Entegration, a managed service provider (MSP) and developer of HIPAA Secure Now, a service that helps organizations comply with HIPAA regulations, is launching the Breach Secure Now platform designed for MSPs to offer security services to their small and midsize business (SMB) clients.
Breach Secure Now, a new division of HIPAA Secure Now, is a white-label service that MSPs can brand and sell under their own label to help SMBs prevent data breaches.
HIPAA Secure Now created the new division, the first under the Secure Now brand, in response to growing concern about data breaches at smaller companies. According to a Symantec Internet Security Threat report, released last year, businesses with less than 250 employees accounted for 30 percent of targeted attacks in 2013, up from 18 percent in 2011. This increased to 41 percent when enterprises with 251 to 500 employees were added, compared with 36 percent in 2012.
“Our MSP partners have been asking for a data security service for their clients that don’t fall under HIPAA and have to worry about security,” said Art Gross, president and CEO of Entegration and CEO of HIPAA Secure Now. “We built a product similar to HIPAA Secure Now that will help small and midsize companies with security. Our partners can use this service to help their clients secure their networks and protect against breaches.”
Unlike the HIPAA Secure Now service, which is sold direct and through the channel, Breach Secure Now is a channel-only offering. The platform is scheduled for rollout on April 1.
“I know what channel partners are going through as an owner of a MSP. I know what their needs are and what their clients need. It has allowed us to build these products and services to help MSPs,” said Gross.
The security platform offers security risk assessments, security policies and procedures, and employee security training, as well as tools, including iScan Online to scan for personally identifiable information (PII) and to identify system vulnerabilities. The service also includes $100,000 in cyber-insurance coverage and breach response services, including legal, forensic, breach notification and ID/credit monitoring. The security platform scales up to 1,500 employees.
The iScan Online PII and vulnerability scanning licenses can be used by the MSP to scan desktops, laptops, servers, smartphones and tablets. The tool provides reports that show where the personally identifiable information is stored and the potential liability to the company if the device is lost, stolen or breached, said Gross.
“Educating their clients on how risks to data can lead to potentially catastrophic business consequences adds value and reinforces the MSP’s role as a trusted partner,” said Gross.
It also opens up opportunities for MSPs to educate SMBs about the need to protect PII data and protect themselves from potential lawsuits arising from breaches, said Gross. Part of the employee training focuses on protecting portable devices such as smartphones, tablets and USB drives, he added.
The security services platform also will help MSPs address the lower demand for traditional services such as hardware and software upgrades and licensing, as clients move to the cloud, said Gross. “This is a good way to replace some of those lost services by focusing on security.”
The platform also gives MSPs an opportunity to offer additional data security services. MSPs can build a scanning service around the iScan licenses, while the financial and breach response services allow the MSPs to expand their level of service offerings, said Gross. “If an MSP didn’t have forensic skills, for example, they have access to vendors that they can tap into to provide those resources. We round out an MSP offering by helping them with breach-related services.”
“MSPs like the security risk assessment because that identifies the gaps their clients have. A lot of the findings in a risk assessment show that clients may not be doing offsite backup; they don’t have disaster recovery, and they aren’t encrypting their emails or smartphones. These findings allow the MSP to help the client by selling them additional security services that remediate and lower some of those risks,” added Gross.
“The days of thinking you’re too small and hackers don’t care about us are changing and that is why the MSPs have to focus on security and helping SMB enterprises to focus on security and protect their data,” said Gross.
Gina Roos, a Channel Insider contributor, specializes in technology and the channel.