https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • Complete 2023 MSP 501 Rankings
    • 2023 MSP 501 50-1
    • 2023 MSP 501 100-51
    • 2023 MSP 501 150-101
    • 2023 MSP 501 200-151
    • 2023 MSP 501 250-201
    • 2023 MSP 501 300-251
    • 2023 MSP 501 350-301
    • 2023 MSP 501 400-351
    • 2023 MSP 501 450-401
    • 2023 MSP 501 501-451
    • NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Channel Futures 20: Top Tech Providers
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2023 MSP 501
    • 2023 NextGen 101
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
    • Channel Leaders Lists
  • Events
    • Back
    • 2024 CP Expo Call for Speakers
    • Channel Futures Leadership Summit
    • MSP Summit
    • CP Conference & Expo
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • Complete 2023 MSP 501 Rankings
    • 2023 MSP 501 50-1
    • 2023 MSP 501 100-51
    • 2023 MSP 501 150-101
    • 2023 MSP 501 200-151
    • 2023 MSP 501 250-201
    • 2023 MSP 501 300-251
    • 2023 MSP 501 350-301
    • 2023 MSP 501 400-351
    • 2023 MSP 501 450-401
    • 2023 MSP 501 501-451
    • NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Channel Futures 20: Top Tech Providers
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2023 MSP 501
    • 2023 NextGen 101
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
    • Channel Leaders Lists
  • Events
    • Back
    • 2024 CP Expo Call for Speakers
    • Channel Futures Leadership Summit
    • MSP Summit
    • CP Conference & Expo
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

From the Industry


Getty Images

Sponsor Content

Compliance Issues

Understanding Compliance for MSPs

  • Written by Barracuda MSP Guest Blogger
  • May 3, 2022
To successfully gain business in new verticals, MSPs need a good grasp of the standards, frameworks and other compliance issues specific to those markets.

MSPs searching for ways to differentiate and grow can often do so by providing solutions for vertical markets like government, defense, healthcare, finance, education and others. However, to successfully gain business in such verticals, MSPs need a good grasp of the standards, frameworks and other compliance issues specific to those markets.

Standards and Frameworks Are Not the Same Thing

While they are often used interchangeably, there’s a difference between a standard and a framework for compliance. Standards are a set of controls a company needs to achieve to be considered compliant with a regulation or requirement. The best practices followed to meet the standard are called frameworks.

In other words, frameworks serve as a guideline. For MSPs, the good news is that while these standards and frameworks may be pretty specific in their security requirements, service providers can tie these requirements to other security measures and technologies that would benefit clients beyond simply achieving compliance. Remember, compliance standards represent a minimum requirement, not a complete security program.

The security framework that may be most familiar to many MSPs would be the National Institute of Standards and Technology (NIST) Cybersecurity Framework. However, different organizations may have to follow different standards and associated frameworks. For example, organizations dealing with the U.S. Department of Defense must comply with the Cybersecurity Maturity Model Certification (CMMC) framework. In addition, there are several others, such as:

  • Service Organization Control (SOC) Type 2, a cybersecurity framework and auditing standard for accounting/financial operations
  • The North American Electric Reliability Corporation-Critical Infrastructure Protection (NERC-CIP) cybersecurity standards for utility providers
  • The Health Insurance Portability and Accountability Act (HIPAA) for the healthcare industry
  • The Federal Information Security Management Act (FISMA) cybersecurity framework for federal government agencies

 

Compliance Management Best Practices

Compliance management can be complex for many companies, particularly small and midsize businesses. As a result, there’s an opportunity for MSPs to take on the compliance management role as part of their security services, but doing so requires that the MSP be fully educated on those standards and frameworks, and ensure their systems are also compliant.

MSPs should follow industry frameworks such as NIST and ISO internally and within their security and services portfolio. That should also include continuous monitoring and reviews to maintain compliance as the solution portfolio evolves.

Staff should be educated on the specific standards and frameworks for the targeted vertical market, including ongoing training to stay current with industry best practices. That background will be critical for demonstrating to clients that the MSP can help with their compliance management needs.

To that end, MSPs will need to research those pain points and how their services and technology offerings could help. For example, compliance is generally not a core competency for smaller businesses. Still, they may have particular needs when it comes to compliance, such as records retention or meeting response and reporting requirements related to data loss or security breaches.

Centralized security management and monitoring technology will also be necessary for compliance, as most standards require a greater level of visibility than many SMBs can achieve on their own. For security-centric MSPs, that type of cybersecurity framework is also essential for meeting their service level requirements.

MSPs should conduct regular internal audits to ensure their internal systems are adequately secured and that their service and technology offerings to clients are still fully compliant with industry standards.

Compliance management also comes with risk, so MSPs should evaluate insurance options that can protect them if they were subject to liability related to regulatory fines or penalties levied against a client after a security incident.

Providing compliance services to clients in new vertical markets presents a profitable opportunity for MSPs, offering a way to build on their security solutions portfolio. Moreover, vertical specialization can pay big dividends for those who can invest in the technology and education required to take on compliance management.

Chris Crellin is Senior Director of Product Management for Barracuda MSP, a provider of security and data protection solutions for managed services providers, where he is responsible for leading product strategy and management.

 This guest blog is part of a Channel Futures sponsorship.

Tags: MSPs From the Industry Intelligence Vertical Markets Barracuda MSP Sponsor Content

Most Recent


  • John DeLozier, ConvergeOne, people on the move
    Channel People on the Move: HP, 8x8, Five9, Nitel, RapidScale, More
    New hires and promotions featured here also include Bridgepointe, C1, Telarus, Kore and many more.
  • Ingram Micro partners adapt to world of AI/ML
    7 Trends Impacting Ingram Micro Partners: Marriage of AI, Data Looms Large
    Are the distributors and cloud hyperscaler going to be friends in the long term?
  • Nutanix partner program changes
    Nutanix Partner Program Sees More Changes, Vendor Touts ‘Channel-Led’
    We quizzed channel head Dave Gwyn about the additions, and the language around Elevate.
  • content marketing gap
    Mind the Trust Gap: Content Marketing Falls Flat with Majority of Decision-Makers
    Informa Tech’s first Trust in Marketing Index shows how current content marketing practices are missing the mark.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Cybersecurity terms
    How to Make Sense of the Alphabet Soup of Cybersecurity Terms
  • Woman on phone
    How Unified Call Recording and Voice AI Improve the Customer Experience
  • Map of the United States
    Cyber Defenses Must Rise to Meet Increasing Cyber Threat Levels
  • secure remote access
    Virtual Engine Partners with Corel to Drive New Customers

Upcoming Events

View all

Channel Futures Leadership Summit

October 30, 2023 - November 2, 2023

Channel Partners Conference & Expo

March 11, 2024 - March 14, 2024

Channel Futures Leadership Summit 2024

September 17, 2024 - September 19, 2024

Galleries

View all

Channel People on the Move: HP, 8×8, Five9, Nitel, RapidScale, More

October 3, 2023

7 Trends Impacting Ingram Micro Partners: Marriage of AI, Data Looms Large

October 2, 2023

Nutanix Partner Program Sees More Changes, Vendor Touts ‘Channel-Led’

October 2, 2023

Industry Perspectives

View all

Partners Balance Multicloud Opportunity, Complexity

September 25, 2023

Why Conversational AI Matters for Your Customers and How It Can Boost Your Revenue

September 15, 2023

The 5 Ds that Lead to Unplanned Business Sales

September 13, 2023

Webinars

View all

MSP 501: Leadership in Cybersecurity

October 19, 2023

DE&I: Find the Balance that Works for You

September 7, 2023

Above and Beyond with the NextGen 101ers

August 30, 2023

White Papers

View all

6 UCaaS Reseller Challenges and How Real World Businesses Solved Them

February 1, 2023

Frost Radar: North American UCaaS Market, 2022

February 1, 2023

The Complete Guide to White-Label UCaaS for Reseller Success

February 1, 2023

Channel Futures TV

View all

Coffee with Craig and James Episode 129: ZLH Enterprises

Coffee with Craig and James Episode 128: Channel Partner Strategies Intelligence Service

August 25, 2023

Coffee with Craig and James Episode 127: Expereo, Movie Night Returns

August 18, 2023

Coffee with Craig and James Episode 126: ARG

July 28, 2023

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X