The nature of cybersecurity threats has become more complex and challenging than ever. Not only do current and emerging technology trends continually broaden the risks organisations face, but the unique uncertainties brought about by COVID-19 have placed even more pressure on stretched IT resources.
For SMEs, who often lack the experience and resources of larger companies, the risks can be difficult to manage. As a result, building an effective and affordable cybersecurity strategy can be beyond the scope of many organisations. The problem is that SMEs remain a primary target for cyber attacks, and partnering with a Managed Service Provider (MSP) is quickly becoming a go-to option for SMEs who recognise the importance of protecting their systems and data from attack.
But for MSPs focused on providing cybersecurity services to the SME market, success depends on establishing a best practice approach. In doing so, they should focus on a number of key areas:
Educate and inform to build trust
For many SMEs, their experience of cybersecurity breaches often comes from the high profile and very worrying incidents that make national headlines. While an understanding of the current risks can be a motivator to increase protection against attacks, MSPs should be careful to focus on a balanced education. Helping SMEs to focus on the issues most relevant to them, and the solutions that will maximise protection is key to building trust in an outsourced supplier such as an MSP.
Any SME that has worked with an external partner over the long term will testify to the importance of trust. It not only helps them in their initial choice of supplier but establishes a strong relationship that can last for many years. An MSP that delivers an informative, clear and proactive service is ideally positioned to build these lasting relationships.
Deliver real value – even when it costs more
Many SMEs already use MSPs for various key elements of their IT infrastructure. They are also quite willing to switch to a new provider that can offer a comprehensive security strategy. In fact, according to a study last year by Vanson Bourne: ‘The State of MSP Cybersecurity in 2019’, almost nine in 10 SMEs would consider using or moving to a new MSP that offered the ‘right’ cybersecurity solution. Moreover, they would pay an average of 27% more for that solution.
Get buy-in from all key stakeholders
If an MSP is proposing significant changes to change an SME’s security posture, it may require a cultural shift within the business as security policies, procedures and technologies are more effectively implemented. As a result, it’s imperative to get buy-in from all the key stakeholders from the outset – any push-back or resistance to change can risk undermining efforts to improve security. Part of this depends on the ability of the MSP to be able to define a security vision for the client that will be effective both in the present and into the future.
Recommend security measures that will maximise protection
Additional security measures like multi-factor authentication, password protection and password rotation are often viewed by SMEs as time-consuming and inconvenient to end-users. As a result, maximising protection will require the MSP not only to change this mindset but also to provide training and recommendations that will balance security with operational efficiency. It is important, for example, that SMEs and their teams are shown in sufficient detail exactly why they need to adhere to a strict security policy and why some additional measures are important.
Invest in building excellence into any cybersecurity service
Ultimately, any MSP that offers security as a proven part of its core service portfolio will have a significant advantage in the market. This can be maintained by investing in additional talent and differentiating its offering by focusing on critical issues such as ransomware, packet inspection and penetration testing. Service levels are also key, and MSPs that can deliver excellence as standard will not only help ensure customer loyalty but will also see a dividend in recommendations and customer testimonials.
Many SMEs require far better security than they currently have, and MSPs with their strong relationships with vendor partners and the ability to offer co-managed services are ideally suited to fill the role of a trusted partner. In doing so, MSPs can create a win-win situation for everyone involved: the SME sees value in significantly improving their security standards, mitigating against the risk of major issues such as downtime, data loss or reputational damage. In turn, MSPs gain long-term customer partnerships that help them to build their businesses with confidence.
Find out more about Gregg Lalle and ConnectWise here: www.connectwise.com