Just how do you convince clients, happy with your other managed service offerings, to buy into security as a service?
An unsecure customer risks playing Russian Roulette with its own data, but you also have to consider whether the lack of security could also negatively impact you as a managed service provider (MSP)—in terms of legal liability, resource wastage, and brand reputation. Although your client contracts can minimize legal liability through clauses regarding security, enforcing your contract clauses comes at a financial and reputational cost. The former can get out of hand if you are caught up in the investigatory process, despite not actually providing security services to the reluctant client. Reputational damage also impacts your bottom line, given that your embarrassed customer organization will be likely throwing blame in every direction except internally. The social media machine soon starts grinding when a breach is made public and can be very hard to stop.
Educating customers on the benefits of buying into managed security services is key to your own good standing as well as that of the organization concerned. So where do you start? At the beginning, with threat denial syndrome, is the obvious place.