Saturday, May 18, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Security TrendMicro 

The Wrong Way to Pick a Security Vendor

admin ,

Credit to Author: Ryan Delany| Date: Mon, 14 Aug 2017 12:00:34 +0000

For a number of years, we’ve worked with and supported our Managed Service Provider (MSP) partners at Trend Micro and I’ve seen and heard a lot in that time.

Over time, we’ve noticed a few trends when it comes to MSPs choosing a security vendor to partner with, and in an effort to save you some trouble and heartache, have decided to share some insights below.

Coincidentally, it is interesting to note that there is a strong correlation between business maturity and the likelihood of choosing a particular option in this list. For example, we tend to see that less experienced MSPs usually follow the first few options, whereas more mature MSPs take on the last few approaches. In other words, MSPs tend to progress through these options during the life of their business.

The “I just let my customers handle it” approach

This is usually the first tactic when beginning the new MSP security journey. Starting an MSP business can be overwhelming. With several factors to consider, such as choosing Professional Service Automation (PSA) and Remote Management and Monitoring (RMM) tools, defining your offerings, researching and validating technical solutions, creating marketing plans and finding customers. Security is just one small, albeit important, part of an MSP offering. For that reason, many MSPs will simply leave sleeping dogs lie when it comes to security, which ultimately means leaving existing solutions and licenses in place, to deal with them at a later point in time.

Why I think this is a bad option:

  • There are probably gaps in coverage already, such as unprotected machines, out of date software, expired licenses, etc. Therefore, ignoring security translates to wasted time and effort cleaning up recurring infections.
  • Security should be a core component of any MSP solution offering. Not only does it build up the reputation of your MSP business, but it’s in the best interests of your customers. A widespread Ransomware outbreak can put a company out of business overnight, which at a minimum means a lost customer, and worst case is some nasty litigation.

The “I’ll just manage whatever the customer has” approach

This tends to be the second evolution an MSP goes through as they are growing their business. At this point, business has settled down, processes have been implemented and the machine is humming along nicely. Similar to how lightning finds the shortest path to ground when it strikes, this is the shortest path for an MSP to “offer” security without going through the effort of testing, vetting, choosing, training and implementing a consistent security solution.

Why I think this is a bad option:

  • Managing disparate security solutions is expensive in terms of technician time since they have to learn and manage multiple solutions each with their own nuances, features and consoles.
  • This puts the MSP in the position of having to deal with multiple vendors for licenses and support and tracking non co-termed expiration dates.
  • Lastly, one of the mistakes MSPs is  your customers aren’t security experts, so they shouldn’t be picking security – that’s why they hired you!

The “I don’t want to put all my eggs in one basket” approach

This one is a bit of a variation on the previous method. Essentially this is when MSPs intentionally choose to manage multiple security solutions across their customer base in the event that one solution fails, the MSP can reduce the potential impact to all its customers.

Why I think this is a bad option:

  • In addition to the reasons listed in the previous option, this is mostly outdated thinking. Security software by and large is much more reliable than it has ever been in the past, and the additional costs and burden of this approach far outweigh any potential benefits. Security vendors have shown to be pretty quick about resolving issues that have come up over the past five years.

Picking the cheapest option

In our experience in talking to partners throughout the years, this is generally one of the most common paths chosen by MSPs for obvious reasons. While it could be argued that the whole premise behind the MSP business model is to blame here, that still doesn’t make it a good choice.

Why I think this is a bad option:

  • It may be cliché, but you get what you pay for. Generally speaking, lower cost security solutions have less features or are restricted in some way. In a time when security threats are more sophisticated and rampant than ever, choosing a solution with fewer features is not the best way to protect your customers, reputation, or profits!
  • Often times the cheaper options are limited to protecting Windows PCs and servers, which means you need another product to protect Mac and Mobile devices, negating any perceived cost savings.
  • Cheaper security solutions generally come from smaller security companies that can’t always bring the resources to bear at critical times. For instance, if a virus outbreak happens in the middle of the night, they may not have support personnel to assist; if there is a false positive, it may take days or weeks to resolve; or they may simply not have a large enough global presence to properly find and neutralize threats before they strike your customers networks.

Picking the integrated option

This is probably the most common approach we see these days as RMM vendors have partnered up with one or more of the lower cost and reduced functionality security products. On paper, this sounds like a great idea but is actually fraught with many issues.

However, the main takeaways and why I think this is a bad option include:

  • The single-pane-of-glass is a myth that sacrifices significant functionality for the illusion of being able to completely manage security solutions from one browser window.
  • You get what you pay for in terms of product features, reliability, and support.
  • The integrated option isn’t always cheaper when you factor in the additional tools you need to put in place to compensate for missing features/functionality, the financial burden of having to pre-purchase licenses in bulk, and lost time trying to get support from the security vendor through the RMM vendor.
  • When you decide to switch RMM vendors, having to rip and replace the security solution because your new vendor uses a different security solution than your old one did will eat up all your profits.
  • Many RMM vendors switch the integrated option over time and MSPs end up having to rip and replace solutions across their entire customer base with no compensation from the customer or the RMM vendor.

Having a security solution deployed across your entire customer base that is independent of the RMM vendor insulates you from changes outside of your control and protects your bottom line.

http://feeds.trendmicro.com/TrendMicroSimplySecurity