A Closer Look at Basic Managed Security Services

Back to Blog

A Closer Look at Basic Managed Security Services

As an MSP, you most likely spending a chunk of your time scouting new revenue opportunities, and you may have found basic security assessments are a great way to get your foot in the door. One-time security assessments can clinch a new account, and ongoing assessments can capture recurring revenue.

 Let’s take a closer look at the two types of assessments that can expand your business.

One-Time Assessments

You can offer a free basic security assessment to open prospects’ doors. With this approach, you conduct the complete assessment, but only share the summary results of the issues you find, gaining entry for a proposal to fix what you discovered and provide ongoing managed services.

In addition to acting as a prospecting tool, one-time assessments can also be used with current clients for security and compliance spot auditing. You can also charge for your security assessments and provide several reports as impactful deliverables that your clients will appreciate. Performed with Network Detective, a three-tiered approach allows you deliver appropriate assessments for any level of client. Here’s a summary of what the tiers look like:

  • Silver 
    • This is the most cost-effective choice that can provide broad-based coverage. This level can tackle many weaknesses that small organizations may face, such as inadequate perimeter defenses, patching, anti-virus, and physical security practices. The silver level will evaluate such items as: 
      • Inbound and outbound firewall configuration
      • External vulnerabilities 
      • Best practice configurations for Microsoft cloud
      • Effectiveness of current patch management tool 
      • Anti-virus and anti-spyware 
  • Gold 
    • This tier is often used for companies that bear a higher degree of risk. The gold level builds upon the silver, and addresses poorly executed group policies, lack of application policy consistency, and anomalous logins. It adds analyses such as: 

      • Log-in analysis
      • Internal vulnerability scan 
      • Security policy assessment
      • IT administrator review  
  • Platinum
    • The platinum stacks the previous two levels and adds client security compliance audit reviews. The compliance can be performed using PCI or HIPAA modules. Security compliance auditing can benefit all businesses, even those that aren’t in a regulated industry.

Ongoing Assessments 

Ongoing assessments can achieve optimal effectiveness using both Network Detective and Cyber Hawk.

  • Silver
    • This level’s low-cost makes it an accessible to small businesses with less than 50 devices. It’s an effective assessment that allows MSPs to create incremental recurring revenue and help uncover new projects with current clients. Weekly analyses can deliver important information require your feedback, examination, and remediation. Your ultimate responsibility is to investigate and report.

  • Gold
    • The gold level builds upon the silver and offers ongoing internal vulnerability scans, SOC alerts filtering, and verification services, and quarterly network and security assessment reviews. Issue remediation can be included in this this service cost, but out of-scope concerns can be billed as additional projects.

  • Platinum 
    • This premium level is designed for businesses with elevated security needs. It builds upon the first two tiers and adds investigative and remediation services. You could also include a platinum-level risk analysis.

Of course, one-time and ongoing assessments are not mutually exclusive. The most comprehensive approach combines both services, and MSPs can customize their offerings to each client’s needs and budget. For more information, download our whitepaper: Building Your Security Service with Network Detective.