Let’s face it, up to now enterprise security has been expensive. Small and Medium Businesses (SMB’s) tend not to deploy enterprise security platforms given the investment required. In the past, Managed Services Providers (MSPs), who support the SMBs, did not offer more than managed anti-virus and firewalls management because investing in security talent and installing enterprise security technology (SIEM, NIDS, HIDS, Vulnerability Scanning etc…) put their price points above the market they were serving. Some MSPs tried working with companies like SecureWorks and AlienVault, who promote MSP programs, but found out the hard way that the business model doesn’t work for their customer base. However, Managed Detection and Response (MDR) service providers like NetWatcher are changing this dynamic and making enterprise security affordable for the SMB and easy to deploy for the MSP (with literally no upfront investment).
Most SMBs and MSPs have deployed the security stack in figure 1 — these components, combined with a Remote Management and Monitoring (RMM) platform are generally inexpensive, easy to deploy and add great value. However, in today’s environment where the bad actors are:
…these commodity platforms are not enough.
This is why the Fortune 5000 enterprise accounts have been using the stack in figure 2 (on top of the stack from figure 1) for over 10 years. This is also why most of the security mandates, such as the HIPAA Security Rule, the GLBA Safeguards Rule, PCI-DSS, FINRA, NIST 800-171, NYCRR 500 from NY State DFS etc.., all call out the need for some or all of this technology along with all the appropriate policies and proceedures necessary to secure a customer’s data. This is also why most Fortune 5000 companies are mandating that their suppliers use an enterprise security stack–Most large corporations know that their suppliers have their data (third party law firms have contracts and patent data, accountants have tax data, application developers have code, data entry firms have customer data etc..) and they want those suppliers to have the same protections that they have deployed. In fact, some of the compliance requirements such as HIPAA require that healthcare providers push the liabilities down to their suppliers via Business Agreements (BAA). The new DFARS 252.204.7012 requirement for Department of Defense contractors has similar requirements.
So, the million-dollar question is… if customers are demanding their supply chain have an enterprise security stack and industry compliance mandates an enterprise stack what are SMBs and MSPs supposed to do if they can’t afford the tools and they can’t find/afford the security talent to run enterprise security tools?
This is why we built NetWatcher!
There is a giant opportunity here for MSPs at the moment. If you look at each vertical by employee size and count up the number of companies that fit into each just in the USA the numbers are staggering. All of these organizations are moving to a more advanced security footprint over the next several years. You also know that they will first look to their MSP partner to provide the advanced stack and if you can’t provide it, they will find a MSP that can provide the stack and manage it for them.
We built NetWatcher to enable MSPs to easily offer their own Security Monitoring / Managed Security / Managed Detection and Response service. We designed and built NetWatcher from the ground up for SMBs and MSPs. We built the service to be easy to install, easy to use for SMB/MSP IT professionals (not hard to find security analysts–although, analysts tend to love it too) and affordable. MSPs will also find the multi-tenant single pane of glass user interface where they can manage all their customers — and the ConnectWise integration very valuable.
With NetWatcher, you deploy Sensors &/or Endpoints that send indicators of compromise (events) over a secure VPN to the cloud.
Automated (cloud) “hunting” is used for creating Actionable Threat Intelligence Alarms about poor security hygiene, vulnerabilities, active exploits and malware. The service is delivered as a multi-tenant service to MSP partners & customers and is backstopped by a team of SOC analysts that become your Secure Operations Center (SOC)!
…by 2020, 80% of MSSPs will offer MDR services – Gartner MDR May 2017
Here is a quick video on how NetWatcher works. (other videos can be found here)
There are 11 easy steps to figuring out what you should charge and how to best prepare your organization to offer Managed Security Services (MSSP). You can find a more detailed article here but it comes down to the following steps:
You can download the forecasting template here: Partner Profitability Model_v1
With NetWatcher, your MSP can easily start offering Security Monitoring, MSSP and MDR services with no upfront investment. The platform is built to be understood by the IT professionals that you already have on staff. NetWatcher is built as a SaaS service so the only thing you have to install are endpoints and a sensor and this should take no more than 15 minutes (how to install).
You can also add many other offerings to your new managed security business. You can help customers with security related policies (all compliance mandates require organizations to have policies such as these). You can help customers with new proceedures such as an incident response plan. Your MPS can also offer white hat pen-testing and phishing services, as well as, cyber security training.
Become a NetWatcher MSP–Click here to join!