Return-to-Office Endpoint Security Opportunities for MSPs

Smart MSPs are purchasing endpoint security licenses and using the software to deliver high-margin services.

6 Min Read
Endpoint security
Getty Images

How does an MSP make more money in a post-Covid era?  When you’re selling endpoint security software to customers, you often find yourself competing on price, but endpoint security is one of your customer’s biggest concerns and a prime opportunity to compete on value.

Smart MSPs are no longer selling endpoint security software to their customers. Instead, they are purchasing the licenses and using the software to deliver a high-margin endpoint security service.

The Endpoint Emergency

An endpoint is anything that connects to the network. It could be a laptop, a desktop, a server, an internet of things (IoT) device, a thermometer in the fish tank, even your refrigerator or other appliance.

Since they are all the entry points to the network, hackers tend to attack them most. This means your customer needs to protect them as much as possible. Even as you leverage a network access control (NAC) solution to inspect any device attempting to connect, you also need to use identity and access management to authenticate and authorize the user. Multi-factor authentication (MFA) is becoming more and more the rule everywhere.

With many employees returning to the office, the big concern will be the endpoint devices they bring with them. In the most serious way, you really don’t know where they’ve been. They may have been disconnected from the network at any time and exposed to viruses, worms, trojans or other types of malware. When they come back into your customer’s office environment and connect to their local area network (LAN), that malware can be instantly transferred in to infect the entire network.

When everyone was first sent home, it was with no preparation. Suddenly, the threat surface of most networks went from the area near their network core in their datacenter to the area near the home of each employee who was connecting to the network. And those employees were using residential internet access, which was nearly impossible to protect. Now, almost a year and a half later, you’ve probably helped your customers resolve many of their security problems, but endpoints are still in motion and are the target of more attacks than any other network segment.

Your Opportunity

Since any security is only as good as its weakest link, your customers need you to provide a comprehensive, multi-layered security plan designed to keep them protected from whatever these endpoint devices have been exposed to. You can interpret “comprehensive and multi-layered” to mean a complete offering of security solutions integrated together, complete with plenty of monitoring and management that bring you monthly recurring revenue.

Endpoint security is just one of your many opportunities to provide managed security solutions and services at every layer of the network.

What We Mean by “Multi-Layered”

To provide a more meaningful and robust understanding of the opportunity created by endpoint security, let’s take a technical approach.

In 1983, the International Standards Organization (ISO) introduced a useful seven-layered model for networked computing called the Open Systems Interconnection (OSI) model. This model is still applicable today.

Moving outward from the user, data is entered into the network through software running on the Application layer. This application is running on a device-based operating system at the Presentation layer, which is signed in through the Session layer. Data is moved from that user to another destination by the Transport layer, which uses the Network layer to connect to that destination. This connects to the actual network via a network interface card at the Data-Link layer, which, finally, connects to the actual cabling and wireless infrastructure at the Physical layer.  Click on Page 2 to continue reading…

You’ll notice that there is no “Security” layer. That’s because your customer needs you to provide security at every layer.

That means there’s even more opportunity for partners beyond securing the endpoints. Customers need you to also secure their data as it moves out of storage, through servers to routers that transport them to their destination. All these security requirements expand your deal size, providing increased margins and a bigger value proposition.

Zero Trust

A topic of much discussion these days is the concept of “zero trust.” The term has been around for more than 10 years but has only become front-of-mind recently. As it sounds, it basically means you shouldn’t trust anything on the network, at least until you’ve proven to yourself who and what it is. Another way to say it might be “trust nothing, verify everything.”

Perhaps a better way to look at zero trust is to think of it as continuous risk-based authentication. You’re always watching everyone and everything connected to your network. Like driving a car, you’re always looking all around to make sure you know the who, what, when, where and why of every device on your network. As such, it consists of multiple cyber defenses woven together to create one robust, comprehensive security offering. This is a great analogy to use when explaining zero trust to customers.

For those who prefer selling everything as-a-service, zero trust is also a major component of secure access service edge (SASE), a relatively new approach first identified by Gartner and now growing in popularity. SASE focuses more on who, where and how a user is attempting to access the network from what device rather than worrying as much about IP addresses, which can be spoofed. SASE represents an important development toward true security-as-a-service delivered from the cloud, which can eliminate the need to deploy multiple devices at multiple locations and enable centralized security management.

Another new development that can be included in your multi-layered solution is extended detection and response (XDR), which collects and automatically correlates data across multiple security layers–email, endpoint, server, cloud workloads and network–so threats are detected faster and security analysts improve investigation and response times. Fully integrated solutions that can take you from threat detection through identification and suggested resolution, and then enable you to take protective and defensive action, have become mandatory. There simply is no other way to respond fast enough anymore.

Turn to Tech Data for Guidance and Advice

For MSPs, the best way to expand your service catalog and create more services to sell to your customers is to let vendors be your toolsmith, fashioning software tools you can wrap your services around to create high-value solutions for your customers at high margins for yourself.

The Security team at Tech Data has all the vendor-neutral capabilities needed to help you with customer site assessments, solution configuration, design, deployment and support. They can take you through all the tools available to you from all the vendors so you can choose the ones that are best for you and your customer base.

For more information, please email us at [email protected] or visit our Security Solutions site at www.techdata.com/security.

This guest blog is part of a Channel Futures sponsorship.

Read more about:

MSPs
Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like