Outsourcing many of your IT requirements may be the best way to get a handle on controlling IT management within your organization. MSPs can provide a variety of services to ease the lack of personnel or expertise to perform these functions.
Some services provided by an MSP:
- Monitoring of network operations
- 24/7 remote support
- Security hardening of IT systems
- Data storage solutions
Engaging an MSP can assist with finding liabilities and challenges you may not have been aware of. They can put customized solutions in place based on your environment. Using a third-party provider can help your in-house staff focus on tasks that are within their control and scope of knowledge.
Kaseya, an IT management software company, recently experienced a ransomware attack that affected many of the companies it supports. Attackers were able to leverage a vulnerability in the VSA software, which is a remote monitoring/management tool. Using a fake and malicious file titled “Kaseya VSA Agent Hot-fix,” the automated update installed REvil ransomware on end points.
You can manage your MSP risks by doing your due diligence when searching for a provider. Look for a strong cyber risk management posture. There are some important questions to consider; for example:
- Do they have robust anti-malware protection?
- What is their patching management program like?
- Do they have an extensive threat protection model?
- What industry standards and frameworks do they follow?
- What certifications, training and skills do MSP employees possess?
How can you help to ensure that your MSP is a good fit?
Identify your needs and seek out an MSP that fulfills those needs or gaps. What are your goals? What expectations do you have for achieving those goals? You may want 24/7 support that includes on-site and remote options. Check references and reviews. Understand the costs involved for services provided. Be certain that the provider accountability is written into service agreements. How will they make good on failures?