Adding Security to Your Managed Services Offering

Over the years Trend Micro has collaborated with and learned from a variety of MSPs. Today’s threat landscape is continuously evolving, becoming more complex and sophisticated than it was even a year ago. For MSPs to rely on a single solution is not practical or in the best interest of their customers.

To maximize customers’ protection, we recommend focusing on these four areas:


1. Endpoint security – The core component of a managed security solution. Every customer has endpoints that need protection.

What to consider when selecting an endpoint security solution:

Select a security solution that supports all types of endpoints –  including servers, desktops, laptops, tablets and phones (Android and iOS), to maximize recurring revenue per customer.

  • Generally speaking, free solutions don’t work on servers and low-cost solutions usually only work on Windows.

The solution must provide a comprehensive set of security features – not just basic anti-virus.

  • Most people believe that all anti-virus solutions are the same. However, that’s simply not the case. The level of sophistication the bad guys have these days is so high that it’s not just about anti-virus anymore. A multilayered approach combining pattern-based detection, machine learning, behavior monitoring, anti-ransomware protection, real-time analysis, heuristics, reputation analysis and other features is critical for providing maximum protection to your customers, as well as reducing your clean-up costs.

The solution must be centrally managed.

  • Free solutions cannot be centrally managed and in most cases it’s a violation of the terms of service to use them commercially.

The solution should be a SaaS offering.

  • In this day and age, there’s no reason an endpoint security solution should be installed and managed on-premise.  There’s no benefit to it, and it incurs a lot of time and cost to when you consider the cost of a server, operating system licenses, power, backup space, and ongoing maintenance (patching, updating and fixing).

2. Mobile/Roaming security – The ability for workers to connect online when they’re offsite provides tremendous benefits to businesses. However, this disrupts the old security paradigm where businesses were responsible for protecting customers only inside the walls of their offices. Yes, some endpoint security solutions include protection for mobile devices. However, these commonly revolve around basic security or mobile device management functionality.

What to consider when selecting a complementary solution:

Hosted solution

  • On-premise solutions  become inefficient once someone leaves the confines of the office with their device. A hosted solution is maintained 100% by the vendor, eliminating any associated maintenance time and costs for your managed service business.

Application visibility and control solutions

  • These are useful for monitoring and auditing internet usage habits, as well as enforcing company policies your customers may have regarding browsing the internet.

Web reputation

  • With most threats originating on the Web these days, protecting users while they surf the internet is critical. If users infect themselves through their Web browsing behavior it comes out of the MSP’s bottom line.

URL filtering

  • Most business owners I know would rather their employees spend their days working instead of browsing Facebook or their fantasy football line-up. URL filtering gives you the ability to offer that service to your customers and keep the owners happy.

3. Email security – On a daily basis, billions of emails are sent and received around the world, making this form of communication yet another vector for threats and annoyances to infect users. Even if a small percentage of them are malicious, customers are still vulnerable to a high volume of threats.

Features to consider for an email security solution:

Hosted solution

  • Simple Mail Transfer Protocol (SMTP) makes it easy to re-route mail through a hosted solution for pre-filtering, before it arrives at your customers’ mail servers. A simple MX record changed in Domain Name Servers (DNS) is all that is necessary to add an additional layer of security for your customers. Additionally, a hosted solution is maintained 100 percent by the vendor, eliminating any associated maintenance time and costs for your managed service business.

Industry-leading spam detection

  • Spam makes up a shockingly high percentage of overall email traffic, some estimates being 90 percent or higher. While spam detection capabilities have generally improved across the board, it’s still important to select a proven vendor.



  • This one is pretty self-explanatory these days, thanks to Edward Snowden. Having the option to enable/disable email encryption per customer gives you maximum flexibility to cater to your customers’ needs.

4. Cloud Applications – More and more customers are migrating their line of business applications to the cloud thanks in large part to companies like Microsoft, Google, and Dropbox. While these companies may provide some baseline level of security for their applications, they are not security experts.

Some things to consider when it comes to protecting cloud applications

  • Just because it’s a cloud application, doesn’t mean it’s safe. Applications like Office365, Dropbox, Box, Google Drive, Sharepoint and OneDrive still need extra protection from advanced threats that would otherwise be missed.  In 2016, Trend Micro Cloud App Security blocked over 10 million threats that were missed by the native security in Office365.
  • Cloud applications also prevent a data leakage threat. Make sure the solution you choose can address and prevent data leakage.

Leave a Reply