MSPs have largely leveled the playing field for SMBs, enabling these organizations to deliver an optimal customer experience and service users as handily as their larger counterparts. But underpinning this success is a plethora of customer data that must be securely captured, stored and accessed.
This presents an array of challenges for the majority of SMBs that are not well-versed in IT security. For SMBs already relying on an MSP, shifting the security burden is an easy and straightforward decision.
But the buck stops at the MSP. You must ensure your customers (and your business) are protected from data breaches, 63 percent of which, according to Verizon’s 2016 Data Breach Investigations Report, are due to weak, default or stolen passwords.
The short-term impact of a breach is downtime, lost data and interrupted sales. The long-term impact is a damaged reputation and lost revenue. The costs of not having a proper security strategy in place are high and can result in your business going under.
The Ponemon Institute’s recent data breach report estimates the total cost of a data breach worldwide to be about $4 million. The report estimates the cost of each lost or stolen record to be $158. With a typical breach impacting between 3,000 and 101,500 records, an SMB can expect a breach to cost $475,00--at minimum. This amount can easily critically or fatally wound an MSP or SMB.
Therefore, protection--both for yourself and your customers--is imperative. But knowing what you need and staying ahead of threats can be a Sisyphean task. It wasn’t so long ago, for example, that having a basic antivirus or anti-malware solution offered sufficient protection. Today, that is not enough to protect against a data breach if credentials are stolen in, for example, a phishing attack.
Today’s MSPs are well aware of how important security is to their SMB customers. Security was named the leading concern among respondents to the Kaseya 2017 Global MSP Pricing Survey--30 percent cited “Meeting Security Risks” as the top IT problem or service they anticipated their clients would need in 2017.
Not surprisingly, security is fast becoming a competitive differentiator. The survey also reports:
- More than one-quarter of MSPs in the Americas offer IAM security, and more than one-fifth of MSPs in EMEA and the Asia Pacific region do so.
- Higher-growth MSPs offer an average of eight different security-related services, compared to six for lower-growth MSPs.
- Higher-growth MSPs are almost 40 percent more likely to offer all 10 security-related services, compared to their lower-growth counterparts.
Hence, not only does the right security solution effectively protect against uncertainties; it also enables you to grow your business and in some cases retain customers, particularly those that will look beyond your MSP to meet compliance requirements.
A Two-Pronged Approach to Security
MSPs should take a two-pronged approach to security.
First and foremost, to protect your customers you must protect yourself. Internal protection is foundational and akin to putting on your oxygen mask first during an airplane emergency before helping others. There is simply no way to secure your customers if your own security practices aren’t up to snuff.
With your business protected, it’s time to think about your clients. AuthAnvil Security-as-a-Service (SECaaS) allows you to offer a host of protection options not otherwise available to SMBs.
At minimum, you must provide your customers with two-factor authentication. Most SMBs, particularly those in highly regulated industries, require additional protection. Ideally, the following features should also be offered to make the most of your identity and access security:
- Universal Directory
- Single sign-on
- Directory synchronization
- Self-service password reset
- O365 user provisioning
- Advanced policy management and control
But simply turning to a pre-packaged solution isn’t enough to add revenue, even in the high-growth end-user security market. To have real margin potential, you need a solution specifically built for MSPs.
With AuthAnvil, Kaseya makes it simple to protect your business and your customers. AuthAnvil Security-as-a-Service provides all the technology you need to protect your business and deliver the service to protect your customers--all while growing your margins. Included with the solution is remote “Go-to-Market in a Box” training to teach your staff how to market and sell two-factor authentication and single sign-on as a service to your customers.
For MSPs not ready to provide SECaaS to customers, Kaseya offers AuthAnvil MSP Protect, which features exclusive integration with a host of MSP tools to ensure your infrastructure is secure.
To learn how you can safeguard your business against cyber risk, ensure the security of your clients and quickly develop a highly profitable SECaaS practice, sign up for Kaseya’s webinar “How to Prevent a Breach That Could Take Down Your MSP.”
Joining Kaseya in 2012, Miguel Lopez brings over 20 years of experience to his role as SVP, Managed Service Providers (MSPs). In this position, he consults daily with MSPs to help them solve their clients’ business problems with technology solutions. Prior to joining Kaseya, Miguel served as the director of consulting services for All Covered, a nationwide technology services company that is a division of Konica Minolta Business Solutions USA Inc. In 2008, All Covered acquired NetCor Technologies, a leading MSP that Miguel founded and managed since 1997. NetCor specialized in serving highly regulated industries such as healthcare, CPAs, law firms and retail companies.
Guest blogs such as this one are published monthly and are part of MSPmentor's annual platinum sponsorship.