To completely secure a customer’s computing environment, managed services providers (MSPs) must first secure their own. It sounds obvious, but for many MSPs, practicing what they preach isn’t a high priority.
As a trusted advisor, an MSP promises service excellence, maximum uptime, and a secure computing experience. But what happens if and when the MSP is exposed to a data breach or hit with a virus or cyberattack such as CryptoLocker? The end result is not good for the company or its customers. And, it could cost the business everything it’s worked so hard to achieve.
So what’s an MSP to do?
First And Foremost: Be Your Own Customer
Show prospects and customers how your services are protecting your business and enabling your team to work remotely, for example, in a secure computing environment.
Assume Nothing, Document Everything
Second, when it comes to the customer’s IT security and data protection needs and services, assume nothing and document everything. Whenever you ask a new customer to sign on the dotted line, be sure there is a written and mutual understanding regarding your responsibilities — and theirs. This is particularly critical in heavily regulated industries such as finance, healthcare and retail — which not coincidentally are also among the sectors most often targeted by cybercriminals. Speaking of which, for those of you in healthcare, don’t casually sign a business associates (BA) agreement. This is a legally binding document that could hold you accountable for any data breach and non-compliance issues that your customer incurs.
Please log in or register below to read the full article.