Even if you do not consider yourself an MSSP, you can add managed IT security services to your MSP service offerings in order to grow revenue and make your business more convenient for customers.

Christopher Tozzi, Contributing Editor

November 27, 2017

2 Min Read
Woman for Security story
Young Female Government Employee Wearing Glasses Uses Tablet in System Control Center. In the Background Her Coworkers are at Their Workspaces with many Displays Showing Valuable Data.

As IT security threats grow ever greater, so does demand for security services that actually work. If you’re an MSP, it’s high time to add managed security services to your service offerings.


Over the past several years, managed security services have evolved into their own sort of discipline.

Although there is no official definition of what constitutes a managed security service or how a managed service security provider (MSSP) differs from a standard managed service provider (MSP), the general consensus is that MSSPs provide threat detection and response services.

MSPs, meanwhile, can and should adhere to IT security best practices when implementing any kind of service, but security itself is not their main offering.

From MSP to MSSP

I tend to think that drawing a stark distinction between MSPs and MSSPs is a bit problematic.

If you are an MSP, there is no reason you cannot also be an MSSP.

Doing so means adding security-centric services to your portfolio of service offerings.

Making the jump is only natural.

If you already deliver services like network management, storage configuration or IT infrastructure maintenance, offering managed security services for networks, storage systems and infrastructure should be an obvious proposition.

By providing such security services for customers, you can gain business, while allowing them to rely on you for standard services as well as security solutions.

In other words, you grow revenue, while your customers enjoy one-stop shopping.

Delivering Effective Managed Security Services

Of course, to provide effective managed security services, you need to know something about security.

What you need to know varies depending on exactly which types of managed security services you choose to offer.

Securing a Kubernetes cluster is very different from securing an on-premise bare-metal server rack, for example.

That said, if you align your managed security service offerings with your other service offerings, you probably already have the requisite expertise to offer effective security services in those areas.


The bottom line: If you’re looking for ways to grow an MSP business, adding managed security offerings to your mix of services is a good strategy.

This is especially true given that security threats have reached unpredecented levels.

Organizations are now in a hyper-aware state regarding IT security, and are more keen than ever to gain assistance with their security management needs.

Read more about:


About the Author(s)

Christopher Tozzi

Contributing Editor

Christopher Tozzi started covering the channel for The VAR Guy on a freelance basis in 2008, with an emphasis on open source, Linux, virtualization, SDN, containers, data storage and related topics. He also teaches history at a major university in Washington, D.C. He occasionally combines these interests by writing about the history of software. His book on this topic, “For Fun and Profit: A History of the Free and Open Source Software Revolution,” is forthcoming with MIT Press.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like