Let me start by saying that you will be hard-pressed to find another profession with as many acronyms as we have in IT. I will run through several must-know IT acronyms for business owners. To complicate things further, there are often 2 or more meanings for the same acronym, and we need to figure out what is meant by the context. An analogy would be – have you read vs did you read, as you read that (pardon the pun) you knew how to pronounce each word based on the context, similarly, in IT some acronyms change based on context. One example is POE, which depending on context can be Point of Entry, Power over Ethernet, or a joke I came up with in my helpdesk days – powered on even?
Another example and one that hits close to home is SOC (1 or 2) vs SOC vs SOX. SOC (1 or 2) are types of certification performed by CPAs to verify the presence of various finance, IT, and Security Controls. SOX is short for Sarbanes–Oxley Act of 2002, a law passed regarding compliance and reporting for public companies. Lastly, my favorite is SOC, which is short for Security Operation Center. Mix up one soc or other sox with your socks and you are bound for a very confusing day.
Small Businesses often outsource IT and related work to 3rd party companies to take advantage of economies of scale. A small business simply can't afford to hire engineers with all the necessary skillsets, developers, IT Security Analysts, and so on. As such, business owners and managers need to understand exactly what is and is not covered by a specific contract and type of company. Just like you wouldn't buy a sports car and expect it to function as a pickup truck, you can't expect one vendor to do what another vendor specializes in unless you have it specifically noted in your contract that they will perform these functions. The worst mistake a small business can make is to assume their providers are handling everything.
First up we have the broadest category of provider, the "jack of all trades". First up is the MSP. MSPs (Managed Services Providers) are essentially outsourced general IT teams. They have staff specialized in networking, server maintenance, and upgrades as well as a support staff that handles helpdesk functions. MSPs typically have NOCs (Network Operation Centers), staffed with analysts or support staff to review alerts such as ISP (Internet Service Provider) outages, downed servers, flood and temperature alerts, battery backup (UPS) failure, and other infrastructure services. MSPs typically provide no specialized security support or plan but they are knowledgeable in how to deploy systems in accordance with best practices for reasonable baseline security.
MSSPs (Managed Security Services Providers), MSSPs are experts in log monitoring and review. Think of a MSSP as analogous to a central station responsible for your business security alarm. They are experts at reviewing logs and finding the needle in the haystack as far as threats go. They generally work by installing appliances on-premises at the small business, and special connections to various cloud services to aggregate logs into a sophisticated system that is monitored by analysts. MSSPs generally staffs a SOC (Security Operations Center), these are filled with analysts working 24/7 (often in a follow the sun model, meaning they are dispersed around the world). These analysts review logs and flag suspicious activity with the help of machine learning algorithms and manually investigate alerts based on severity. MSSPs typically do NOT support networks, computers, end-users, or troubleshoot any hardware or software. They simply provide security oversight, identify problems, and make recommendations. Depending on the technology they use and your contract they can take active precautions such as interrupting communication with malicious IP addresses or simply alert you and allow you to make the decision on what to do. Lastly, some MSSPs include Incident Response in their monthly plan, though most do not fully cover the cost, and clients who experience a breach are likely to face additional fees after remediation.
VARs (Value Added Resellers) are focused on adding services to existing products that may require expert support, configuration, or oversight. Typically, a VAR will add services to an existing product to round out the offering. In some ways, they can be thought of as the distributors of the IT world and some vendors work exclusively with VARs and other resellers to avoid dealing with small license distribution numbers, management, billing, and support. VARs traditionally cater to businesses with existing IT teams and provide economies of scale, allowing those businesses to purchase licenses intended for businesses above their size. In other cases, VARs may cater to businesses too small to need a full MSP offering but require assistance with several pain points.
So, where does Iospa Tech fit in? We are a cross between a MSSP and a VAR. Our focus is IT security for startups and small businesses. We accomplish this via two key pathways. We offer a fully managed route for clients without existing technical staff or vendors, the turnkey model. We are also aware that many of our prospective clients have been in business for a while and may have systems already in place. For these clients we function as a Security VAR, adding Security to their existing setup using the Value-Added approach.
Our key focus is MDR (Managed Detection and Response) which bundles Advanced AV with EDR (Endpoint Detection and Response) with our experience in Incident Management and Response. We partner with MSPs to create a better, value-driven, offering for our mutual clients. MSPs provide the day to day to support and we provide security implementation and management as well as assist with compliance and risk management. The MSP provides backups and we provide malware protection and Incident Response. The MSP moves clients to the cloud, we help our clients secure their new workflows and data. This side by side collaboration allows each partner to focus on their core competencies and provide supplementary services to our clients.