What’s the Difference Between an MSP and MSSP?

The line that separates the two is blurring, here are some strategies to choose the right partner for your needs.

Business leaders that have explored working with an external IT support provider have probably encountered two often-used terms, managed IT service provider (MSP) and managed security service provider (MSSP). Because the difference between the two is so subtle, it’s easy to get confused about exactly what each of them can do for your company and which one you should hire.

This article will provide an overview of what to expect from each type of company, how they interact with each other, and a brief overview of how the managed service field is evolving.

Managed IT Service Providers Create Stable and Proactive Technology

The MSP’s job is to take responsibility for IT administration and strategy. While this may include some processes that are related to security, most of their work is geared toward improving the uptime of your network and providing a satisfying, efficient user experience for your staff.

MSPs take responsibility for network management tasks

• Help desk support to ensure day-to-day technology issues are resolved
• IT strategy and roadmap support to ensure IT aligns with business goals
• Managed data backups, disaster recovery, and business continuity processes
• Cloud migrations to facilitate employee collaboration and reduce overhead
• Vendor management service that provides a single point of contact for IT issues

The Complete Network team has written several articles exploring each of the major aspects of a managed IT solution, including what goes into a high-quality help desk solution, how to create an IT policy, what defines quality MSP support, and many others.

According to cloud backup leader Datto, most MSPs offer a basic security package, which includes antivirus software (61%), two factor authentication (60%), and firewall management (585)

Managed Security Service Providers are a Specialist Team of Cybersecurity Defenders

If the MSP is the government in your town, the MSSP is the police force. They’re not interested in network performance or staff productivity metrics. Instead, they’re focused on keeping malicious actors – both internal and external – from stealing data or otherwise doing cyber-harm to your business.

Some of the tasks an MSSP performs as part of their support include:

• Vulnerability Scanning and Assessment
  MSSPs will perform regular network scans and security assessments to ensure that you’re on an optimal security posture, beyond what most MSPs are prepared to provide. Many MSSPs can also provide penetration testing services for businesses to provide the highest level of security insight and readiness.
• Advanced control and permissions
  Another vital area of security that most MSPs will help you with is securing sensitive data against theft or leakage. By segmenting important systems behind specialized firewalls and enforcing strong access control policies, they’ll ensure that the right privileges are assigned to the right personnel. This protection is important for businesses with regulatory compliance requirements.

Research from GetApp found that small and midsized businesses can reduce their overall security costs by 20 to 30% by partnering with an MSSP, as opposed to trying to manage cybersecurity in-house.

Is an MSP the Same as a NOC? What’s a SOC?

These terms are often used when discussing MSP and MSSP services. Adding another layer of complexity; they also provide another way that we can understand the difference between the two service offerings.

MSPs have a network operations center (NOC), which is a centralized collection of people, tools, and processes that they use resolve technology management problems. By gathering data about how your company’s technology operates, NOC engineers can remediate problems – often remotely – and keep devices and applications running smoothly.

By contrast, a security operations center (SOC) houses a team of security specialists who provide 24/7 security monitoring of your critical systems and data. To do this specialized work, SOC engineers use a set of tools that go beyond basic network firewalls and VPN systems.

One of the important tools in the MSSPs arsenal is the Security Incident and Event Management (SIEM) platform. SIEM platforms are a centralized location for collecting and analyzing data and logfiles from your network, allowing the SOC team to quickly interpret important information, provide accurate security alerts, and minimize the time your team spends responding to false positives.

The Line Between MSP and MSSP Will Continue to Blur in 2021 and Beyond

In response to the continued and dramatic increase in cybersecurity attacks at small and midsized businesses, many MSPs have come out with security solutions that approximate what an MSSP might offer.

This is both an opportunity and a risk. While some MSPs have put in the effort to build a robust security solution, others are just capitalizing on the need for more security and haven’t put in the considerable effort it takes to provide strong security.

A security solution may look comprehensive on paper, but if it hasn’t been planned and implemented with a close attention to best practices, it will provide your business only a false sense of security. How can you tell if your MSP is capable of offering security? Here are a few good indicators:

• Alignment with Framework and Standards
  Has the MSP taken the time to achieve compliance with established cybersecurity guidelines, like the National Institute for Standards and Technology (NIST) Cybersecurity Framework? Doing so is a good sign that they understand the rigors of comprehensive security.
• Strong Internal Security
  The protection an MSP or MSSP provides is limited by their own security processes. You should request a copy of their information security plan and related policies, so you can learn how they plan on handling your systems and data. If you’d like to learn more about how MSPs achieve strong internal security, feel free to read more here.
• The right people and resources
  Another key differentiator between a traditional MSP and one who’s ready for security is how they’re staffed. To act as a reliable cybersecurity partner and consultant, the MSP should have dedicated staff with deep cybersecurity expertise – not just . As with each of these areas, don’t be afraid to ask for qualifications, credentials, and resumes.
• An integrated stack of security tools
  Without the right planning and configuration, even the best cybersecurity tools will fail. An MSP should be able to talk in depth about how their tools work together to provide comprehensive security, in addition to the steps they’ve taken to close gaps in coverage that occur when you combine software products from different vendors.

Have a Cybersecurity Challenge or Question? We’re Here to Help.

We’re passionate about helping companies face their complex security challenge with confidence. If you’re an organization in Albany, New York, Charlotte, North Carolina, or Bluffton, South Carolina that wants to learn more about improving your security posture, we encourage you to reach out and get some advice from our experts. Contact us at 877.877.1840. We look forward to speaking with you!