Endpoint Security: Protecting all endpoints, including workstations, laptops, tablets and smartphones, is an essential component of any comprehensive security strategy. Endpoint protection includes threat detection and blocking of malware, adware botnets, spam and phishing attempts. A centrally managed endpoint-security platform keeps track of which ports are in use and identifies which device or user is the source of malware when it enters the network. 

Vulnerability Management: Keeping client environments safe requires ongoing vulnerability management to identify, report and address issues that pose security risks. Network vulnerabilities typically involve configuration errors and unauthorized changes. Automated vulnerability scanning and remediation identify these issues and trigger corrective action to minimize the risks they pose and restore network compliance with security protocols. Verizon’s 2017 Payment Security Report says just 72 percent of companies have such processes in place. 

Patch Management: One of the most common methods of delivering malware is by exploiting vulnerabilities. Left unpatched, these vulnerabilities leave the door open for infections, such as WannaCry ransomware, which exploited a flaw in the Windows Server Message Block (SMB) to propagate itself. Automating the patching process is the best approach, because if users are asked to apply patches, they will often fail to do so. 

Content Filtering: Content filters pick up where antivirus tools and firewalls leave off. With content filtering in place, MSPs can build website blacklists and set rules to screen email and web-based content to prevent unwanted types of data and files from entering clients’ networks. Content filters serve the dual purpose of keeping users away from objectionable web content and blocking malicious code. 

Email Security: Hackers love email because it has proven to be one of the most successful attack vectors. Phishing is especially effective; it preys on users’ curiosity, fear and trust to trick them into clicking infected attachments and URLs. That’s why no security strategy is complete without technology that detects, blocks and isolates threats like spam and phishing. 

Threat Intelligence: To best protect clients, MSPs need a good understanding of their clients’ environments as well as the threat landscape, which evolves constantly. Besides previously identified threats that AV tools and firewalls are programmed to catch, there’s always the specter of new and emerging risks — or risks that have morphed from previous incarnations. Reliable threat intelligence helps protect clients from zero-day threats and previously unseen ransomware variants. Threat-intelligence feeds capture and compile information on new threats including where they originate, who is likely behind them, how they are delivered, and where they are likely to strike. 

Backup and Recovery: One of the most basic security practices is to back up all critical data and prioritize it for recovery, should a company ever experience a data loss as a result of a cyberattack or some other reason. This is another area in which MSPs can provide an essential service by implementing automated backup for servers, workstations, files and email, so that if ever needed, the data is recoverable. Disaster recovery as a service is a profitable add for partners; in a recent survey, two in three (66 percent) channel respondents that added DRaaS reported an increase in revenue per customer, 63 percent saw improved customer retention and 23 percent said they have won new customers.