By John Peterson
With the ever-increasing dependency on cyber-security insurance, more and more small and midsize businesses must ensure they have an adequate plan for security. In theory, this could well mean a doubling up of line items on security products. Part of the attraction of managed services providers is the ability to keep costs to a minimum while maximizing security as part of their overall IT strategy.
There is an opportunity here for managed service providers to expand their client base by working out ways of limiting costs without sacrificing service. Here are five requirements for keeping security costs down.
No. 1: Build an integrated remote monitoring and management solution. RMM solutions allow managed service providers to efficiently and cost-effectively provide IT services to their customers. Why are they necessary?
Security platforms at businesses of all sizes continue to be applied piecemeal. Various solutions, including end-point device protection managers, antivirus applications, threat analysis and protection solutions are implemented from multiple vendors. As a result, businesses are experiencing increased costs associated with managing more IT vendor point products, rather than taking a consolidated approach to RMMs and security platforms.
No. 2. A unified system is needed for monitoring, managing and securing endpoint devices. RMM solutions capable of integrating a robust, end-to-end security platform will allow managed service providers to drive down costs for their customers, remove the complexity of application and vendor management, and ultimately drive more revenue back to the managed service provider.
How can managed service providers create ways to cut costs for their customers? Rather than piecemeal security applications and policies from several disparate vendors, look to vendors that can provide a complete RMM platform addressing all facets of a business’ security needs from endpoint device protection, to network traffic protection to back-end systems that store businesses’ most sensitive assets.
No. 3: Gain platform robustness from a one-stop shop. By coupling a cyber-security platform to traditional managed service provider automation services and RMM, security and endpoint management policies become much more organized, reliable and easy to manage. Platform support is also simplified as a single vendor can offer a variety of solutions that are compatible with device operating systems and other platform protocols. Support also becomes simpler. This streamlined approach can also help mitigate cyber-security insurance costs.
No. 4: Insuring your business against cyber-threats helps. In today’s hostile cyber-environment, businesses are looking for new ways to protect their customers, their assets and their reputations. Many experts are predicting significant rises in cyber-security premiums over the next few years due to the ever-increasing instances and complexity of high-profile security breaches. Insurance companies are responding to the potential legal backlash. And with no real standardization in this newly burgeoning industry, businesses are at risk of price gouging as well confusion over what is, and is not, covered by your policy.
Delivering the most robust solution to customers is the best way to mitigate these potential risks. While cyber-security insurance can mitigate some of the risks companies may face when a security breach occurs, managed service providers can offer much more to help their customers navigate the treacherous terrain and potentially expensive world of cyber-threats and methods of securing their networks and their customers’ sensitive data. A solid, documented cyber-security risk-assessment plan can also mitigate costs and boost protection from excessive litigation in the event of a breach.
No. 5. Make a cyber-security assessment. Evaluating your customer’s cyber-security policies for weaknesses and potential breaches starts with basic blocking and tackling, such as employee background checks and robust physical security of sensitive areas like data centers and server rooms.
At the platform level, identifying the types of information being held by the organization, particularly the “crown jewels,” and prioritizing the sensitivity of the data is paramount to determining the level of protection needed.
Identifying all the endpoint devices as well as being able to track their locations offers a granular view, which enables managed service providers to determine a business’ policy toward the types of devices allowed on their secure networks of devices, particularly mobile devices and bring-your-own-device practices.
Once small and midsize businesses finalize these, and other, security assessments with their customers, they can then start planning and identifying the appropriate security solution that meets their needs.
John Peterson is vice president of enterprise product management and product marketing at Comodo, a cyber-security solution provider.