Automation: An Answer to the Compliance Kerfuffle

Compliance is so hot right now, and Kaseya is all over it. The provider just announced a new comprehensive audit, assessment and analysis solution that allows users to automate compliance processes and documentation according to the National Institute of Standards and Technology’s (NIST) Cyber Security Framework (CSF). 

This capability within Kaseya Compliance Manager boosts MSPs and helps them better support small and midsize clients facing the increasingly nasty and growing number of cybersecurity threats by leveraging the best practices outlined in the NIST CSF. —

According to Kaseya’s 2019 MSP Benchmark Survey, 83% of MSPs are impacted by their end-customers’ compliance requirements, and one-half assist end customers in their compliance efforts on an ad-hoc basis; yet, there’s a compliance expertise gap among MSPs, with less than one in 10 MSPs offering compliance-as-a-service solutions. 

Kaseya Compliance Manager aims to solve this issue, empowering small and midsize companies to prepare for just about any existing or future data privacy law iteration, as NIST CSF makes up the foundation for a majority of these regulations. [For example, the federal COPRA bill (US’ would-be answer to the GDPR), the CCPA, and the NY SHIELD Act — arguably the most comprehensive state data privacy regulation to date, effective March 2020).

Kaseya’s Mike Puglia

“Standards like GDPR, HIPAA and NIST CSF have a laundry list of requirements to demonstrate compliance, and oftentimes the complexity of these requirements reach beyond the expertise of IT administrators and MSPs,” said Mike Puglia, chief strategy officer, Kaseya. “Despite that fact, almost every MSP client is subject to at least one set of security or privacy rules, if not more. For most organizations, compliance with these rules is outside their skill set. This presents a huge opportunity for MSPs to step in and offer to manage the compliance process for their customers.” 

Puglia warns, however, to do so effectively, MSPs need a solution that not only helps them bridge the compliance expertise gap but also complements their multifunction capabilities so that they can capitalize on this next big managed service. This is where Kaseya Compliance Manager comes in. 

Kaseya Compliance Manager is a purpose-built, role-based compliance process automation platform. The product’s workflow engine, automated discovery, management portal, and built-in compliance document generation and archiving hand MSPs the information they need to gather, process, analyze and validate customer compliance efforts with a number of regulations and laws. 

“We built Compliance Manager to be intuitive,” said Puglia. “Regulation-specific versions of Compliance Manager, for GDPR and HIPAA for example, delve into the specific requirements and nuances of those standards without requiring the technician to have a background in data privacy or medical records. Additionally, again keeping MSPs in mind, we offer live instructor-led training, one-on-one sessions and onboarding assistance to help them get their first deployment up and running, as well as provide free unlimited technical support.”