Sophos is repositioning itself in today’s cybersecurity landscape. The company sees a greater role for Managed Service Providers (MSPs), to reach the desired level of security at organisations. The choice for a stronger focus on Managed Services is delivering, according to Channel Account Executive MSP Daniëlle Meulenberg for the Western European market. She has great confidence in the future.
Sophos has been involved in the cybersecurity world for decades, making it a reliable player in the market. For example, hundreds of thousands of organisations, mostly from the small and medium-sized business (SMB) segments, rely on endpoint and network protection from the British security vendor. The aim is to secure valuable company assets, usually data, with a complete set of services.
Role of the Managed Service Provider
Managed Service Providers are fulfilling a more important role in Sophos’ mission. Because Sophos works closely with MSPs, the company can reach a large group of SMBs. It is often more attractive for SMBs to turn to an MSP for their IT services, as they do not always have the time and resources to set up everything by themselves properly. An MSP does have that expertise and is happy to help other companies with their security.
Of course, the MSPs try to come up with the right solutions for the end customer. With the help of the partner, the wishes should be fulfilled. It could happen that an SMB+ or a large enterprise comes to an MSP that offers Sophos services. In that case, a conversation about what the company exactly wants in terms of security is needed too. The security is based on Sophos’ core products, but depending on the needs of a company, different components and gradations are scaled up. Larger companies therefore frequently appear as customers of an MSP, especially because, according to Meulenberg, they need a co-managed model in which an IT administrator of a company closely works with an MSP.
Endpoint and network security work together
To provide the best possible service to MSPs and end customers, Sophos opts for synchronised security. This actually refers to two different security approaches, the endpoint part and the firewall, working directly together and immediately anticipating incidents. If, for example, the firewall detects compromised machines, the firewall ensures that other machines are aware of this and can take action, like ignoring traffic from these machines.
If we take a closer look at this approach, we see that Sophos has a variety of firewalls. Think for example of an appliance that you place on-premise in an office environment or data centre, but also of a virtual firewall that is purchased via an MSP model. Depending on the needs, the appropriate firewall solution can be chosen for a company, so that only reliable traffic gets through to the company network.
In addition to firewall solutions, Sophos offers endpoint protection. Intercept X plays an important role in this respect. For example, this package includes services that know exactly how to detect and block ransomware and other types of malware. Again, depending on the needs of a company, additional services can be offered. For example, the additional security layer called Endpoint Detection and Response (EDR) can be purchased, which spot threats that are hard to detect and prevents breaches. There is also Managed Threat Response (MTR), a service that completely solves malicious activity without the interference of the user.
To ensure the firewalls and the endpoint protection work well, Sophos offers the management platform Central. From this console all products, services, the firewall and customers can be managed. Managed Service Providers and administrators can therefore work with all the tools and features they want from a single console. This also removes some complexity, because switching between different kinds of management consoles for security solutions is inefficient and time-consuming.
To simplify further, Sophos has also built a number of integrations with relevant products. After all, a company often do business with an MSP to purchase more services than just Sophos security solutions. As a result, many MSPs asked Sophos to integrate the services with Remote Monitoring and Management (RMM) and Professional Services Automation (PSA) software from various vendors. By now, the most relevant integrations have been built, such as Datto and ConnectWise, but Meulenberg emphasises the importance to continue building on this. The greather the number and extensiveness of the integrations, the better the MSPs can serve their customers. Everyone benefits from this.
Increase in flexibility and efficiency
According to Meulenberg, many MSPs ultimately choose Sophos because of the Central management console. This allows them to use a single management tool, which also improves their advice to customers. The security works as a whole; there is more visibility. MSPs usually go along with this ‘unified security’ feeling, although situations where they only purchase a limited number of services from Sophos also occur. After all, a Managed Service Provider might prefer a mix of products from different suppliers. In that case, Sophos tries to align the products as much as possible, so the desired experience is achieved.
In this respect, Sophos is committed to professionally serving MSPs. The company really wants to do business with partners who value quality. Good Managed Service Providers are like a CIO who, after making an inventory, draw up a plan to renew an organisation and remove concerns. Even after most initiatives have been implemented, it is important to strive for quality and accessibility. A client might call at 2 a.m. with problems, and the MSP has to be ready for that. To support this, Sophos itself also strives for 24/7 support and offers its MTR service.
Another pillar which Meulenberg thinks that contributes to the relationship with MSPs is the flexibility and efficiency offered by Sophos. Companies generally only want to make short-term investments into the IT field, where they can make monthly payments and have the freedom to scale up and down. If the customer wants to invest for 12, 24 or 36 months, Sophos supports this as well. In reality, most companies prefer monthly contracts. If customers indicate they no longer need the virtual firewall, for example, it will be switched off and the licence costs will no longer be charged.
Growth in MSP area as a sign for a bright future?
Meulenberg is enthusiastic about the path the company has taken. According to her, the monthly model that was introduced at the end of 2016 has led to an enormous growth: “It has gone up like a hockey stick.” Since last April, for example, there has been a 56 per cent growth in MSP billings, and a 30 per cent growth in the number of MSPs supported. And Sophos’ expectations in this area good as well. We look forward to seeing how Sophos will develop further in the field of Managed Services.