As a team member and one of the leaders of a premier managed service provider (MSP) here at Sikich, our path to adding a managed security service provider (MSSP) has been a very natural progression. The reasons for this include security and innovation, both of which we’ve always done.
Security needs to be a major part of even an average MSP’s offer. Patch management, antivirus management, and even backup management are security activities. User account administration, designing server and network environments with principal of least privilege, implementing strong password policy, and multi-factor authentication are also security activities. The list of MSP activities that are also security activities is long.
One of the reasons we are considered by industry standards as a premier MSP is our ability to bring innovation to client environments. We continuously evaluate new products and have a great eye for value. We discover new products that meet existing needs and quickly start to pilot and test. After validating, those become standards we roll out to the entire managed client base.
Our Transition to Managed Security Service Provider
Microsoft’s Advanced Threat Protection for Exchange Online is a great example of a mature standard that offers great security value across our client base. As soon as ATP released, we knew it made sense based upon what it solved for (zero-day threats in email links and attachments) and the upfront and ongoing cost.
An example of emerging innovation is around Microsoft Conditional Access polices as part of Enterprise Mobility and Security and Microsoft 365. Now that the Microsoft cloud has been widely adopted and data is accessible from anywhere from any device, a more granular counterbalance is needed. Take into account the level of access the user has as well as whether the user’s device is trustworthy.
Those security and innovation tenets led us to MSSP. We know behavior-based threat detection, log analysis with a SIEM, and a SOC to land, interpret and respond to that data are all needed. We have a proven track record of identifying both the need and solution.
There has been an ever-widening gap between the quality of service between different MSPs. The market demand for MSSP will accelerate that trend. Beware of those that have recently added some tools and “do security now.”
As a managed security service provider, we have a proven track record for protecting the data, cloud deployments, and network of companies like yours. We have a full-service consultancy that performs in-depth penetration testing, risk assessments, and compliance consulting. We’re not only a premier MSP, but we’re a premium MSSP as well.