Threat Protection for MSPs
The key to managed threat protection for MSPs is layered defenses as no one security solution will be capable of blocking all threats. By providing overlapping layers of security MSPs can ensure that if one layer is penetrated, others are in place to block the attack.
There are three elements of threat protection for MSPs that should form the basis of your managed cybersecurity services: A spam filter, web filter, and an endpoint protection solution. With these three cybersecurity solutions in place, clients will be well protected from phishing, malware, and ransomware threats.
The majority of threats arrive via email, so an advanced spam filtering solution is essential element of managed threat protection for MSPs. A spam filter will filter out unwanted and unsolicited email messages. Most advanced spam filtering solutions will block in excess of 99.9% of spam email.
Most data breaches start with a phishing email. Employees respond, disclose their credentials, and their email accounts are accessed and used for further attacks on the organization. An advanced spam filter will use a variety of methods to identify and block phishing and email impersonation attacks such as SPF, DMARC, SURBLs, RBLs, Bayesian analysis, and greylisting. Outbound filtering is also important for helping to identify mailbox compromises and for data loss prevention.
Malware and ransomware are also commonly delivered via spam email. Antivirus engines in spam filters block all known malware threats and sandboxing allows suspicious file attachments to be analyzed for malicious activity in a safe and secure environment. A sandbox is essential for blocking zero-day threats.
A web filter adds another important layer to your security defenses. A web filter provides protection against the web element of phishing by preventing end users from visiting known phishing sites should they click a malicious hyperlink in a phishing email.
A web filter is also an important part of your anti-malware defenses as it will block access to websites used for malware distribution and stop drive-by malware downloads. DNS filtering is the natural choice for the MSP. This is a 100% cloud-based web filtering method with filtering taking place at the DNS lookup stage before any content is downloaded. This ensures there is no latency.
A web filter can also be used for content control and will allow MSP clients to enforce their acceptable internet usage policies and block access to high risk websites and NSFW content.
Endpoint protection solutions add another layer of security and protect desktop computers, laptops, servers, and mobile devices. These solutions should incorporate antivirus software, application controls, data loss prevention measures, and offer file encryption.
These solutions can be used to enforce security rules and protect against insider threats, such as identifying sensitive data and preventing that information from being copied or transferred. These solutions can detect anomalous user behavior and alert MSPs to a potential compromise, malware infection, or rogue employee.
Increasing Your Footprint and Profits
These three solutions should form the core of managed threat protection for MSPs and should be included in all of your cybersecurity packages. Different tiers of security can be offered to improve threat protection such as firewall-as-a-service, multi-factor authentication, security information and event management (SIEM), device management, vulnerability scanning, and incident response. These additional solutions will help you increase your footprint and revenue per client and will help to turn you into more of a strategic partner than service provider.