carbonite logo

Commonly searched topics:

backupcloud backupaccount sign in

Article · Sep 17, 2019

Next level conversations: How MSPs can educate SMBs

Color illustration showing the buildings of small and medium-sized businesses in a secure cloud.

Selling security to SMBs – industry insiders will tell you—isn’t always easy. For starters, some businesses see cybersecurity as a cost center, instead of an investment.

But that’s changing.

There is an increased awareness among SMBs about bolstering cybersecurity efforts, with 79 percent planning to invest more in cybersecurity within the next year. That’s according to a recent report sponsored by Boston-based IT management firm Continuum.

Additionally, cybersecurity has become a determining factor in whether an SMB is likely to use and continue to use an MSP, the report found, with 93 percent respondents saying they would consider moving to a new MSP if they offered the “right” cybersecurity solution. That’s good news for MSPs.

So, what should MSPs do next?

What should SMBs know about security

Most MSPs can step in and educate customers and potential customers about the current threat landscape and delineate why investing in cybersecurity has become a business imperative.

As you start talking to customers about internet security, endpoint protection and how failing to invest in a comprehensive data protection strategy can impact business continuity, it’s best to focus on some key areas.

Here are three topics you can talk to SMBs about -- no matter their level of IT sophistication -- and delineate why they should consider these when evaluating security vendors with their MSPs.

1. Ransomware threat level rising for SMBs

With more than 70 percent of ransomware attacks now targeting SMBs, protecting against ransomware is one of the biggest challenges that SMBs currently face.

Talk to your customers about how you can help them create a ransomware response plan that includes detection, cause assessment, recovery, and prevention.

Educate them in ransomware infection attack vectors like RDP and spam emails and how adopting simple but effective measures like not leaving RDP ports open to the internet and disabling macros can help. 

As ransomware gets more sophisticated, it is of utmost importance that SMBs have the ability to restore their database to a point in time with reliable cloud backup and recovery software. 

2. Adopting a multi-layered security approach

In an era of sophisticated cyber threats, having a firewall and antivirus software aren’t enough. It is important for SMBs to embrace a multi-layered security approach, which refers to combining multiple mitigating security controls to protect data and operations on multiple layers. Remember, your customers don’t want or need to become security experts. So relaying this information in easy-to-understand language is helpful.

  • Talk to SMBs about how solutions that incorporate artificial intelligence (AI) and machine learning (ML) can help future-proof their networks. Educate customers on how zero-day attacks can impact business continuity and how AI/ML are necessary for stopping zero-day threats that exploit unknown computer security vulnerabilities. With new strains of malware emerging every few seconds, the need for investing in automated threat detection and response has become imperative to not just stop threats but also predict and prevent them.
  • Next is the DNS layer. Talk to your customers about why securing the DNS layer has become a fundamental network security measure. According to a recent report, businesses experienced an average of nine or more DNS-based attacks in the last year. Delineate how DNS attacks can cause business damage in terms of downtime and financial loss.
  • Make sure to talk to SMBs about how network segmentation, a step that limits the type of network access that certain users, or devices may have, by dividing the network into sub-networks -- can help restrict the amount of damage malware can cause, by containing threats. It can block the transfer of malware from end user systems to core systems housing sensitive data.

3. Educating end users

Finally, remember to talk to your customers about the value of security awareness training that Webroot™ offers within their product.  This gives IT managers and SMB owners the value of in-house security training without having to hire or contract and expert.

But, with cyber attackers frequently changing their attack strategy, security awareness trainings need to incorporate those changes into simulated phishing attacks and training courses.

Businesses look to MSPs for comprehensive and cost-effective solutions. With the global managed security services market expected to exceed $45 billion by 2022, MSPs need to offer their clients a well-rounded cybersecurity solution to keep SMB businesses running smoothly.

As you begin to embrace a proactive security approach, it is imperative to backup sensitive data to ensure business continuity. Investing in a cloud backup service like Carbonite™ will ensure your data is securely backed up.

To find out more, Click here


Mekhala Roy

Mekhala Roy is a writer on the Corporate Marketing team at Carbonite. A former journalist, she blogs about Carbonite happenings and cybersecurity.

Related content