To MSP or not to MSP? Hacks and Ransomware Make the Acronym a Challenge to Tech Companies
MSPs are becoming increasingly the target of hackers and ransomware attack, and some are finding that being associated with an MSP does not carry the same cachet. They are creating new identities. These days, being a managed service provider can make you a target. MSPs are becoming increasingly the target of hackers and ransomware attack. Some are finding that being associated with an MSP does not carry the same cachet as it once did. Some are even looking for new identities.
Alvaka Networks is an Irvine-based MS err… technology company. Alvaka stopped referring to itself as an MSP many years ago. One prospect even said that Alvaka was an MSP. We don’t do business in the MSP market. You guys get hacked.” Ouch.
However, the customer was not always right. Continuum’s poll found that 83% reported cyber-attacks in the last 12 months to their MSP customers. 74% of MSPs also suffered at least one attack. The damage can be severe. A ransomware attack caused by ransomware has been estimated to have cost a MSP $4 million.
What can an MSP do? Perhaps the MSP should stop using the name and improve its security, suggests Kevin McDonald, Alvaka’s COO and CISO, and 20-year security veteran. Alvaka describes itself as a full-service provider of advanced network management and security services. McDonald’s said that this is a more clear and concise way to communicate what Alvaka can do for customers. Alvaka uses verifiable evidence such as the CompTIA Security+ Trustmark to help differentiate itself.
“Unless we need to avoid confusion with integrators, we don’t usually use the term MSP/MSSP.” It no longer makes business sense, and the terms are often negative or meaningless, McDonald’s said.
Macnamara ICT, a London company, decided to remove the MSP designation because it didn’t reflect the company’s value to customers after it invested in cybersecurity skills. Ciaran Kenny (managing director of Macnamara) said that claiming to be a managed security service provider (MSSP), didn’t work either.
“We are making the transition from a traditional MSP to a total technology partner for our customers. We had to have a scary conversation with our customers before we could do what we did. We had to admit that our security expertise was not sufficient. Let’s just say that we were not experts in this area, but let’s discuss how we can address it as we go along. It worked,” Kenny stated.
Is the Name MSP still valuable?
The problem with the MSP label is that anyone can use it. The acronym can be used without certification or standardization. Are you an MSP? I am an MSP. This creates confusion in the market and increases the gap between highly skilled managed services and security providers and those who claim to be them. According to Mark Essayian (President of KME Systems, Lake Forest), Calif., this hurts the whole industry.
“I invented the term “technical janitor” for MSPs who believe they are doing a good task updating servers and providing basic help desk. Essayian stated that this is not an MSP and it lowers the term.
According to Essayian, KME Systems describes itself a “business partner in IT service.” “I have also seen firms calling themselves MSSP when they don’t have enough resources or the ability to protect a client.” He said that it also devalues the MSSP name.
McDonald’s agreed, noting that many companies use MSP and MSSP to mislead people into believing they know what they are doing. “But managed services, especially cybersecurity, are not something you can pretend you can do. He said that many people are paying for smoke and mirth. “Unfortunately, some people in the industry are diluting that term by failing to deliver.” Alvaka has been involved in several “rescue” projects over the past year and a quarter, helping businesses in trouble who used companies claiming to be security and managed services experts.
McDonald’s stated that not everyone in the MSP community is using multi-factor authentication, patching their critical patches, and maintaining good IT hygiene.
Kenny stated that Macnamara has also raised its profile and earned opportunities with larger customers by investing in security.
“By focusing our security efforts, we are better able to control information, which is the lifeblood for what we do. Kenny stated that we spend less time searching for passwords and information and more time being proactive.
Promises Don’t Fix Problems, Solutions Do
Finding a po