CRN Security Roundtable: How Can MSPs Better Protect Themselves?
‘I would encourage them to ensure that they’re drinking their own Kool-Aid. If you’re out there and telling the market that you’ve got a platform approach as a managed provider, you need to start at home,’ says Fortinet’s Jon Bove.
MSPs looking to thwart ransomware and insider threats must adopt the technology they evangelize to customers, according to a panel of the security industry’s top channel chiefs.
“I would encourage them to ensure that they’re drinking their own Kool-Aid,” said Jon Bove, Fortinet’s vice president of channel sales. “If you’re out there and telling the market that you’ve got a platform approach as a managed provider, you need to start at home.”
Bove’s comments came at a CRN Roundtable titled “Security: Where To Place Your Bets In 2020,” which also featured channel chiefs from Bitdefender, Check Point Software Technologies, McAfee and Palo Alto Networks. MSPs need to be taking advantage of patch management, vulnerability management, automation, orchestration, AI and machine learning to protect their own organizations, Bove said.
Too many MSPs haven’t put practical safeguards in place like firewalls, next-generation antivirus, email security, password management tools, or a SIEM (Security Information and Event Management) or SOC (Security Operations Center) since they’re too busy or distracted by their customer-facing duties, according to Michael Crean, CEO of Woodbridge, Va.-based Master MSSP Solutions Granted.
“There just isn’t enough time in the day for everything to get done that needs to get done,” Crean told CRN.
Crean recommended that MSPs in particularly focus on their internal email security, which he said has too often fallen off as people have migrated from an on-premise Microsoft Exchange Server to Office 365 or G Suite. The need for protection is actually greater when using a cloud-based email security platform since there’s no longer only a single door in, and Crean said MSPs need to account for that.
“MSPs have been so focused on taking care of their customers that they haven’t looked at themselves,” Crean told CRN. “You are a third-party risk to your customers.”
Customers are most interested in working with MSPs and MSSPs that can provide their own reference architecture about how to adopt and implement a vendor’s technology, said Ken McCray, McAfee’s head of Americas channel sales and operations. For this reason, McCray said McAfee has over the past year made it a requirement that the company’s top partners use the company’s products themselves.
“We’ve seen that the most successful MSSPs have adopted our technology and are using it within their SOC,” McCray said.
MSPs should start by putting themselves through a rigid security assessment and identifying where their gaps are, Bove said. From there, Bove said solution providers need to drink their own Kool-Aid and leverage as many integrations as possible to address the identified issues.
“There’s been quite a few very high-profile instances recently, and it is a bit surprising that the people that are focused on this as a core business [haven’t done more],” Bove said.
The process starts with creating awareness, and MSPs can leverage resources like Check Point’s 2020 Cyber Security Report to identify some of the key threats, said Frank Rauch, Check Point’s head of worldwide channel sales. At that point, Rauch said tools like Check Point’s ThreatCloud AI can help MSPs manage the threats against their own environment on an ongoing basis.
MSPs are never going to have enough people, and Rauch said it’s going to take time for partners to internally develop the skills within their own organizations to protect their most critical assets. Solution providers must have tools in place that both make them aware of potential threats as well as prevent – rather than detect – these threats since a detection-based approach doesn’t help too much, Rauch said.
“Brand is everything right now,” Rauch said. “You don’t want to be just good enough; you want to be really good at it.”
Solution providers can also leverage behavioral analytics when trying to protect their assets from insider threats, according to Karl Soderlund, Palo Alto Networks’ senior vice president of worldwide channel sales. The more businesses know about their users, he said, the easier it is to protect themselves from malicious users and anticipate what they’re going to do next to prevent something before it happens.
Top partners have said their more requested presenter at executive briefing sessions with customers is their Chief Information Officer (CIO) or Chief Information Security Officer (CISO) since clients want to hear what the solution provider is doing to secure their own environment, Soderlund said. This is especially true for partners who are working in a larger, more complex environments, Soderlund said.
All told, McCray said MSPs that are serious about sticking around for the long-haul are making big bets on their own security.
They’re investing in their business, their livelihood,” McCray said. “So if they want to stay in business and service their customers, I think they are making that investment.”