At ConnectWise 2016, CEO Arnie Bellini said if you’re selling managed services without managed security, you’re selling a hot dog without a bun. And indeed, this is true. But it is equally true that most MSPs worth their salt are already offering cybersecurity to their customers. One of our MSP clients told me, that he felt:
[I]f you’re not providing security offerings to your customers then you’re not doing your job.
But cybersecurity as a service is wide encompassing and can mean simply offering a firewall to a client’s set-up or it can mean offering full-on cybersecurity monitoring and remediation. So where are MSPs falling in this spectrum? What types of security should an MSP offer in order to do their job properly? What can MSPs do to stay on top of their client’s security? Read on to learn more
MSP managed security is already here
Today, most MSPS now have security baked into their offerings such as:
Indeed, these offerings and their lookalikes cover over 50% of the cybersecurity universe. Moreover, by simply adding tools like encryption, 2 factor authentication and password management tools, most clients can decrease their chances of being attacked by 70%.
Vulnerability won’t change. MSP customers are still at risk
What cannot be changed are the sources of vulnerability. What makes customers vulnerable is not a lack of security offerings. Instead, companies and clients remain vulnerable because of human beings. Human factors are the source of 90% of attacks. Unfortunately, no amount of cybersecurity preparation can change human behavior.
Humans are susceptible to being tricked into clicking on a malicious link or opening an infected email that looks like it’s from a friend. The future of cybersecurity might be able to find ways to expedite the remediation but not prevent the attack itself.
Critical alerting is half the battle
On a practical level, it’s impossible to stay on top of the numerous alerts which any cybersecurity monitoring tool creates. Instead, MSPs need an alerting tool that lets them know when a serious intrusion has taken place.
According to George Bardissi, CEO of the eponymous Bardissi Enterprises:
To do cybersecurity as a service, you need software to monitor and look for breaches, malicious traffic, etc. Those things create alerts. Those alerts have to go somewhere. …. There’s a lot of noise [in the monitoring] and you need alerts for high severity intrusions. That is half the battle.
Furthermore, high severity intrusions are very time sensitive. If a hacker is in the middle of infiltrating a client’s IT infrastructure, their MSP wants to be alerted immediately so they can get ahead of and avert the attacker. Fortunately, there are tools like OnPage to provide MSPs with this level of critical alerting.
Conclusion
MSPs are continuously adding to and improving their cybersecurity offerings. OnPage’s critical alerting tool provides MSPs with the necessary alerting to ensure they stay on top of intrusions. OnPage also serves as a tool that can elevate the MSPs’ offerings above the competition.
To learn 7 more MSP best practices, download our whitepaper.
What are the best Kubernetes monitoring tools in 2025? And how can you ensure alerts…
If you still think websites are a “set it and forget it” asset, your business…
You can write clean code, test obsessively, and deploy with crossed fingers…but errors always find…
Each year, Gartner’s Hype Cycle provides a powerful lens through which to view the evolving…
Managing a facility means dealing with issues at all hours, often when no one is…
Whether you’re dealing with IT issues, customer questions, or just trying to keep track of…