MSPs know the growing virulence of today’s cyberthreats can wreak havoc on the profitability of both their clients' and their own companies, but rest assured that a time-honored security strategy still remains valid: The sooner you can thwart an attack, the better. Blocking threats before they enter your clients’ networks is much more effective—and efficient—than coping with them after they’ve penetrated those networks and endpoint devices.
Unfortunately, finding a cost-effective internet threat vector solution that is easy to manage and reliable, and that offers superior protection, has proven a huge challenge. But now you have a powerful security option thanks to the growing availability of domain name system (DNS) servers with internet protection capabilities. DNS security services enable you to quickly establish a protection barrier outside of the network. Operating at the domain layer, these services let you finely tune your clients’ web access policies, and limit access to websites that are considered a risk to their network.
This availability is particularly timely, as it’s becoming increasingly obvious that organizations across the globe are facing a rapidly escalating network security problem. The 2017 Global DNS Threat Survey Report from EfficientIP queried 1,000 organizations around the world and found that 76% of the respondents were subject to a DNS attack in the last 12 months (compared to 74% of the respondents in EfficientIP’s 2016 survey).
By deploying cloud-based, domain layer security that protects clients externally, rather than relying solely on endpoint protection solutions, you can ensure that most internet threats are contained before they even reach your client’s network. This layered approach, with DNS protection outside the network complementing endpoint protection solutions inside the network, gives you truly comprehensive security—and at only modest cost.
Greater Security, Ease of Use Boosts MSP Profitability
DNS protection solutions are a natural fit for MSPs because they are simple, lightweight, and convenient to manage and deploy. Of course, you must not only consider the initial purchase cost of any security solution, but also the time required to install, configure and maintain that solution—and remediate any infections not detected and blocked by that solution.
This last point is critical, as it directly impacts your profitability on two levels: First, an ineffective solution that allows such infections can frustrate your clients and significantly weaken their loyalty—undermining your long-term profitability that relies on their continued patronage. Depending on the SLAs you have in place with your clients, any costs associated with downtime resulting from successful DNS attacks can also reduce your net revenues. Second, it goes without saying that the more effective a DNS protection solution is in terms of preventing infections, the more it will reduce the number of man-hours you must devote to remediation and other lost productivity tasks. Every moment your IT team has to spend cleaning up such infections translates into time that could have been spent on more lucrative and profitable activities.
When choosing a DNS security solution, the level of protection it can provide is ultimately determined by the breadth, depth and update frequency of its threat intelligence. A DNS protection product integrated with an established security vendor will be better able to identify and block malicious websites.
For example, the URL filtering employed in Webroot’s DNS Protection solution is supported by Webroot BrightCloud® Web Classification data. This URL database is the largest of its kind, and the service continually classifies over 600 million domains to update the database in near-real time, analyzing and categorizing websites at the rate of over 5,000 URLs per second.
You can also boost your efficiency (and profitability) by standardizing your security solutions and procedures across multiple client sites, minimizing the time your IT staff must spend deploying and managing those solutions. Ideally, your DNS protection product should provide some degree of integration with your existing endpoint security management console to simplify deployment and administration tasks compared to standalone DNS security solutions.
This latter point is noteworthy, as needing to master a separate management console for the DNS security solution—with an unfamiliar interface and different control functions—can significantly increase your technicians’ workload.
This guest blog is part of a Channel Futures sponsorship.
Want additional information? You can learn more about DNS security and Webroot SecureAnywhere DNS Protection by clicking here or contacting Webroot directly.