Shifting gears: A cybersecurity journey for MSPs (Part 1)

Growing up, our family would load up the station wagon (you know, the one with the faux wood panels on the side) and set off on some great adventure. It took about 30 minutes for my siblings and me to ask, “how much longer?” I’m sure my dad wanted to set us out on the side of the road and just leave us there! I remember that my job was to read the map (the old Rand McNally kind you would fold out and could never fold back) and tell my dad where to turn. To do that, I had to know two crucial pieces of information: where we were starting and where we were going. Not quite as easy as asking Siri to give you directions!

For many MSPs, they know they need to do something about cybersecurity. Every day, it seems, there’s a new article in the news about how a company – or with alarming frequency, an MSP –has been breached. Most MSPs have taken some steps to improve their own security and to offer enhanced security offerings to their clients. But how much work is there left to do? What are the next steps?

The journey to building a mature cybersecurity offering isn’t an easy one. It’s fraught with delays, roadblocks, and detours, but the journey is always worth it!

To know where you’re going, you must know where you’re beginning. How would you rate your own internal security approach? Are you assessing yourself against a standard? Are you deploying your scarce security talent to help your clients while leaving your own environment unsecured? Are you doing enough to meet the challenges of an increasingly changing client environment?

In March of this year, many of your clients sent their workforce home to work remotely because of COVID-19. They did that quickly and efficiently, but did they do it securely? Now that a large portion of your own service delivery team is working remotely, have you revisited your own security approach?

These are all questions that need to be answered while also ensuring that your business is built to sustain through these challenging times.

In the next few weeks, we’ll be doing a blog series for MSPs. These blogs will help you think about how you should be securing your own systems and tools as well as what you need to be doing for your clients.

Over the span of this series, we’ll cover these topics:

• How, exactly, would the bad guys break into my MSP tools and use them against me?
• How would these bad actors attack my clients, and how would I know if they got in?
• What set of standards should I use to assess my own security framework to ensure that I’m getting it right?
• Do I have a playbook for when something bad happens? (And, don’t be deceived – it’ll happen.)
• How do I talk to my clients about security?
• How do I overcome their most common objections?
• How do I build a security offering that’s simple enough not to scare off clients due to price and complexity, but robust enough for those clients with regulatory and compliance concerns?

We’ll explore these topics and hope you’ll join us as we go on this journey together! Just promise you won’t ask how much further every 30 minutes, okay?

Don’t miss out on any of the new articles – check back soon for updates!

We'd love to hear your thoughts. Find us on Twitter, LinkedIn or write in to hello@perchsecurity.com

Next: Monitor for threats in ConnectWise Automate (On-Prem)