As the year ends, IT and security providers should start looking toward the horizon for the trends that will soon be affecting them. We asked two of our experts for their predictions—Colin Knox, director of product strategy, and Tim Brown, VP of security for SolarWinds MSP. Here’s a summary of their predictions.
Cyberattacks have increasingly gained headlines over the years. In the last year, we saw ransomware attacks hit multiple towns. We also saw an increase in the number of reported data breaches. In 2020, data breaches could easily grab more headlines, as could a major, catastrophic attack. These developments will likely lead to an increase in the public’s consciousness about cyberattacks.
We’ll see an explosion in the use of MFA
Due to these increasingly visible attacks, we’ll probably see a rapid proliferation in the use of multifactor authentication (MFA). For many years, the industry has educated people on the dangers of ransomware, leading many to adopt strong backup solutions. Now, we are starting to see a shift in the industry toward preventing credential theft. As a result, businesses will increasingly require MFA for risky accounts. We may see an increased interest in mobile device management and security. After all, MFA often requires the presence of a mobile device—whether due to an SMS-based message, authenticator app, or biometric authentication scheme, such as a thumbprint or face scan.
MSPs will increasingly adopt the zero-trust security model
As employees shift in the direction of remote working, we’ll see MSPs become more and more interested in the zero-trust security model. If you aren’t familiar, people who take the zero-trust security approach proceed from the idea that you need to verify everything. This way of thinking affects user accounts, access to systems, and how you structure a business’s network architecture. In 2020, we predict zero-trust security will become a hot topic among MSPs.
More people will see the need for a password management solution
Because of the previous points, businesses will increasingly see the need for a strong password management solution. If you’re an MSP or an MSSP, you’ll want to get a solid solution that helps you enforce password best practices among your team members. SolarWinds® Passportal helps you do just that by automatically generating strong passwords for your team members, allowing you to quickly grant or revoke access as needed, and set password policies across your team. Learn more by visiting the site today.
MSPs and MSSPs have an interesting year ahead of them. Major data breaches and resulting compliance regulations may cause significant positive shifts in the landscape for both MSPs and MSSPs. Here’s what Tim suggests:
The threat landscape and service providers
Cybersecurity never remains static. When we develop defenses against today’s threats, criminals find a new attack or a good twist on an old threat. We should expect the threat landscape to continue evolving in 2020. One trend we think will continue is cybercriminals attacking MSPs; as a result, MSPs will need to make sure their own security house is in order. A data breach caused by a lack of your own security could push existing clients away and leave you with a bad reputation in the community. Remember—security starts with you, so keep your own team and operation up to speed.
Compliance and privacy will lead more customers to MSSPs
Over the years, we’ve seen an increase in data protection and reporting laws. As more breaches continue making headlines, we can expect lawmakers to pass even more regulations around data protection. Many businesses won’t have the in-house team or infrastructure to handle this, leading them to increasingly seek out MSSPs to help with the effort.
MSPs will be held to a higher standard
Following some major data breaches, we’ve seen companies get hit with massive fines. As businesses grow more aware of the potential consequences, they’ll continue taking security more seriously. That means MSPs providing security services will need to hold themselves to an even higher standard. A major fine could be an extinction event for one of your customers—and it could be for you, too. So even if your customers opt for a lower level of security, make sure you keep the highest standards for your own team and environment.
Management won’t be enough to combat threats
For years, we’ve said “a well-managed environment is a secure one.” While this remains somewhat true, proper management will no longer be enough. MSPs will still need to manage and maintain their customers’ environments, but they will also need to monitor those environments for active indicators of attacks. Beyond that, service providers will need to become well-versed in the practice of active incident response. Today’s threats can often slip past traditional defenses, so you need to be prepared to catch them and respond to them easily. Make sure to have a solid incident response plan and process in place, and run incident drills so your team remains sharp in the event of an emergency.
2020 will be the year MSPs either become MSSPs or partner with one
Building on the previous predictions, we can expect security to continue increasing in importance. While MSPs and MSSPs have traditionally occupied separate lanes, the lines may soon begin to blur. MSPs who want to keep an edge will likely start to either take on the role of MSSP or team up with one to deliver full-spectrum IT services with security baked in. Customers likely won’t draw a distinction between IT and security services—so many MSPs may need to expand to stay relevant.
Partnering with a TMSP
Transforming your MSP into a full-blown MSSP can be daunting, to say the least. SolarWinds MSP offers its Threat Monitoring Service Provider program to help you offer MSSP-like services without having to build out a team of your own. Partner with one of our approved Threat Monitoring Service Providers (TMSPs), who will run the back end of SolarWinds Threat Monitor to actively monitor for threats while you maintain the client relationship. Learn more by visiting our website today.