MSPs recognize the need to secure their clients’ environments as part of the services they deliver, but most don’t know how to go about it. Cybersecurity requires a wide array of tools and solutions, usually from different vendors, and providers are uncertain about how to pull them all together.
“No one has a cookbook that says how to put it all together,” says Robert Boles, founder and president of BLOKWORX, an Arbuckle, Calif.-based master managed security service provider that delivers services and processes to help MSPs secure their clients’ businesses.
Boles, an executive council member of CompTIA’s IT Security Community, started his company in 2006 and has spoken to more than 5,000 MSPs in the past two years about cybersecurity strategies
Many MSPs, he said, are grappling with the same issues as the clients he used to serve—a lack of expertise and clarity about how to effectively implement cybersecurity. It’s hard for MSPs to acquire the expertise, he acknowledges, because they are too busy running their day-to-day businesses and taking care of clients.
Boles drew on his experience in security over the years to assemble the BLOKWORX 21 fundamental blocks of cybersecurity, which provide a security roadmap for MSPs that he says has been missing. The blocks are available as an infographic here.
MSP Security Challenge
Besides a general lack of expertise about how to handle cybersecurity, Boles says MSPs suffer from a common symptom that affects business clients as well. He calls it a “misguided belief that it won’t happen to me.”
This may explain why MSPs don’t regularly check security logs. “Over the last two years, I’ve been on 25 stages. I’ve asked at nearly every event how many MSPs are actively reviewing their logs daily. My unofficial poll result is about 1 percent; 99 percent are not doing what they need to do to protect their clients.”
Security logs provide a record of who logs in and out of network resources and tracks activities to determine if something unusual—and potentially dangerous—is taking place. Failure to check logs on a regular basis may allow a vulnerability or security breach to go unnoticed for some time. In the meantime, hackers can siphon off sensitive data that if exposed can hurt a business, its people, partners and customers.
Building a Security Plan
MSPs’ attitudes about logs and security in general are starting to change for the better, as a result of recent cyber attacks against MSPs, Boles said. Hackers have increasingly targeted MSPs and cloud service providers because they serve as an entry point to dozens or hundreds of other businesses.
To defend themselves and their customers, MSPs should focus on three major aspects of preparedness to deliver managed security solutions:
- Get clarity on business considerations
- Build a solutions roadmap
- Select the right vendor partners
The BLOKWORX 21 blocks roadmap is broken down into three sections. One section of 12 blocks consists of security solutions, processes and protocols that should be in place at every business. Another seven blocks focus on compliance requirements. The final two blocks deal with threat hunting and internet of things (IoT) protection.
Following a similar strategy can put MSPs on the right track to building a successful cybersecurity practice, Boles said, adding that MSPs need to understand what they can do and how into before they try to get into security. Failing to take the necessary preliminary steps could put MSPs—and their customers—in a no-win situation.
Have you joined CompTIA's IT Security Community? Register now!