Strategic IT Management: Balancing Security and Business Innovation
By Frank Picarello, Go-to-Market Advisor for Judy Security
Managed IT Services continue to evolve. The nature of the SMB needs, security requirements, compliance demands, use of technology, shifting workloads to the cloud, and hybrid work operating models are evolving both compute infrastructure as well as the business reliance on IT. For many businesses IT has become a method of success, differentiation, and a point of leverage to better compete. Gone are the days that defined IT as a necessary evil performing back-office functions. IT done right differentiates businesses regardless of industry. This differentiation in putting IT front and center can create business risk and a security threat as leading-edge use of IT naturally offers up an enticing playing field for criminals and more opportunity for employees to make mistakes.
The MSP promise to the market remains the same. MSPs provide a comprehensive managed IT service that assures high levels of availability, access, flexibility, and security. In essence, businesses using managed IT services can rest comfortably knowing that their employees can access the applications and data they need, the way they need it, securely, anywhere, anytime, on any device without compromise. MSPs help businesses leverage IT and not just serve it up checking the box.
The leading MSPs have realized that honoring the promise while leading with security is smart. In doing so, they are defining to their market that securing data, access, and the user without introducing compromises in performance is a foundational differentiator for them. In leading with security, MSPs let their market know that ultimately security matters most, and yes it definitely does. While businesses don’t want outages, performance impacts, and compromised computing, they put their business at risk if they allow for security exposures, related business risks, and compromised compliance. Security exposures not only put an MSP’s business at risk, but it can also put their customer’s business and their customer’s businesses at risk too. The implications of a less than secure operating environment are far-reaching.
MSPs should consider working with strategic vendors that provide a comprehensive security platform. In doing so, they minimize the likelihood of gaps in end-to-end security coverage and realize efficiencies in deployment, administration, and ongoing maintenance of the security platform. The cost to support a customer and end-user is lowered as the certainty of complete security support increases. This approach should not be confused with “bundling security products”. In most cases, bundling is a static, two-dimensional approach, creating a menu of options for MSPs.
Security platform providers like Judy Security offer a pre-engineered platform built with assurance of seamless integration, interoperability, and an umbrella of contiguous support that works. MSPs can rest assured that the individual security capabilities were developed and selected to operate seamlessly with other components. In the end, there is a completeness of coverage, serviceability second to none, and a model of product evolution that focuses on the MSP and their customers. It’s a model that allows any MSP, regardless of maturity, capabilities, and size, to assure “security-readiness”.
While there are many choices and possible shortcuts for MSPs to take, fundamental capabilities matter. Authentication, DNS Filtering, Password Management, Endpoint Detection and Response, and Security Awareness Training are core capabilities that must be considered. Even with these point capabilities in place, the real value is in the monitoring and response capabilities of SIEM and XDR layers. It is one thing to identify an issue, yet the real value is in monitoring, real-time awareness, and the ability to effectively act. In the end, the customer would prefer to prevent an issue by acting on a trend that might have led to one, rather than perfectly reacting to an issue that has already occurred. This is where companies like Judy Security shine and have the ability to act seamlessly as an integrated capability of the security platform creating the difference between proactivity and reactivity. The lesson is clear - don’t compromise!
While MSPs need to consider security product costs they also need to look beyond the direct cost and consider the effective cost and value of the security platform. Just because a security product promotes a low cost per license/user does not mean its effective or total cost is low. As an example, when considering minimums, license terms and most importantly the impact of the cost of technical labor to deploy, administer, and support the product is important. Lower cost products that are not pre-engineered to operate efficiently can end up costing much more than products designed to require less labor in ongoing management. Since technical labor is often the highest cost category for MSPs, products that are efficient to use typically have a lower effective cost and, as a result, offer greater value. An added benefit is that MSP’s technical resources focused on security would much prefer working on the items that add value. Effective pre-engineered platforms assure this is the case.
The need for current and complete security for MSPs and their customers is not going away and in fact becoming more important every day. MSPs that decide to work with strategic security platform providers instead of point-solution or general bundled providers will win on several fronts. A security platform that is designed to work, evolve remaining current, and be efficient in operations, assuring lower labor costs, higher gross margins, a predictably more mature platform, will allow MSPs to compete for new opportunities, protect current customers, and improve operating margins.
Using a smart pre-engineered security platform will help assure MSPs can communicate to current customers and prospects tangible benefits and a point of competitive differentiation. This is in essence “Security-led Managed IT Services”. Getting this strategy right and being able to count on it provides peace of mind, higher levels of certainty that the managed service honors the promise of security, allowing MSPs to focus more on customers, opportunities, and growing their business.