It can be daunting to step into the often unfamiliar world of security, where you can at times be inundated with technical jargon (and where you face real consequences for making the wrong decision). Employing an MSP or MSSP is oftentimes in the best interest of small and medium businesses (SMBs).
In a study performed by Ponemon Institute, 34% of respondents reported using a managed service provider (MSP) or managed security service provider (MSSP) to handle their cybersecurity, citing their lack of personnel, budget, and confidence with security technologies as driving factors. But how do you find a trustworthy partner to manage your IT matters?
Here are the top 3 questions any business should ask a potential security provider before signing a contract:
Okay, this one that you’ll probably research before reaching out. Look at how long the company has been in business and who their current clients are. Are you confident they can anticipate the unique technology needs of your business?
You’ll want to work with MSPs who understand your business and are able to make technology decisions based on your unique needs. Make sure they have a solid track record with other businesses your size. If your industry has particular compliance concerns or makes heavy use of specialized programs, make sure they have experience with other customers in your industry.
Make sure they round out these services with key security offerings. To make sure they have basic IT security controls in place, ask them about industry buzzwords like asset inventory, patch management, access management, continuous monitoring, vulnerability scanning, antivirus, and firewall management. The specifics of their answers aren’t as important as a confident, well-considered plan.
Security-minded MSPs will make sure your software and your web surfing habits don’t provide cybercriminals with backdoor access to your systems. They will make sure your network is secure, and they will install antivirus on all of your computers. Bonus points if they are forward-thinking enough to include Security Awareness Training. Make sure you understand the services they offer, and ask if these services have extra costs.
While these are not all of the questions you should consider asking a potential service provider, they can help get the conversation started and ensure you only work with service providers who meet your unique needsservice providers who meet your unique needs.
- Ponemon Institute. (2016, June). Retrieved from Ponemon Research: https://signup.keepersecurity.com/state-of-smb-cybersecurity-report/
- Ponemon Institute Cost of Data Breach Study: (2017 June) https://www.ibm.com/security/data-breach