understand the advantage and value of being proactive rather than reactive with their networks and IT systems. But, does your current offering really provide them with everything they need?

Many MSPs start their customers with a basic package that includes remote monitoring and management (RMM), antivirus, patch management, and backup and disaster recovery (BDR) services. This is a good foundation to improve the overall health of your clients’ networks and systems, but in light of today’s security threats and industry compliance requirements, there are several additional services your customers could use.

One area MSPs should consider expanding into is security. Even though your current managed services offering most likely already includes several security-related services, such as email filtering, antivirus, anti-malware, and system patching, managed security complements and reinforces these services in several ways. Here are six specific in-demand security services MSPs should consider offering on a subscription basis to their customers:

1. Security Awareness Training. Recently, we devoted an entire article to this topic (see, “Don’t Neglect Your Customers’ Biggest Security Threat — Their Employees”), and we touched upon key points to include in a training program as well as methods for delivering training. Security awareness is not a “one and done” event. Your customers are hiring new employees, and security threats are constantly evolving. Keeping your customers’ employees up to date with the latest security awareness training is a key part of keeping them safe and reducing the impact of threats. Companies that train their employees about cybersecurity best practices spend 76 percent less on security incidents than their non-training counterparts, according to PwC’s 2014 U.S. State of Cybercrime Survey.

2. Vulnerability Assessments. This service includes routine (e.g. monthly, quarterly, semi-annually) scanning of Internet-facing systems as well as internal networks to find vulnerabilities before hackers do. Testing also includes reporting, which summarizes the results of the current assessment, changes in customers’ security postures since the last check, and prioritized recommendations.

3. Penetration Testing. This service goes a step beyond the automated scanning tools used in vulnerability assessments. It entails using many of the same tools and techniques cybercriminals use in conjunction with a certified penetration professional to “attack” clients’ networks, workstations, and mobile devices, simulating a real-world scenario.

4. Social Engineering Testing. Similar to penetration testing, this service entails using a security specialist to “attack” a customers’ defenses, but this test focuses on employees rather than the systems they are using. For example, the tester may employ emails, web phishing, and perhaps phone-based phishing attacks to validate whether an employee avoids the trap or takes the bait by clicking a link/attachment or revealing sensitive information over the phone to an unknown caller. This test can also be used in conjunction with security awareness training.

5. Compromise Assessments. As the Internet of Things (IoT) progresses, secure perimeters are dissolving, and the traditional prevent-detect-and-respond methodology is no longer adequate. Instead of merely rebuilding compromised devices and updating patches, compromise assessments take a forensic approach to determine whether a system is really clean. These tests entail using admin credentials to log into every system using the latest static and dynamic processes and going much deeper than temp folders — into system memory where threats often lie dormant waiting for an opportunity to strike.

6. IT Policy Review and Development Services. Whether your customers need to comply with HIPAA, Sarbanes-Oxley (SOX), PCI DSS, the Gramm-Leach-Bliley Act (GLBA), or other industry regulations, they need detailed policies and procedures describing their business and IT processes. Information technology and industry regulations are always changing, so this service requires regular reviews and updates to maintain compliance.

Today’s security threats have become much more advanced, persistent, and costly than ever before. Equally concerning is that traditional security systems and techniques (e.g., antivirus, email filters, and patch updates) stop only about 40 percent of today’s attacks, according to Ars Technica. Expanding your managed services offering to include subscription-based security services is not only a smart way to help your customers protect themselves from damage caused by data compromises and losses, it’s a smart way to increase your revenue and profitability, too.

Chris Crellin, TK
Chris Crellin is senior director of product management for Intronis MSP Solutions by Barracuda. Read more Intronis MSP Solutions blogs here.