Enhancing your MSP offering with security services

Dave Sobel

Savvy and sophisticated MSPs are always looking for ways to add additional value to their offerings and engagement with their customers. By adding value and enhancing their capabilities, MSPs are able to differentiate their service, be more proactive, and command higher margins.

Security is often discussed as one of the most commonly overlooked ways to add value, and ultimately is an exercise in risk management. One cannot simply sell “security”, as if it was a boxed product or an SKU to order. Instead, an MSP assumes more risk from their end customers by assuming the responsibility for correctly managing an infrastructure, and in doing so, commands higher profit.

Security-ServicesMSPs should look for ways to leverage their own existing toolset to deliver those services, and in doing so can enhance their services without additional cost. In general, SMB networks are not complex and we can significantly enhance a customers security and address their concerns through technology an MSP should already be familiar with.

Using log monitoring is a logical first step. Using log monitoring, such as the GFI MAX “Hacker Check”, will function very basic Host Intrusion Detection System (HIDS). For example, when a Windows machine joins a network and has either a Workgroup or other domain without an Active Directory trust, the security log will show login failures as the Domain Controller attempts to authenticate the machine to the network environment. The GFI MAX hacker check is very helpful in identifying overt attempts to brute force system services. Since it monitors the security log, it can also identify network problems and to a limited extent network un-authorized intrusion by windows machines. Looking for failed login attempts, expired passwords, wrong passwords on the Administrative account (which by default and design does not lock out after wrong attempts), and Windows machines attempting to authenticate to a domain controller - all of which can signal a security breach. By using alerting in such a manner, MSPs build intelligence into their service and remain proactive and vigilant.

Managed Anti-virus is a logical step to security, enforcing virus and malware protection. Layering patch management ensures that vulnerabilities that are exploitable are eliminated, and finally adding mail protection, such as GFI MAXMail Protection is a simple solution to the complex problem of SPAM and dangerous email. By forcing customer’s email into a cloud based “scrubbing” solution you eliminate a great deal of the dangerous and unwanted email arriving at your customers server or making it’s way into your customer’s hosted solution. This layered security approach will cover most common security scenarios.

Web Content filtering, coming to GFI Max soon, is a valuable addition to the security tool set for boundary defense - one of the most effective ways to prevent your customer’s payroll computer from going on social networking sites is to restrict its access.

As a combined bundle, this set of security services can significantly enhance the offering from an MSP and deliver that extra value to a customer. As a final thought, however, is the importance of reporting on these services, both from the perspective of billing and from a reporting perspective. Customers need to know what services are included in their service package, so a detailed contract and bill are vital to showing value month after month. Reporting on a monthly basis also shows that the services are being delivered, proving the value of the service on an ongoing basis. Ensuring the customer sees the value on every touch point will ensure a long lasting, profitable, and secure relationship!

For more information about our new Web Potection feature check out the video below!


As always if you have any thoughts to share, feel free to leave a comment below!