When the service-provider types combine forces, they create a whole stronger than its parts.

Kris Blackmon, Head of Channel Communities

January 17, 2019

5 Min Read
MSP Corp M&A handshake

Managed service providers (MSPs) have offered security services as part of their core offerings for decades, but in today’s threat landscape, a managed firewall and antivirus isn’t going to cut it. Businesses need advanced tools and specialized management that most MSPs just aren’t equipped to provide.

Spinning up a managed security practice within an MSP’s existing business is a massive undertaking with a high price tag. The cost to bring on the necessary expertise and tools is just not within the reach of the average MSP. Some experts estimate that the capital costs, payroll, annual recurring costs, training and management can cost solution providers up to $1 million per year.

So how do you integrate managed security into your offerings without building out your own security operations center (SOC)? Increasing numbers of MSPs are partnering with managed security solution providers to fill that gap and bolster their recurring revenue streams. When done right, such a partnership allows the MSP to own the customer relationship and continue to provision core services while the security provider effectively acts as the partner’s SOC.


Beyond Computer Solutions’ Chris Noles

In 2017, Chris Noles, president of Beyond Computer Solutions, an Atlanta-based MSP and member of the 2018 Channel Futures MSP 501, got a call from a subcontractor friend asking if he could help a managed security provider with some on-site incident response work for a company called CARE USA. Ingalls Infosec is based in Louisiana and needed to partner with a local MSP to have some boots on the ground. BCS provided staff augmentation and migration help while Ingalls handled the breach response.

The partnership turned into a goldmine for BCS, which is now an extension of CARE USA’s internal IT department and leading the migration of the company’s data from on-premises servers to the cloud. When Noles found out that Ingalls was partnering with MSPs to provide managed detect and response services, he saw the benefit of being able to offer those services to his clients and agreed to a partnership.

In addition to IT infrastructure and help-desk services, BCS still offers antivirus, patching and backups. For clients with more sophisticated security and compliance needs, it rolls in an MDR bundle from Ingalls as part of its per-user pricing. The package includes SIEM log monitoring, a network sensor, AI-based endpoint protection and an Active Directory deception tool for on-premises or hosted cloud servers. While BCS doesn’t white-label Ingalls’ offerings, it does add the company’s service agreement as part of the managed-services contract so clients just get one monthly bill.

Ingalls InfoSec says based on a 200-endpoint client, an MSP can expect to spend less than six hours on remediation issues per month. Because Ingalls analysts curate all alerts, weed out false positives and low-impact events, and only escalate actionable security events for remediation, there’s little additional impact on …

… resources or personnel. Noles says it will naturally become part of BCS’ standard offering as the threat landscape evolves in 2019 and beyond.

It’s easy to tell an MSP it needs to partner with a specialized security solution provider, but finding that right partner can be overwhelming. Noles says it’s important to choose an MSSP partner with proven experience in breach incident response and veteran security experts that not only know how to walk the walk but can also help talk the talk with customers and prospects. That experience is critical not only for protecting clients, but knowing how to report sensitive, breached data and walk the MSP and client through that legal process.

“This is uncharted territory for traditional MSPs,” says Noles.

The MSP and MSSP have to be able to work together to protect clients before and after an attacker gains access to the network.

“The real value here is the confidence that you have the right team with the right tools so that you can quickly identify the threat vector and shut the bad guys down before they have been in the system long enough to do serious damage,” said Noles.


Ingalls Infosec’s Jason Ingalls

That road goes both ways, says Jason Ingalls, CEO of Ingalls Infosec. MSSPs have to be just as selective when choosing which managed service providers to partner with. The MSP has to be effective in responding and resolving the incidents that Ingalls finds, or no one wins.

“Our ability to spot an intrusion is only effective if the MSP who owns the client relationship is able to get it resolved in a timely manner,” says Ingalls. “Therefore it’s critical that we have tight partnerships with outstanding firms. We greatly value our partners, and BCS stands as a great example of a fantastic partner.”

Noles doesn’t think partnering with an MSSP is going to be optional for much longer. Within the next year or two, MSPs will have to start including next-generation cybersecurity solutions as part of their per-user or per-device pricing structure, or risk being pushed out of the market by those that have. For BCS’ part, the Ingalls partnership has been an unmitigated success, and he recommends them with only one reservation:

“Ingalls Infosec is definitely looking to partner with other MSPs, but I might get a little jealous.”

Read more about:


About the Author(s)

Kris Blackmon

Head of Channel Communities, Zift Solutions

Kris Blackmon is head of channel communities at Zift Solutions. She previously worked as chief channel officer at JS Group, and as senior content director at Informa Tech and project director of the MSP 501er Community. Blackmon is chair of CompTIA's Channel Development Advisory Council and operates KB Consulting. You may follow her on LinkedIn and @zift on X.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like