The burden of cybersecurity should not be on your business. Cybersecurity should be #1 on the list of critical business practices that you look to outsource. This is why the managed security service provider (MSSP) industry grew so quickly.
What’s an MSSP?
A managed security service provider (MSSP) is a company that offers cybersecurity services to businesses. MSSPs typically provide security solutions such as threat detection and response, vulnerability management, and compliance monitoring. Some popular MSSPs include old-school businesses like ATT Cybersecurity and IBM Security. Many MSSPs are service-intensive and have a biweekly meeting cadence with their customers.
Some of the classic services you should expect from your MSSP might include:
- Bringing + integrating a SIEM
- Running threat detection and threat hunting
- Vulnerability assessments + management
- Email security
- Endpoint security
- Generalized security incident response
A Note on MSPs
It’s worth a note on Managed Service Providers (MSPs). Many IT MSPs also will serve as an MSSP for their customers. So, in addition to classic IT MSP services, including:
- Device procurement + provisioning
- Ticket tracking / help desk
- Productivity software deployment and management
your MSP will provide services from the list of the above, such as incident response and log monitoring. If you trust your MSP, it’s worth considering consolidating these purchases because it will save you having to do any integration work. Your MSP should also be able to use their traditional tools to deploy and manage security tooling.
Word to the Wise
M(S)SPs have relationships with software providers that allow them to bundle and resell licenses from these providers. The best practice for M(S)SPs is to create an individual tenant for each customer with these providers. For example, if your M(S)SP furnishes your company with Jamf, they should create an individual tenant for only your company’s devices. Your devices should not be in a Jamf instance with devices from other companies.
Many M(S)SPs do not follow this practice. If this practice is not followed, it becomes very difficult for you to migrate off of or otherwise leave the M(S)SP.
So, word to the wise: If you begin a contract with an M(S)SP, make sure, and stipulate in the contract, that all of the software they furnish you with will be in an instance dedicated to your company and that you’ll be able to take it with you in the event you decide to drop the M(S)SP.
When Should I Consider Outsourcing this Work?
There are two ways you should consider bringing an M(S)SP resource around the table for your business.
1. Outsourcing your entire IT/Security Function The first case is most relevant if you’re a small business and are not interested in hiring a full-time IT/Security resource. In this case, you should model bringing an M(S)SP around the table to take over the entire function. In these cases, you might look to your M(S)SP for additional functions, like strategic IT planning and procurement.
2. Supporting your in-house IT/Security Resources When it comes to internal resources and M(S)SPs, it’s not one or the other. If your business has brought on a full-time IT/Security hire, that person is likely covering many areas around endpoints, cloud, and maybe even physical infrastructure at your office. In these cases, the right model is to strategically bring an M(S)SP around the table to manage one of these specific functions, like endpoint provisioning and security, to provide leverage for your IT/Security department.
Summing up — M(S)SPs provide a critical function in a world of under-resourced organizations when it comes to IT/Security. There are a few different models for bringing an M(S)SP around the table you should consider, and as with anything, some sharp edges to be avoided. Outsourcing IT/Security work can be phenomenal ROI for any organization — and should be at the top of the list to ‘buy’ instead of ‘build.’