With the onslaught of cyber-incidents that have made headlines this year — WannaCry, NotPetya, Wikileaks CIA Vault 7, Cloudbleed, and the Equifax breach, just to name a few — it’s easy to understand why many companies are feeling under protected. MSPs can also feel overwhelmed, especially after being inundated by so many data protection and security products claiming to be the ideal solution to today’s threats.
Becoming a comprehensive data protection and security solution provider doesn’t have to be a daunting process, though, if you follow a few key principles.
The winning team: Multi-vector data protection and security
There are many products available today that do one or two things well to protect data or secure devices. Some file-based backup products, for example, do a good job of backing up data to the cloud. And, some antivirus products do a good job of protecting networks from known malware signatures. The problem with the first product is that if a customer suffers a server failure, you’ll have to build a new server from scratch, re-install the OS and drivers, and restore the customer’s entire data set from the cloud. Very few customers can afford to be without their data for that amount of time. Plus, you’ll have to charge a hefty fee to pay for your labor, which will only add to an already tense situation.
The same principle holds true for using point security products like AV software. It doesn’t have the ability to address other attack vectors such as zero-day exploits or poor user choices such as clicking on email links embedded in the latest phishing schemes.
To properly protect your customers, look for comprehensive data protection solutions that include a wide range of capabilities, such as file-based and image backup, on-premises and cloud backups, and virtual machine backup and recovery support. On the security side, look for a next-generation firewall, which should include features such as a virtual firewall, intelligent traffic regulation, advanced threat protection, multiple antivirus engines, and an IDS (intrusion detection system) and IPS (intrusion prevention system) to protect your customers against malware, ransomware, and zero-day exploits.
A competitive advantage: Make sure it can all be managed from one screen
If there’s one thing we can learn from this year’s cyberattacks and data breaches, it’s that no security plan is 100-percent perfect. However, being able to quickly detect a persistent targeted attack or a breach can go a long way in mitigating the damage. If you have to manually log into multiple portals to review customers’ backups and security alerts, it’s going to be time-consuming and costly to sustain. In most cases, these manual steps become lax over time until an emergency occurs that catches your staff off guard.
It’s also important that your solutions can be fully managed remotely. Ideally, you should look for solutions that enable you to see everything from one screen. Color-coded dashboards that allow technicians to quickly scan a page and hone in on red processes (e.g. failed backups or persistent security threats) are preferred. Even better are managed solutions that automatically alert technicians when processes fall outside acceptable thresholds. For instance, if a customer’s web server receives a 100x traffic spike late at night, an automated alert can help a technician investigate the root cause and take action before the server becomes overwhelmed and crashes.
Your star player: A vendor that’s invested in your success
Just about anyone can name 10 software programs they use on a regular basis without ever corresponding with the software manufacturer. While that may be perfectly fine for your accounting, CRM, and basic office programs, it should not be the case with the manufacturer of the data protection and security solutions you’re using for your customers. If your vendor meets the criteria mentioned earlier (e.g., multi-vector protection and remote management from a single screen), there’s a good chance it has additional resources that can help you, such as:
- Educational tools. Technology is constantly evolving and improving, and it’s difficult to keep up with the latest trends and threats. Your vendor is focused on one subset of your business, which enables it to gather a lot of valuable data points about best practices that you can learn from.
- Support. If your staff gets stuck on a customer problem or perhaps multiple customers get hit with the same data protection or security challenge at once, vendor support can be a lifesaver. In addition to choosing vendors with US-based support, look for ones that offer support hours that correspond with your customers’ needs.
- Complementary services. Sometimes customers have data protection or security needs that are simply beyond your current skillset or staff size. Rather than turning down a customer request and giving away business to a competitor, find out if your vendor offers complementary security or data protection services, such as data recovery, NOC (network operation center), or SOC (security operation center) support.
October is National Cyber Security Awareness Month, which the Department of Homeland Security created to raise awareness about the importance of cybersecurity. What better time is there than this month to take stock of your security and data protection offerings and strategy and make changes that remind your customers why you’re their trusted advisor and MSP.
Brian Babineau is senior VP and general manager at Barracuda MSP. Read more Barracuda MSP guest blogs here.