The new remote topology and security risk have upended the IT norm. Before the pandemic, 7 percent of us were working from home. That number has risen to 51 percent. Even if many of us eventually return to an office, there will always be more remote workers than before the pandemic. Our state of work has permanently changed.
With remote work comes a new remote topology. And with that remote topology comes a new security profile. The new security profile is heavily dependent on endpoint protection. Before, most of us were secure behind a corporate firewall, except for the intrepid road warriors. Now, most of us are on our own corporate islands, and the attack vectors for bad actors have skyrocketed.
We’ve seen growth in phishing sites, which have more than doubled in the past two years. Phishing is social engineering for the digital age, and the easiest and most effective way for a bad actor to install malware or ransomware onto an employee’s home PC or laptop. Once that bad actor has access to your laptop, the corporate network is next. According to Proofpoint, 88 percent of companies have been phished and phishing attacks are successful 30 percent of the time. That’s a pretty high success rate.
Endpoint protection for remote employees requires a layered security approach. Of course, you need VPN, antivirus, email protection, and web protection; however, identity management is also critical. Ensuring employees stay protected with two-factor or multi-factor authentication (MFA) is essential for keeping bad actors out. Ongoing security awareness training for employees needs to be top of mind-- do not underestimate it.
However, it’s not a matter of if a security breach happens, but when. That means SMBs and their remote workers need to be able to recover from ransomware. The most effective means to do that is with backup and business continuity. Business continuity is the last line of defense for MSSPs and their SMB clients.
The demand for Managed Security has never been higher. Most MSPs already offer endpoint protection for their clients, and many MSPs have moved to a standard endpoint protection offering for all clients. In other words, MSPs will not take on a client unless that SMB signs up for their endpoint protection plan. Assuming those two steps have been taken, there is a natural evolution to the third step – MSSP or Managed Security Service Provider.
To evolve from MSP to MSSP, you need a plan. That plan should include market research and segmentation, selecting an industry-standard security framework, and then defining your go-to-market solution along with the right sales training and incentives. Many leading MSSPs have selected NIST for their cybersecurity framework.
NIST built its best practices framework in collaboration between industry and government. The framework is often used as the basis for the MSSP security stack and includes five essential components: Identify, Protect, Detect, Respond, and Recover. Note, we can’t emphasize Recover enough.
What technology and capabilities should you consider when building an MSSP solution stack? At Axcient’s MSP Xperience, partners who are experts in the industry spoke with more than 1,000 MSPs in attendance virtually about what a best in class security should look like. Below are some components MSSPs should consider, along with an annual Cybersecurity Assessment.
- Endpoint Protection
- DNS Firewall
- Hosted Email Protection
- Patch Management
- Managed Detection & Response
- Security Awareness Training
- Vulnerability Scanning
- Network Anomaly Monitoring
- Dark Web Scanning
- Data Protection & Backup
- Cyber Insurance
- Business Continuity Plan
An MSSP helps organizations understand the security risks, build a security roadmap, and integrate products to create a complete solution.
Building a security framework for clients should be fundamental to doing business. If the managed services industry is not proactive about building robust security stacks to protect businesses, we will see more government regulation.
To stay proactive, look to build a security fabric, track endpoint to cloud, integrate your offerings, and remain current. Learn more from Axcient’s recent security report at https://axcient.com/axcient-state-of-layered-security-report/.