During the ConnectWise IT Nation conference in June, Scott R. Davis, a cybersecurity professional and public speaker, as well as a sales engineer with Lionguard, offered useful tips for MSPs, including dealers who offer managed IT, on building and expanding their security services. Davis had a lot to say during his 30-minute presentation, however, these are the most memorable observations from his presentation.
- Everything in IT begins and ends with documentation. Why? Because you can’t build a security, backup, and recovery policy if you don’t know where your data is.
- It is critical to do vendor assessments to know where your data is being stored. “It blows my mind the amount of businesses out there who have no idea how their data is being stored or used. We need to know where we’re storing our data and where your customers are storing their data.”
- Finding out what your baseline is will separate you from your competitors. It will hold all of your customers at that minimum level [of security] no matter the size of the customer. It doesn’t matter the size because the threats are still there and one email away from getting breached.
- Don’t be afraid to fire a customer.
- Getting customer on fully managed contract is most important thing you can do because you’re protecting yourself and them.
- Don’t limit yourself to the baseline. You need to grow and adapt depending on customer needs. For Davis’s higher end customers in healthcare, government, education, and finance, he recommended offering higher tier security.
- One of most common missing pieces in the MSP space is change management. You can’t track what you don’t know.
- Switches and IoT devices are where you’re missing information. The average user used to have one IP address, now the average user returning to office will have between four and five IP addresses.
- Hackers will look at any device with a vulnerability to find a way into your business. As an MSP, you’re a target.
- Practice what you preach. Brand yourself as that security expert. Talk to media. Write a book, a blog, contribute to video services, being out there, getting yourself noticed as a source to talk cybersecurity.
- Host a cybersecurity event and invite media and you’ll get face time in community. Website is also a crucial aspect. Make sure your website speaks to your security practice. Post videos and links to events you’ve done, and links to news media you’ve spoken to. Branding yourself is crucial. Often, it’s just your name or business name. If you are the owner, make sure you know who is the face of your company if they are speaking at events. Your goal as leader is to encourage them to grow but mix it up so you are protecting your brand which is as important as getting the right message across.
Access Related Content