Beyond network monitoring

A server overlaid with a concept image of networking, featureing nodes for different types of technology, such as Wi-fi and upload/download connected by lines
(Image credit: Shutterstock)

The network is the lifeblood of enterprise but it also exposes vulnerabilities in terms of security and availability. Compounding this is the hybrid nature of many networks that have different local infrastructure admins, group information and communications technology (ICT) departments and third party Certified Security Providers (CSPs), exposing a potential minefield of both personality conflicts and accountability.

As such, some firms are turning to trusted third party Managed Service Providers (MSPs) to provide authoritative yet impartial monitoring and assessment services that cut through the organisational charts and deliver critical insights to operations teams. So as a managed service provider (MSP) what skills do you need to offer these services?

Most enterprises still work in silos. Sales, finance, operations and a whole host of other departments, although connected to the body corporate, will have a different set of procedures, drivers and goals. Yet IT as the common strand helps to unify and manage many of the separate processes to allow the organisations to flourish. However, as data passes across these different silos it is often amassed in dissimilar applications, and in the worst cases utilised in unsecure ways. For example, Dropbox repositories or collated reports which are archived on file servers that are not within the scope of a centralised IT security policy.

Alongside operational silos, many organisations are also restricted by cultural and management walls where accountability and blame can restrict the ability of a common IT security policy to function correctly. This poses a perfect opportunity for an MSP to provide risk intelligence, along with actionable insights, that can allow organisations to do the right thing without stepping on the toes of senior managers or departmental heads.

In terms of the skills sets required and tools that can deliver a viable risk intelligence offering, the key is to offer flexibility, along with a baseline set of technical abilities that can analyse and assess data and processes to identify risk. The goal is to largely automate this initial vulnerability and data assessment phase through a platform such as SolarWinds MSP, which can sift through large amounts of data to discover and categorise sensitive personally identifiable information (PII), including social security numbers, driver’s licence numbers and credit card information.

Another key element is to make this intelligence available in an actionable format, through detailed reports that both highlight where risks exist within an organisation’s data structures.

However, simply analysing and highlighting risk is sometimes not enough to affect change. MSPs would do well to gain an understanding of the key regulatory frameworks such as PCI and HIPAA to provide a key driver to help organisations begin the process of securing data. In addition, both consulting and practical value-added professional services such as data encryption projects and information lifecycle management projects can help enterprise customers solve immediate risk issues while strengthening overall IT security policies, leading to more effective security controls.

SolarWinds’ MSP Risk intelligence software can open the door to a whole field of value for MSPs and with a regulatory environment that is getting tighter as a response to containing high profile incidents, a proactive MSP that can approach clients before an enviable breach will be a valuable ally.

"This is an independent article written by IT Pro, sponsored by SolarWinds MSP to celebrate thought leadership in IT. Learn more about SolarWinds’ MSP Risk intelligence and enjoy a Free 14 day trial by clicking here ."

Christine Horton

Christine has been a tech journalist for over 20 years, 10 of which she spent exclusively covering the IT Channel. From 2006-2009 she worked as the editor of Channel Business, before moving on to ChannelPro where she was editor and, latterly, senior editor.

Since 2016, she has been a freelance writer, editor, and copywriter and continues to cover the channel in addition to broader IT themes. Additionally, she provides media training explaining what the channel is and why it’s important to businesses.