7 Lessons Learned and Opportunities Earned in 2020


To say this year brought major changes would be an understatement. While organizations had to shift the way they work nearly overnight, many of these changes were simply accelerations of existing trends, like supporting remote work and implementing zero trust. In short, the pandemic forced rapid digital transformation.

Yet IT and security providers handled the challenges well. Cybercriminals certainly did their best to take advantage of the confusion, too. Today, we want to talk about some of the key lessons we’ve learned from 2020, both from a security and a business perspective.

Key Lessons from 2020

  1. Things can change fast: It’s a cliché that tech industries change rapidly. Cybersecurity changes even faster; but rarely do we see such rapid change as we did this year, with the global economy shifting to almost completely remote workforces. In general, MSPs and MSSPs shined during this period. It makes sense—they deal with change and new tech frequently and already had the ability to support remote workers. Still, this year emphasizes the importance of adaptability and calm under pressure.
  2. IT and security providers are essential: This year, IT providers played an essential role in keeping businesses afloat by helping them make their workforce mobile. Security providers also played critical roles in preventing cyberattack attempts from becoming catastrophes for their customers. During the pandemic—particularly in the early months—many cybercriminals sought to take advantage of the chaos by launching COVID-19-related spam and phishing attacks. This only underscores the importance of cybersecurity services in helping protecting businesses from cyber-risk. This bodes well for IT and security providers as, in many ways, they’re the backbone of the global economy.
  3. Providers must maintain what they’ve built: Another important lesson, however, is that things may not return to normal. It’s important for MSPs and MSSPs to maintain the capabilities they’ve built to support their customer bases, whether that involves emphasizing virtualization, cloud offerings, or endpoint-based protection. MSPs and MSSPs will need to support office workers again, but they will likely need the capacity to support large groups of remote workers for the long haul.
  4. Your business model equals your resilience: This year, the most successful providers were those who focused on monthly contracts rather than project work. Some portion of your business will likely still be projects and break/fix, but securing monthly recurring revenue via managed services or managed security services helps your business remain resilient in the face of major market shocks. Plus it helps your customers, as they know you’ll have their backs when things go awry, and this will leave them in a better starting position if something disruptive occurs again (and it’s always possible—see lesson one).
  5. The perimeter is long dead: As an industry, we’ve long exclaimed the death of perimeter-based security. This year, we saw the perimeter become even more irrelevant as people migrated to home-based offices. With tech professionals having even less visibility into those home networks—each of which have varying degrees of security or with multiple potentially insecure connected devices—businesses had to send the castle-and-moat approach even further into the rear-view mirror. This means every MSP and MSSP needs to think in terms of zero-trust approaches to security.
  6. Coverage gaps can spell disaster: Cybercriminals spent the past year trying to take advantage of all the chaos. For example, as mentioned earlier, the spike in COVID-19-related phishing campaigns meant businesses lacking strong email security and user training faced significant risks. This speaks to an important point—a missing layer in the security stack can be catastrophic. When working with customers, consider what the minimum protection should be—including regular patching, email security, backup, and endpoint detection and response. Surprises in security can happen, and they’re never pleasant—so make sure you’re following a proper defense-in-depth strategy.
  7. Good customer experience reigns: One of the key differentiators for MSPs and MSSPs? Customer service. During times like these, many businesses face overwhelming uncertainty and fear. MSPs and MSSPs who keep a steady hand during a crisis could quell the fears of their partners, offering an irreplaceable value-add. But good customer service needs to remain a priority, even during good times. Ask questions of your customers regularly—at least quarterly—and try to get a sense of what their strategic plans are and how you can help. Beyond this, it’s worth trying to measure customer satisfaction on a regular basis to quantify the results of your services. One way to do this would be to send regular surveys to existing customers asking them to rate your team’s service on a numerical score—and offering a free-form question on how your team could improve. Between survey data and informal conversations with customers, you should be able to get a good sense of how you can better serve your customers and position your business to be their partners long-term.

Challenges and Opportunities

While 2020 brought a lot of challenges, it also opened many opportunities for IT and security providers. Plus, this year demonstrated the important role service providers play in keeping businesses afloat, and it showed how essential they are both for their customers and for the economy in general. While we’ll all be glad to move forward into the future, there were many silver linings in 2020.

We mentioned the importance of having the right layers in your security stack for customers. For example, the early uptick in COVID-19-themed email threats demonstrates the importance of strong email security. SolarWinds® Mail Assure was built to detect emerging threats on email through a combination of collective intelligence and machine learning. Learn more about Mail Assure today.

With the shift toward remote work, customers will increasingly rely on cloud services. And one of the biggest threats to those? Passwords. SolarWinds MSP offers a password management solution called SolarWinds® Passportal that can help enforce strong password practices by allowing your team to set strong passwords, gain one-click access to accounts, and grant or revoke access as needed. Plus, you can resell Passportal Site to your customers to offer password management as a service. Learn all about Passportal and how it can help you by visiting

Guest blog courtesy of SolarWinds MSP. Read more SolarWinds MSP blogs here.