What is an MSP?

MSP’s have been around as long as remote connectivity has been mainstream. This happened in the mid to late 90’s where previously the IT companies would sell computer systems into corporations and support on a break / fix model.

The reseller would supply the business with servers and workstations and maintain them onsite if something went wrong.

The tech support aspect is taken on by the MSP and any tickets from the users of the infrastructure would be supported remotely.

MSP’s work at the SMB level generally with the sweet spot being around 50 users within a company. Anything above 600 users tends to have an internal IT team which is coincidentally also the enterprise licecning cut off for Microsoft licencing.

Anything above the 600 seat mark would require a large MSP to be able to support it and it generally becomes more economical to have your own in house IT team.

How the MSP’s operate is by providing infrastructure and IT process outsourcing. In some cases the MSP provides the business with a virtual CIO and also a few days on site at the customers premises.

Infrastructure can be managed via a data centre owned by the MSP themselves or via 3rd party data centres provided on the on the public cloud from Azure, AWS, Google Cloud, Alibaba Cloud etc.

The introduction of security services

Many additional services have come into play since the days of just infrastructure to include products from the security stack too.

The licencing of these products allows the MSP to purchase a licence from the software vendor and split the licence across multiple customers, thus allowing for the price to become cheaper for the licence the more customers/seats they support.

An example of this kind of product is a network vulnerability scanner. They are licenced in “targets” which if bought directly by a customer would require the amount of targets to match the amount of IP’s that the customer has. The more IP’s the customer has, the larger the licence they require and the cheaper each target becomes.

When an MSP has 4 customers, the MSP purchases the licence for the network scanner as the customer. They may have 1 customer with 5 IP’s, 1 customer with 10 IP’s, 1 with 2 IP’s and 1 with 1 IP. This gives a total of 18 target IP’s so the MSP would need a licence to cover this amount of IP addresses which ultimately makes it cheaper per target than if the customer were to purchase them individually.

This is an interesting thought as these types of products are not designed to be run by MSP’s but instead, the new style MSP… The MSSP.

The cyber security vendors supporting MSP models

Example security vendors who work with MSP models are

What is an MSSP?

MSSP’s are tasked with managing the security aspects of an organisation because these days, everyone needs to be secured. It has become an industry in its own right but just as the VAR’s of the past converted to MSP’s, the MSP’s of the 90’s, 2000’s and 2010’s are now converting to MSSP’s.

In reality, they are becoming hybrid service providers. Almost every MSP provides remote managed firewall services which ultimately puts them into the category of MSSP. With the SASE model coming into the mainstream now, it will be the traditional MSP’s providing this service.

What is SASE

You can read more about SASE in a previous article that we wrote on it here.

Essentially, SASE is a stack that is built up of infrastructure and security that sits on the cloud edge to allow customers to connect direct to internet as opposed to being routed internally via internet gateways. It removes the need for the MSP to have managed firewalls on premise at the customer site as the firewall is hosted in the data centre and users connect directly to the services on the cloud edge.

Using SASE gives the MSSP the ability to manage every required infrastructure and security service from one dashboard.

Example vendors of SASE are:

Outsourced security services

Additional services are still and will still be outsourced by the MSP.

One of the most common outsourced services on the security side is pentesting.

Pentesting is outsourced by the MSP’s and MSSP’s because that is a service all by itself which is provided by dedicated pentest companies. There are many of them around and they typically sell through traditional MSP’s on a margin.

Examples of companies that do this are:

A lot of these companies are offshore companies with pentesting being provided from all around the world where the skill levels are high and labor costs are low.

The MSP’s who neglect to move into the cybersecurity space are going to be the ones that won’t survive the move into the cyber fueled economy.

The regional differences

The regional differences are stark. In Northern Europe and the US the MSP model is the primary model for SMB’s. Venture outside of these territories and you still have a strong resale market with companies buying their products outright and hosting them onpremise. The differences between Northern Europe and Southern Europe are that different that there are only a handful of MSP’s on the ground in the South.

Summary

The way that the world is changing rapidly, there is going to be more need for security services. These services are going to be offered by both VAR’s and MSP’s. The VAR is going nowhere fast in certain regions as well as for certain customer types. MSP’s need to transform to keep up with changes though and need to be offering security services as a part of their stack. MSP’s will be no more! The one’s who stay with being a pure MSP will have to be absolutely fantastic at what they do otherwise they will lose out to a hybrid MSP / MSSP who can provide everything that they need under one roof.

Are you an MSP who is working with a security stack?

Which vendors are you working with?

Do you have an gaps in your services that you are looking fill?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s