Tuearis vs. MSPs
We at Tuearis are proud to have a number of Managed Service Provider partners that excel at providing IT support to their clients. MSPs can be very beneficial to businesses that prefer to have IT professionals from outside of their organization manage the technologies they employ.
However, MSPs often lack security expertise to justify some of the claims they make to their clients regarding the cybersecurity condition they find themselves in. Numerous times we have been engaged to do Incident Response for businesses that had been assured they were "secure" by their MSPs. Firewalls and antivirus are the norm for MSPs to manage... so what happened? And how is Tuearis different than an MSP? After all, it can sound the same in many contexts. For instance, Tuearis offers Firewall Management just like the MSP in question, and could even be using the same device. How is one different from the other?
Before we begin, consider this: enterprise businesses have separated cybersecurity from general IT. Chief Information Officers (CIOs) now commonly have a counterpart in the C-Suite, the Chief Information Security Officer (CISO). If IT generalists are perfectly capable of overseeing security, why the change? And why has the news been filled with successful ransomware attacks and breaches against MSPs around the country lately?
To put it plainly, Tuearis is focused on security only, with security professionals at the helm, and are (on the Managed Security side, at least) acting as the cybersecurity team for the organization rather than simply providing technologies and licensing. Here are a few things Tuearis provides that MSPs can't.
Tools are only as good as the people managing them, and when it comes to cybersecurity this lesson certainly applies. Tuearis' security professionals are constantly examining new technologies and, as advancements in the industry are made, displacing outdated tools in our technology stack. When it comes to implementing those tools, these same professionals are able to navigate the pitfalls that many non-security specific IT professionals are unaware of. When people specialize in security they simply know more about how to do it well than a generalist is capable of.
IT is huge. There are so many specific fields that it is impossible for generalists to know everything, much less be aware of the latest changes in the threat landscape. However, Tuearis has relationships and intelligence sharing within the security community that keep us apprised of what is happening. We then are finding ways of turning that intel into actionable defensive measures as quickly as possible, to the benefit of our clients. Security is our life and since it is ever evolving we know that threat intelligence is a major part of our day to day success. MSPs simply cannot keep up with all of what is going on in this space while they are managing the countless technologies in their clients' networks.
95% of MSPs take a security tool (such as a firewall) and drop it into the environment using the factory configurations, configure a couple of small things to enable network connections, and walk away. "Managing" that device means simply keeping the license and firmware up to date (and you'd be amazed at how often we find that has not been done).
But Tuearis is different. More advanced license sets are used on deployed firewalls which enable the use of more advanced configurations. Then, security professionals configure the device and design policies to provide a much greater level of analysis and defense. Besides that, the policies on client firewalls are reviewed at least twice per month to update them based upon the latest threat intelligence (and often times much more often). This is an ongoing work to keep the client environment as secure as possible and is far different from the firewall management that MSPs offer.
When security alarms are raised in a client environment, the Tuearis team is able to investigate the alarms and, based on our threat intelligence, have the ability to determine what should cause concern and what is a false alarm. Not only can MSPs hardly investigate alarms at all, they are at a serious disadvantage in determining how serious an alarm is.
Tuearis also provides Incident Response to our clients as part of a Managed Security offering (or even as a stand alone engagement). Our IR team is able to perform remediation on security incidents to keep our clients whole and focused on their business operations. MSPs aren't typically capable of performing Incident Response and must look outward to IR teams for this need. Why not just have us there, ready, all of the time?
MSPs can be great for your business! However, they may not have the expertise to deliver the promises of security that they often offer to their clients. If you are ready to have security professionals working alongside your MSP or on-staff IT team, Tuearis is anxious to help!