Why the hosted model makes more sense for growing MSPs
Remote monitoring and management (RMM) tools, closely followed by professional services automation (PSA) tools, are an MSP’s bread and butter. RMM plays an integral role in helping IT professionals monitor and manage clients’ endpoints and networks, deliver service and track issues.
Illustration: Karthikeyan Ganesh
Remote monitoring and management (RMM) tools, closely followed by professional services automation (PSA) tools, are an MSP’s bread and butter. RMM plays an integral role in helping IT professionals monitor and manage clients’ endpoints and networks, deliver service, and track issues.
A comprehensive RMM system will also integrate with ticketing management systems and other tools. PSA tools help MSPs manage their internal business and provide complete visibility into all operations, from finance and HR to sales to client management and ticketing. PSAs can also automatically follow up with prospects, track, document, and route tickets.
During the pandemic, MSPs have been busier than ever, as organizations working remotely outsourced much of their technology so they could continue to keep their operations running. MSPs have also proven beneficial to organizations facing a shortage of tech talent, long a problem in the industry.
In a September 2020 report by research firm Gartner, the firm noted that many customers are struggling to hire internal IT staff with the right skills for such a migration, chiefly IaaS. Gartner recommends that these customers consider working with MSPs to fill the skills gaps that enable a smooth cloud transition.
Securing the business
If the pandemic demonstrated anything, it was the power of the cloud and MSPs’ ability to provide 24/7 support. That raises the issue of security when using hosted SaaS tools.
RMM tools can support secure client operations with automatic patching, policies, and configurations. They can also monitor for any unusual behavior on endpoints, which can reveal security issues.
As Charles Weaver, CEO of the MSPAlliance noted, the days of having a firewall are over. Because MSPs have access to sensitive customer information and systems, they are also targets for hackers—so protecting internal systems is important, too.
Even though firewall management was a standard managed services offering for years, it is no longer deemed sufficient for protecting MSPs—or their clients—from growing threats.
Today, more MSPs rely on SIEMs (security information event management) to protect endpoints. They are also using extended detection and response (XDR), which enables an MSP to extend the capabilities of the endpoint devices they use and review, analyze, correlate, and respond to security events without having to rely solely on a fully staffed security operations center (SOC) or network operations center (NOC).MSPs are starting to get into XDR as a new managed service offering, according to Weaver. Using SIEM and XDR combined are the future of managed services best practices, he maintains.
In fact, MSPs will soon be expected to have these next-generation security solutions to protect their own IT resources to safeguard their organization. Adding SIEM and XDR technology to the equation gives MSPs the ability to secure both their operations and their clients without having to add more costly cybersecurity personnel.
Other tips to keep hosted data secure
To keep hosted data secure, make sure your provider offers end-to-end encryption. It ensures that at every point along the way between servers, information is locked and cannot be accessed without the use of a key. It also helps prevent hacking and security breaches.MSPs can go a step further and add another granular level of access to certain authorized users to view information. This way, even if someone manages to get a file, they can’t access the data on it unless they are listed as an authorized user.
Layered security is a smart approach MSPs can use. One way to add layers of protection to sensitive data is to encrypt specific types of information within files. So if you encrypt a client database, you might also opt to require passwords to access specific pieces of information within that database, such as social security numbers or credit card numbers.
This granular encryption ensures that the most sensitive data is safe even in the event of a security breach at the level of the server or even the file itself.
Of course, the ultimate security measure is for MSPs to delete client data when it is no longer needed. An example here might be when a client asks to be removed from a mailing list.RMM and PSA software go hand-in-hand, and they are both important parts of running a successful MSP business. Good RMM and PSA tools should integrate with each other. As remote work continues, you can feel confident using hosted RMM and PSA because MSP security is only getting more comprehensive.
Ticketing system and PSAs for new/small MSPs
Every new business has some growing pains as they are starting up. There is a certain learning curve they must face, and sometimes we learn through hard experience. A good example of this for MSPs is where to move to a PSA and get those tickets out of your inbox.