cherezoff - stock.adobe.com
Network assessments a key plank in MSP security efforts
Industry figures call on the channel to get on top of their own networks to reduce vulnerabilities
Managed service providers (MSPs) have been urged to get a firm grip on their security estate to ensure they stay on the right side of compliance regulations and keep customers safe.
With MSPs a key target for criminals looking to exploit their position as a link between numerous customers and vendor services, the pressure is on to keep defences intact.
In the past couple of weeks, there have been warnings that ransomware remains a threat, with Ingram Micro falling victim to an attack last month, as well as the prospect of MSPs facing more scrutiny from cyber insurers and regulators.
Mark Appleton, chief customer officer for Also Cloud UK, is keen to encourage MSPs to step up their security, starting with assessing their current situation to get a clear picture of their position.
He said there was a need to give the government’s determination to improve the security posture of those providing outsourced services to customers.
“Providing outsourced IT services, such as infrastructure management, security monitoring and applications support, will now be regulated,” said Appleton. “Therefore, ensuring that your cyber security standards and technical controls, as well as incident reporting and supply chain risk management tools, are all compassing is an essential stage of preparing for increased regulation.
“For many UK MSPs, it’s not even just a matter of how much to upgrade, as they lack the visibility to see what currently isn’t meeting new standards,” he added. “How can you hope to upgrade systems when you don’t know what’s behind?”
Points of attack
Appleton said there were clear points of attack for criminals that needed to be assessed and protected.
“Endpoints are priority targets, accounting for 70% of successful breaches, as organisations onboard even more new entry points,” he said. “Cloud misconfigurations account for 15% of initial attack vectors, ensuring threats spiral further across compromised cloud environments. Managing exposure to threats across endpoints, networks, cloud-based applications and data, and other digital assets, is essential to keep costs down, but needs to be done continuously lest MSPs open themselves or clients to attack.”
Earlier this summer, ConnectSecure penned a blog post that echoed the views of Appleton, urging MSPs to be proactive around discovering their security position.
The firm warned partners they were targets and were expected to deliver the most robust security for their clients, and that a network assessment was part of that process. “The MSPs who thrive in 2025 will be those who implement systematic network security assessment strategies that turn this challenge into their strongest differentiator,” the blog post stated. “Those who continue with reactive, ad-hoc security approaches risk becoming the next breach headline.”
Others in the market have also seen the need to improve MSP security, and earlier this week, SonicWall updated a range of tools partners could deploy.
Bob VanKirk, SonicWall president and CEO, said it was helping partners evolve their position through improved security. “We’re helping partners shift from resellers to high-value security providers,” he said.
WatchGuard was also actively strengthening the tools its MSPs can offer with the launch of its Firebox Tabletop Series firewall appliances, which it designed in collaboration with partners to meet their needs.
