Cybersecurity Basics for Managed Service Providers (MSPs)

| By:
Jay Ryerse

As MSPs, you want to provide the best services for your clients, including keeping their data secure and their systems up to date. This begins with full mastery of information security fundamentals to communicate to their teams as well as your own. Here are some cybersecurity tips and best practices to keep your clients secure and protected. 

Why is cybersecurity important for managed service providers (MSPs)?

Cybersecurity has always been a priority for businesses, but factors like an increase in remote work are accelerating the rise of cyber threats. A study from HP said 30% of people working from home ignored cybersecurity best practices. 67% of the IT leaders that participated in the study said they get weekly complaints on the restrictive security policies. This poor attitude towards security led to a rise in incidents.  

According to CSO, phishing attacks make up more than 80% of reported security incidents, with Google itself registering a total of 2,145,013 phishing sites in January of 2021. Later that same year, the U.S. Treasury reported that it tied $5.2 billion in Bitcoin transactions to ransomware payments. 

MSPs have an essential role when it comes to keeping clients in line with cybersecurity best practices. Cyberattacks not only present an immediate security risk but could also result in financial and legal consequences for your client base. 

How can I improve cybersecurity as an MSP?

As managed service providers, you do a lot for your clients. You handle their cybersecurity, their website infrastructure, and general tech support. But if you’re not incorporating these cybersecurity fundamentals into your business, are you really providing the best services?

Here are some fundamentals to consider.

Define your cybersecurity strategy for each client

According to IBM, most MSPs use about 45 different tools as a part of their tech stack on average. While each of these may seem to fill an essential role on paper, this may not work out as well in practice. Is it possible for your team to be able to monitor, maintain, and master that many tools effectively, at the same time? 

To avoid bloat, look at all the tools you use and break down how each tool helps your client. Are there any tools that do the same function, and if so, could you remove one from your tech stack? Are there any tools you need to upgrade? Are there any tools that lack essential capabilities? Many companies include cybersecurity assessments as part of their pre-sales toolkit to best understand customer needs right from the start.

The main goal here is to not just limit your tools but to make sure you’re using the right tools with the right clients. That way, your team has a clearly defined strategy for each client and the right tools to execute it, without any unnecessary additions. 92% of organizations have mentioned that they would consider using a new IT service provider if they offered the “right solution” so you always want to be ahead of what your clients may need.


Know where backed up data is

One lesson on the value of a proper data backup strategy is the Pixar film Toy Story 2. At one point in production, nearly the entire file directory for the movie was lost due to a simple accidental delete. The only thing that saved countless hours and dollars from being completely wasted was an employee working from home who had a copy of the movie on their home station, and was able to bring it in for the team to resume operations. 

Your clients may not be making movies, but they have essential data, projects, and assets that if lost, could be disastrous. That’s why you need to not only back up your data, but keep a log of where all the data is stored. That way you will have a backup in case anything happens. We have an ebook dedicated to best practices for SaaS data backup if you’re interested in learning more.

Think beyond tech

You may be armed with all the right tools. But having a stacked toolbox is only one part of your job. Another part is being able to explain those tools to your clients.

That’s why you have to think beyond the tech and think about whom the tech is helping. Will they get the tech terms you use every day? Probably not. That’s why as an MSP, you have to explain things in simple language so clients can understand.

Speaking of keeping things simple, another thing to keep simple is your recommended cybersecurity policy. A policy that’s easy to understand is also easy to implement and keep up.

Help clients keep their network and devices protected

We all know strong passwords are a must. According to Google, 52% of U.S adults use the same password for many sites. There are many websites and apps that can create complex passwords and remember them. Get your clients to rely on these tools and a universal password policy, so their information is better protected. 

Another cybersecurity best practice clients should do is multi-factor authentication on any sites/accounts. If anyone but the account owner tries to get in, they’ll know. 

Also, suggest a firewall and a VPN. Virtual Private Networks have become essential since they encrypt your internet traffic and will hide who you are and your location. A VPN is especially helpful for employees working remotely, since the network they work from might not be secure.

Suppose an employee decided to work from a local Starbucks. Under normal circumstances, this could pose a major security hazard. With a VPN, however, this risk is massively reduced.

Another area of concern is making sure your clients are encrypting all hard drives to better protect them from breaches. According to the Identity Theft Research Center, data breaches in 2021 surpassed the number of breaches in 2020 by 17%. Time will tell us how 2022 does. But you can help clients protect their data with encryption.

Create a culture of security with your clients

You probably fasten your seatbelt after getting in your car, right? You do it out of habit and also because you understand that seatbelts save lives. You have to make security seem like seatbelts to your clients. They have to know why it’s important to follow the policies you set with them. In fact, clients are more likely to follow policies if they feel the policy is part of how they do business. So, what can you do to emphasize the importance of cybersecurity?

This involves explaining a few things:

  • The importance of cybersecurity and how it can stop data breaches and incidents
  • Security policies, like what devices client teams can use and how to create better passwords 
  • Common risky behaviors your clients and their employees should avoid, like using a password for more than one site
  • Security best practices, like updating software as soon as a new update comes out
  • Current threats they need to be aware of like phishing emails and software vulnerabilities

But the best way to emphasize security practices to your clients is to rely on hard facts. Help Net Security surveyed C-suite executives in 2019 and found some alarming statistics. 53% of those surveyed said that human error was the cause of their breach. What’s more, a study completed by IBM shows human error plays a role in as many as 95% of security breaches. This data makes a clear case for implementing and understanding cybersecurity best practices.

Monitor potential upcoming cyberthreats

When the Log4j Java logging package vulnerability hit the news, it became a massive industry story across the information and cybersecurity fields. As threats evolve, there are likely to be many more stories like this, as well as lessons that MSPs and end users alike can learn from. The good news is that there are many tools you can use to keep track of industry news. Combined with tools like a SOC that can do monitoring for your team, you have an automated method to handle any upcoming threats.

One tool is the free apps like TweetDeck. This allows you to set up organized feeds that track any keyword/subject you want. You can set yours up to not only let you know of newly discovered threats but you can also track what experts are saying about the threat. 

Another tool to check out is Feedly. It’s a lot like TweetDeck in that you set it up to track certain keywords. But instead of sending you tweets, you’ll get articles, blogs, and any other long-form written content. 

While these tools are a good starting point to get a regular feed of news on cybersecurity trends and threats, many MSPs need more specialized information to service their clients. The ConnectWise Cyber Research Unit (CRU) is the perfect resource. Our regular feeds and data reports are the best way to hear about the latest trends and concerns from a team attuned to MSP needs specifically.

However, equally important is the chance to meet, interact, and learn from cybersecurity experts directly. One great option for this is industry events like IT Nation Secure. At conferences like this, you’ll get to talk to the best in the field and find out the latest trends.

Establish an incident response plan for every client

An incident response plan details how a client will respond to a threat. Despite all the security measures you may employ, breaches and incidents can happen. How much harm they cause is generally determined by how quickly things are caught, isolated, and making sure proper stakeholders are informed: making a proper incident response plan essential. The key components are:

  1. Immediate post-breach activities. The MSP needs to contact their client’s insurance company to support any activities needed for them to file a claim. At the same time, your team should contact their SOC immediately while performing an isolated backup of everything, even encrypted/infected computers.
  2. Identification. Thoroughly review, investigate, and record all details related to the incident. 
  3. Preparation. Using the information from the identification step, work with your SOC to assess the security perimeter for the incident.
  4. Containment. Determine the attack vector utilized and stop any active threats while containing the breach to prevent any further spread or damage.
  5. Remediation. Begin working through all isolated machines to find and eliminate the root cause of the breach.
  6. Recovery. After making sure all previous steps have been taken, restore and return affected systems back to a production environment. Run a new backup job after everything is restored, but before users are let back onto the network.
  7. Debrief. Work with your SOC to determine lessons learned from the breach and how these can be communicated to the client. Following this, debrief with the client fully to implement a security plan that will defend against similar future attacks.



What mistakes do MSPs make with cybersecurity?

MSPs have a critical role in the cybersecurity health of their clients. This means that any mistakes that they make can have major ramifications. Here are common mistakes MSPs should work to avoid.

  • Don’t focus on just the tools. MSPs need to be careful not to fall into the trap of reusing the same tool or strategy for a client out of habit or comfort. Not every security situation is the same. Instead, try to focus on solutions and strategies that will work for the specific situation. That will force you to take a holistic look at what the client needs and help you provide a better plan. At the same time, don’t feel you need to be overly flexible for the sake of being flexible. If you have a wide suite of services, is your team feasibly able to administer them and keep with best practices for each one?
  • Don’t assume tools are enough to attract clients. MSPs might look at their cybersecurity stack and think it’s enough to draw sales. However, it’s important to approach clients from their pain points. When you talk to current and prospective clients, you must stress why cybersecurity is needed in ways that relate to them. If they can see how skipping your services can hurt their bottom line, they’ll be more apt to commit.
  • Don’t get too technical. Often when talking about cybersecurity, we explain tools and processes as we would to a peer. However, your clients are likely not cybersecurity experts. Instead, talk about how often cyber threats happen and (in basic terms) how you can deter those threats. Be ready to answer questions like:
    • “Why should I spend money on cybersecurity? Who would target me?” This is where you bring up how costly cyber incidents are to fix and how one incident could impact their operations.
    • “I’ve got a firewall and antivirus software. Can’t I just use that?” This is where you explain that cyber threats come from almost anywhere and can render outdated tools useless. 

These are some key common mistakes MSPs make, but there are other, more specific issues that may arise depending on your area of focus. We profile some of these lessons to learn in this e-book of cybersecurity tips.

Help your clients put these cybersecurity tips into practice

The security landscape is always changing, and to build on these basic insights, it’s important that your team has the top insight in the space. To learn more about building the best practices for your clients, watch our step-by-step webinar on how to fast-start your cybersecurity practice. 


When helping your clients build up their security stack to take on all threats, you’ll need the best cybersecurity management software out there. Contact us today to learn more about ConnectWise’s offerings and how we help your team move beyond the basics. In addition, if you want to work hand-in-hand with the ConnectWise team to build up your cybersecurity practice, check out the ConnectWise Partner Program.

The ConnectWise Partner Program is a combination of educational resources, in-depth training, and community-based events to help your company grow its expertise and knowledge with all things cybersecurity. 

Features of the ConnectWise Partner Program include:

  • Using the self-serve Partner Portal with brandable marketing and sales assets, a robust marketing automation platform, and best practices to build your business
  • Having a dedicated partner development manager (PDM) when you upgrade to the Accelerate Level. Your PDM can help with PDM/sales support, virtual passes to IT Nation conferences, guidance as your practice grows, and more

Whether your company is just getting started with a cybersecurity foundation or trying to tackle specific new challenges, the ConnectWise partner program is a perfect resource to help.


How can MSPs stop common cyber threats?

MSPs can help their clients stop common cybersecurity threats by:

  • Staying current on present and upcoming threats and trends with tools like TweetDeck, Feedly, and the ConnectWise CRU.
  • Training employees and clients on best practices by impressing the importance of cybersecurity and how it helps stop threats.
  • Developing a strategic incident response plan that details what to do when a threat hits, whom to report the threat to, and how to handle client accounts.