4 Things MSPs Must Understand About Security Risk Automation

By Eric Weast, ECW Network & IT Solutions

Diligence is critical for MSPs and MSSPs to be successful in keeping clients secure and anticipating new security risks. Attackers constantly increase their sophistication, and threats continually evolve. MSPs must evolve with them. Their clients’ workplaces adapt to new circumstances as well – as the recent shift to work-from-home policies demonstrates – requiring protections that can always meet the most modern requirements for data and device security.

Security strategies that provide automated risk response and remediation must be a strategic consideration for any MSP today. While requisite security measures can be implemented via automated or manual solutions, automated processes offer reliably regimented approaches that eliminate manual effort (and potentially manual errors) and enable real-time responses as threats develop. Simply put, at this stage in the evolution of cybersecurity threats, automation is a must to keep up.

But before choosing a security risk automation strategy, MSPs should understand these four factors:

1. Assess each client’s risks before taking responsibility for its security.

Any security risk automation tools you select as an MSP must help clients achieve comprehensive protection. When an MSP agrees to secure a client, it often accepts certain legal responsibilities from a regulatory perspective – and also puts its reputation at risk every time it takes on a new client. Providing a security technology stack that fully defends clients across every front doesn’t just ensure better revenue and ongoing client relationships, it’s also absolutely crucial to MSPs for their well-being.

For MSPs, it doesn’t get more unpleasant than having a client suffer a breach you know you could have prevented…if only you’d held firm in requiring the right tools. Be sure to accurately assess client needs to build a security stack that addresses all vulnerabilities. Where automated solutions are essential to eliminating risk, include them as a requirement that clients must accept. Your reputation isn’t worth that risk.

2. Security risk automation meets modern security challenges with real-time responsiveness.

Security risk automation allows MSPs to prepare preset responses that will automatically mitigate risk when certain threat conditions arise. MSPs should look for ways to offer as much versatility as possible for meeting clients’ needs. For example, we use RiskResponder, a feature of BeachheadSecure, for its customization and ability to respond to a breadth of threat scenarios.

With a preset risk tolerance strategy like this, MSPs can define specific automated defensive security mechanisms to protect client data whenever risks exceed acceptable thresholds. If a set number of invalid login attempts occur on an employee-used device with access to sensitive data, for example, an MSP-set response can automatically warn the user with an alert. Then, it can take appropriate responses given the risk increase of exceeding prescribed thresholds. MSPs also can place time-based limits requiring users to reauthorize their sessions, and immediately detect and counter attempts to remove security protections, whether originating from a user or network-borne attacks. Security risk automation offers valuable protections for modern distributed workforces as well: MSPs can set geofencing-based rules to deny data access if a device travels beyond a perimeter around employees’ home offices or other set work locations.

3. Automate wherever possible, but don’t neglect required manual protections.

Where security risk automation applies, MSPs should take full advantage of the opportunity to introduce the always-on vigilant protection these solutions enable. However, be sure to remain vigilant in maintaining necessary manual security components, such as vulnerability patching.

Embrace automation, but stay focused on ensuring comprehensive security for clients, whether by automated or manual means. Automation doesn’t mean an MSP can take on a set-it-and-forget-it mentality.

4. Zero-trust models limit users’ capabilities. Trust-but-verify (and train-but-verify) models are a powerful alternative.

Zero-trust models are powerful from a security perspective, but often stifling from the perspective of a client’s employees. Consider zero-trust tactics leveraged to prevent insider threats: the result virtually eliminates a user’s ability to do anything. Instead, apply security risk automation in a trust-but-verify model. Allow activity, but uphold policies that check for risk behaviors, use alerts to warn of danger, and deny access before harm is done. Pair that with sufficient training (solutions like KnowBe4 or Breach Secure Now) that go that much-needed extra step toward ensuring client employees can better recognize potential nefarious activity.

For MSPs, the ability to demonstrate proactive customized automatic responses to security events can not only enhance relationships with current clients but also serve as a powerful competitive differentiator and boon to your business development efforts. In an industry where diligence is the recipe for success, MSPs ready to enable nuanced 24/7 protections with security risk automation hold a decisive (and growing) advantage.

About The Author

Eric Weast is the owner of ECW Network & IT Solutions, a managed services provider headquartered in South Florida.