5 Questions to Ask Your Managed IT Provider

By partnering with an IT provider like a Managed Service Provider (MSP) or a Managed Security Service Provider (MSSP), your business can offload technology-related tasks and focus on core business operations, ultimately saving time, reducing costs, and improving overall efficiency.

That said, while your managed IT provider can help run mission-critical services for your business and handle day-to-day IT operations, around-the-clock cybersecurity requires its own set of skills and resources that not all IT providers have. In fact, the number-one time waster among technology teams is managing security alerts¹. 

While some IT providers can manage a general security program efficiently and effectively, for others, it can make sense to supplement their capabilities with the proactive threat detection and rapid response offered by a specialized Managed Detection and Response (MDR) service.

Here’s what you need to know about the types of managed IT services available, how they differ, and the questions to ask to make sure your business is protected from modern threats.

Understanding Managed IT Services

When it comes to understanding managed IT services, it’s essential to differentiate between MSPs, MSSPs, and MDR providers. 

Managed Service Providers (MSPs): MSPs focus on proactive IT management to help businesses maintain efficient and reliable IT infrastructure. They typically handle tasks like network monitoring, software updates, and system maintenance, offering a range of services to optimize IT operations and minimize downtime. 

Bottom line: MSPs enable small businesses to outsource IT needs, allowing them to focus on core business functions while ensuring their technology runs smoothly and effectively.

Managed Security Service Providers (MSSPs): MSSPs specialize in cybersecurity services, aiming to protect businesses from evolving cyberthreats and vulnerabilities. They provide services like security monitoring, threat detection, incident response, and compliance assistance to help businesses safeguard sensitive data and maintain regulatory compliance. 

Bottom line: MSSPs play a critical role in managing and enhancing the security posture of small businesses, offering expertise and guidance to mitigate security risks and respond effectively to security incidents.

Managed Detection and Response (MDR): MDR providers focus on 24/7 monitoring to provide threat detection, incident response, and remediation services, identifying and neutralizing cyberthreats in real time. 

Bottom line: MDR providers enable small businesses to enhance their security defenses, detect and respond to sophisticated cyberattacks around the clock, and improve overall security resilience as an extension of their clients’ security and IT teams.

MSP vs. MSSP vs. MDR

While MSPs prioritize proactive IT management and support operational efficiency, MSSPs focus on protecting businesses from cybersecurity threats. MDR providers are specialists that focus on 24/7 monitoring, rapid incident response, and threat hunting on behalf of their clients to respond rapidly to threats. 

An MSP and an MDR provider could work together, with the MSP as the generalist and day-to-day maintainer of IT systems, and the MDR provider as the specialist providing 24/7 protection against acute threats.

Questions to Ask Your IT Provider About Security

Here are five questions to ask your managed IT provider to help you understand if you are getting all of the protection coverage you need, or if you could benefit from working with an MDR provider.

1. Does your IT provider offer 24/7 security detection, investigation, and response through a Security Operations Center (SOC)? While many IT providers want to provide the best security services they can to their clients, it can be cost prohibitive for a local provider to staff true around-the-clock protection in house without a SOC. A SOC centralizes security expertise with a dedicated team of security professionals who are available to respond immediately to an alert, 24/7. Since every minute can matter in a security incident, this model is your best bet against minimizing the impact of an attack. 
2. If your provider offers 24/7 coverage, are they the ones staffing the SOC? More than half of MSPs (66%) say they use a third-party vendor for MDR services, with an additional 15% delivering these services jointly through their own SOC and a third-party vendor². With a third-party model, quality of service may vary, complexity is increased, and remediation times are slowed.
3. Who is responsible for remediation, and are there any hand-offs required to address alerts? Top-tier MDR providers can fully remediate systems back to a pre-attack state without needing to hand off the task to another party (or you). In contrast, many legacy providers don’t manage remediation themselves, putting the burden back on your team to actually fix the issue.
4. What is the average time-to-contain an incident? When you’re being targeted by a cyberattack, every minute matters to contain an incident. A good provider can commit to under one hour time-to-contain and will boast about typical response times under 15 minutes. 
5. What Endpoint Detection and Response (EDR) is the monitoring service built on? Not all EDRs are equally capable of identifying and stopping threats. To maximize insurability, many firms are looking at adopting top-shelf EDR solutions. This Forrester EDR report is a great resource on the best EDR solutions.

At-Bay Security can work with your IT team to handle time-wasting security alerts, freeing up their time for projects that help maintain and grow your business.

How to Choose the Right MDR Service for Your Business

Shopping for cybersecurity services can be complex, but our comprehensive guide can help you identify your security needs, evaluate vendors, and understand which MDR capabilities best fit your business. Get your copy of the MDR Buyer’s Guide to learn everything you need to know about MDR services, the Endpoint Detection and Response (EDR) technology they use, and a checklist with the critical questions to ask when shopping.

Download the MDR Buyer’s Guide for Small Businesses → 

1. Driving a Proactive Cyber Strategy with InsurSec [Download Now] (at-bay.com)

2. https://www.channele2e.com/news/msps-struggling-to-keep-up-with-cybersecurity-challenges-study

The information contained is for general guidance on matters of interest only and is not intended to be construed as the rendering of professional services of any kind. If professional advice is required, the services of a professional should be sought.

At-Bay Stance MDR is provided by At-Bay Security, LLC, a wholly owned subsidiary of At-Bay, Inc., providing cybersecurity services including MDR and incident response. At-Bay Security, LLC does not provide insurance services.