Where MSPs Fit in the Cloud Security Conversation

Some industry pundits says there’s no critical information yet stored in the cloud — and that cloud security in many ways today is largely unnecessary. I guess those pundits overlooked all the Fortune 500 companies that now keep their payroll, talent recruitment, internal HR, CRM and more in the cloud. I don’t know about you, but I would consider information about my people, their salaries, potential hires and my customer base pretty critical. So how can MSPs lock down that information for customers?

To be sure, the market is ripe with opportunities for MSPs to sell advanced cloud security services. In a study of companies with 250 to 1,000 employees and revenues between $50 million and $1 billion, security was the number one critical challenge identified in moving to the cloud. (The research involved a poll of 50 cloud infrastructure service providers and managed hosters in the U.S. and Europe.) 

As increasing numbers of customers move their workloads into the cloud, offering them robust security solutions is a great way for MSPs to not only stay relevant in an evolving world but to also differentiate themselves from vanilla-flavored cloud service providers and generate a major new revenue source.

I see two immediate opportunities that MSPs could capitalize on:

• Provide direct access to your own safe cloud platform, running security as a service for customers (versus them having to run their own security onsite).
• Larger MSPs can offer a SaaS marketplace, where you host secure cloud-based services that customers can pick and choose from, like email, as well as provide safe, controlled gateways to other, more prominent software services, such as Google Apps and Salesforce.com.

The Next Big Thing

The emerging opportunity for MSPs will be to securely integrate cloud-based services with customers’ on-premise systems. Obviously, this will entail systems working together. It will also mean serving up the information that security and compliance systems and processes will require.

The popularity of SaaS has skyrocketed, with no slow-down in sight. So much so that organizations can no longer afford to treat SaaS applications as separate silos of computing. These SaaS solutions must be integrated into the overall enterprise IT environment. Of course, this integration must be seamless—especially when it comes to identity, security and compliance.

For example, your customers wouldn’t want to sync their user roles and access information from an on-premise implementation of SAP to the channel management product Catalyst. They wouldn’t even want to try. It’s just too much unnecessary work. As an MSP, however, you could configure Catalyst or any SaaS application for that matter to automatically accept the roles and attributes from your customers’ identity systems. Any changes they made in their SAP directories would immediately reflect in Catalyst.

Integrating SaaS applications with on-premise solutions needs to be done in an open, extensible way. That’s because of the sheer number and variety of platforms and technologies that SaaS applications are built on today. Otherwise, there will always be custom work involved each time a new customer is on-boarded to a SaaS application.

Yes, we here at Novell have a solution for the market: The Novell Cloud Security Service includes out-of-the-box application connectors for just this purpose. These connectors enable MSPs to integrate SaaS applications into a common management framework, regardless of platform or technology.

What’s Up Next?

Next month, I’ll look at the two prevailing MSP business models and the core capabilities required for their success. We’ll examine the need for components like single sign-on, security logging, roles management, comprehensive user activity reporting and compliance that’s just as solid for cloud-based solutions as it is for internal systems.

Dan Dufault is global director of partner marketing at Novell. Guest blogs such as this one are part of MSPmentor’s annual platinum sponsorship.