Managed Service Provider

Top Tips: Choosing a Managed Service Provider

Choosing a Managed Service Provider is one of the most important decisions your business makes. Once you’ve entrusted your technology to an MSP, it will be difficult, time consuming and costly to move. We have put together these top tips to help you choose the right partner.

The right portfolio and scalability

A quick Google search can find multiple MSPs but finding one with the right portfolio that can meet your specific business needs, plus has the breadth of service portfolio to grow with you, can be more difficult. Are you looking for specific skill sets and a technology portfolio that will drive your business forward? WTL is an experienced Solaris and Linux specialist and can drive real transformation in your business. When coupled with a deep understanding of your business and your specific challenges these are hard to find qualities.

Provides SLAs that meet your requirements

When looking for an managed service provider, the SLAs they offer will be critically important. Do they match what you are looking for? What happens if the MSP doesn’t meet the SLA’s? Are there any financial incentives? It is important to choose an MSP who puts its money where its mouth is.

When negotiating a contract, is the MSP flexible and willing to consider something that isn’t standard? The level of flexibility that is evident at this stage could be an indicator of how accommodating the MSP will be once you’ve been onboarded.

Expertise, qualifications and accreditations

It might sound obvious, but a quality MSP needs to have the right qualifications and should keep these up to date. Don’t just look for standard accreditations, expect to see deep expertise in the latest technology; cloud, AI, virtualisation, mobility, security, networks, edge, analytics and more.

Accreditations demonstrate the MSP’s commitment and investment and should indicate that they are taking your technology needs seriously. WTL holds all the most current certifications for Solaris, is a Red Hat Ready partner, Oracle Gold Partner, an Enterprise Solution Provider for VMware, a Silver Veeam ProPartner, and many other leading technology accreditations.

Culture and values

Does the MSP share the culture, ethics and code of practice of your own business? If this is to a long-term, mutually respectful partnership, your MSP should hold the same values and be committed to helping you to achieve your goals.

You need a partner that will evolve with the wider marketplace, utilising the best technology and the best services for your business. Not one that will get comfortable and forget about innovation. WTL partners with the leading vendors and is always seeking out innovation that will drive real business benefits for you.

Meet the team, ask to see the company handbook, do some research on Glassdoor, and find out more about the culture of the partner you are considering.

Best Practice Policies and Procedures

Ensure the MSP utilises industry best practice across the organisation. MSPs that adhere to common frameworks ensure that the right processes, people and systems are in place to help you meet your business objectives. WTL holds the recognised ISO27001 and ISO9001 certifications for physical security and quality processes.

MSPs should be able to detail its processes and policies to you, providing full visibility and transparency.

Security

As with policies and procedures, cybersecurity concerns will be high on your list. Look for best practice frameworks and inspect security policies and procedures which cover monitoring, detection, incident logs, remediation, risk management, patch installation and incident response processes. Ask the MSP to demonstrate compliance with regulations and to ensure that your data will be stored in accordance with the security requirements that the industry demands (PCI DSS, HIPAA etc) and with wider data protection regulations.

WTLis a Cyber Essentials approved partner, demonstrating its commitment to an industry standard cybersecurity framework and offers customers a high level of systems and data security and governance.

Word of mouth

Ask to speak to at least one or two existing customers who share your business transformation goals and some common demographics or use your own network to verify the partner’s reputation and reliability. You’re looking for an honest appraisal, that you won’t find by looking at a brochure or website. There is no greater endorsement than a peer endorsement.

When you have satisfied all of the above, then you are ready to choose a managed service provider. WTL will provide references on request and can satisfy any due diligence questions you may have if you are looking for an experienced and trusted managed service partner.

Useful Links

Intercity Technology – Top 5 Tips for Choosing a Managed Service Provider

IBM : Top 10 tips for selecting a managed service provider

How to choose a Managed Services Provider: A 20 point checklist to choosing the right MSP for your business

Network security & cyber security in Birmingham & The West Midlands

The Rising Cost of Cyber Security Breaches

Technological advancements are undoubtedly changing the world for the better, with automation, AI, the IoT and cloud driving forward innovations across every sector. However, with this advancement comes greater risks as cyber threat actors use the same technology against individuals and industry for their own gain.

The 2019 Verizon Data Breach Investigations Report identified that 52% of breaches in the past year of those surveyed (17,300 incidents with 1700 actual breaches) featured hacking, 33% featured social attacks and 28% involved malware. Targets spanned all sectors and sizes of businesses. Small businesses were targets in 43% of breaches, 39% of all breaches were perpetrated by organised criminal groups and 56% of breaches took months or longer to discover.

These figures highlight the varied and indiscriminate nature of data breaches that businesses today face. But what are the implications of a data breach? According to Deloitte , firstly there are the well-known and more obvious effects, such as the costs and resource needed to undertake a technical investigation and improvements to cyber security defences required to protect customers and business systems as a result. Then there are the PR and customer notification costs and efforts required to ensure customers are not in the dark and reputational damage is limited. Then the compliance and legal fees that could be incurred. There may be regulators’ fines to consider, as with GDPR. The hidden costs lie slightly off radar and include increased insurance premiums, and reduced appeal to investors, plus the value of any contracts lost as a result of the breach. It’s hard to quantify the impact of operational disruption, but this can be devastating for some businesses. The company brand and name could be devalued as a result, valuable intellectual property could be lost, and customers could take their business elsewhere. The time taken to repair much of the damage done to the business can take years. Processes need to be redesigned and implemented and new cyber security programmes are an investment in time and money.

With all of the above to consider and calculate, it is not surprising that the global average cost of a data breach in 2019, as calculated by the Ponemon Institute, has risen by 1.5% in a year to reach $3.92m.

How can businesses mitigate the risk of a costly breach, with so many attacks happening and new vectors used, with the costs so high?

Businesses need to shift focus from a reactive security model to a proactive approach which seeks not to secure the whole perimeter but to reduce the size of the attack surface and increase security focus on apps and data which travel around the enterprise. This is in contrast to the traditional model of cyber security which focused on protecting the data centre. Organisations can better secure their apps and data by having a clear understanding of how they work and interact, then developing intelligent policies, access keys and secure rooms which compartmentalise the whole infrastructure, protecting each area individually and limiting the impact of a breach.

Real time and continuous breach detection and monitoring ensures that businesses understand exactly when something unexpected or anomalous is happening. This information can be triaged with other systems to trigger alerts or next actions. Emergency response plans can then be mobilised quickly and effectively to reduce the impact of a breach.

Finally, regular testing will identify any weak spots and provide the essential information that is needed to close any gaps and make changes to security defences.

Only by moving with the times and adapting to the latest threat actors will organisations be able to mitigate the risks associated with a cyber security breach.

WTL offer a range cyber security solutions which employ next-generation features to ensure you remain one step ahead of the cybercriminals.

If you’re ready to make some changes to the way you protect your business, please get in touch.

Useful Links

Deloitte Hidden Business Impact of Cyber Attacks

Ponemon Institute Cost of a Data Breach

Cyber Security

How to implement a multi-layered cybersecurity approach

We’re all enjoying the benefits of digital transformation, with artificial intelligence and data analytics moving into the mainstream and previously inanimate objects being connected and “smart”. As consumers we are now coming to expect the personalised, self-service or automatic nature of everything from banking to utilities and supermarket shopping. To keep pace with this digital revolution, businesses now need to modernise their data centres and utilise the flexibility and scale of the cloud, develop mobile strategies, incorporate social media into their everyday businesses and consider data analytics, IoT and artificial intelligence as viable, useful technologies.

However, these transformational technologies increase both the complexity of the IT environment and the number of entry points into the corporate network, which means a considerable increase in the risk of cyberattack.

In Symantec’s 2019 Internet Security Threat Report it highlights some frightening statistics on cybercrime, citing 1 in 10 URLs being malicious, web attacks up by 56% and a huge increase in formjacking, where customer data entered into a form is being illegally read by a piece of code and diverted somewhere it shouldn’t be going. Enterprise and mobile ransomware are also on the increase and supply chain attacks have skyrocketed. Malicious emails and malicious powershell scripts are also more prevalent.

With so many threats coming from every angle, our customers are increasingly looking for expert support and advice and we are delighted to announce that we have joined forces with the innovative cybersecurity experts, CyberQ Group, to offer a set of complementary technology services. CyberQ Group is an award-winning Cyber innovator and successful cyber security specialist, which uses artificial intelligence and automation to provide leading edge solutions including;

  • Continuous breach detection to provide real time threat intelligence and monitoring. Our Continuous Breach Detection Service (CBDS) dashboard provides clear metrics on and a heat map and displays alerts when an incident happens or if accounts are hacked and details the results of searches for customer data leakages on the internet.
  • Penetration testing helps customers identify weak spots or vulnerabilities in their infrastructure and gives customers all the information they need to close gaps in their security.
  • Security Operation Centre as a service (SOCaaS) is our 24/7/265 managed security service which identifies and neutralises cyber threats using specialist cyber professionals and a comprehensive network monitoring platform. This managed service allows customers to quickly mobilise enterprise class monitoring and cyber consultancy services at a predictable monthly cost.
  • Our Emergency Response and Readiness service gives customers access to a pool of skilled resources to deploy in the event of an emergency. The service turns an incident response plan into a proactive programme that can be deployed remotely or on-site to reduce the impact of an incident.
  • Virtual Chief Information Security Officer services allow customers to benefit from C level information security advice and guidance on a part time, ass required basis. The service will use frameworks to assess and analyse documents, policies and processes, to ensure compliance with regulation and legislation. The Virtual CISO ensures there is both a risk management strategy and a breach incident response plan in place. They will also ensure awareness amongst users and update access governance controls.

Useful Links

WLT Penetration Service Solution Services Guide

Continuous Breach Detection Service Guide

Security Operations Centre as a Service (SOCaaS) Guide

Emergency Response and Readiness Service Guide

Virtual Chief Information Security Officer as a Service Guide