IT MSP's: avoid becoming irrelevant
With over 20 years in IT, some things become apparent:
- MSP's struggle to offer meaningful security services to their clients;
- MSP's who do have security will take over your traditional revenues.
While many MSP's already offer some elements of security such as Antivirus and firewalls, there is a huge gap between these and modern security service using SOC and SIEM technologies.
SOC/SIEM industry is full of fluff and time wasting "project management". Last month I heard one prospect saying that global SOC provider spent 6 months integrating logs from MS Exchange. That's 30 seconds job to install an agent. We use a plug&play approach, not wasting the client's time.
Bellow I am sharing some elements of how we run these services.
- Plug a sensor appliance in client networks for deep visibility resulting in months of remediation activities. It's like an X-Ray machine with centralized alerting:
- Connect to client's Amazon environment and benchmark against CIS controls:
- Connect to Office 365 and discover compromised accounts:
- Search the dark web and provide a list of leaked corporate records:
- Scan the client networks for vulnerabilities:
- Install agents on endpoints:
- Most, most, most important - be able to monitor any system or application, just like Google & Facebook do. I love my Gartner top 10 competitors, but 90% of them can not do this.
Example, in one of our customer networks, we detected communications to C2 hosts in Russia. Investigation showed customer got infected from one of their 5000+ retail clients. So we've implemented a new module, in a few days, to asses the threat reputation of 5000+ clients by scanning the internet for reports of compromises, never touching client systems:
For our customers, we typically do managed threat detection & report, which is more affordable than 24/7 SOC, usually 3-8 hours per week.
For IT providers, we set up, run and manage the entire system, then white label our security analysts until the MSP builts its own security analyst team. We know that many MSP's do not have in house security expertise, hence the tailored services.
Never blame hackers, gain visibility and uplift your controls.
Z.
CEO @ Immigrant Women In Business | Social Impact Innovator | Global Advocate for Women's Empowerment
6 个月???? ??? ?? ?? ???????? ??? ?????? ???? ?????? ???: ?????? ????? ??? ??????? ????? ????? ?????? ??????. https://chat.whatsapp.com/BubG8iFDe2bHHWkNYiboeU
Freelance Mechanical Designer
7 个月???? ??? ?? ?? ???????? ??? ????? ???? ?????? ???: ?????? ????? ??? ??????? ????? ????? ?????? ??????. https://chat.whatsapp.com/HWWA9nLQYhW9DH97x227hJ
IT Manager ANZ
5 年Robert Monardes?- something possibly to look at