With recent changes to MDR providers we are seeing MSP looking for cost effect MDR solutions for their SMB customers. It seems every other vendor is offering their own MDR.

To combat threats, IT security needs to be a shared responsibility between both MSPs and their SMB customers. Despite knowing this, many businesses are still missing critical puzzle pieces when building their security infrastructure.

Building a tall castle wall to keep attackers out is like piling on preventive solutions. As threats become more sophisticated, organizations tend to increase the height of the wall by adding more preventive security measures to deter attackers from breaching it. However, the unfortunate reality is that attackers often find ways to bypass, climb over, or break through the wall. Once they successfully infiltrate, preventive tools lose their effectiveness, which is where detection and response solutions come into play.

While many small businesses believe that prevention alone is sufficient, relying solely on antivirus software, for instance, cannot accurately identify the presence and location of persistent threats lying in wait for the opportune moment to strike. Antivirus tools are designed to prevent threats from entering but cannot "know" if they have been deceived. This is precisely why persistent threats pose significant dangers. Once they penetrate the perimeter defences of preventive solutions, attackers can lurk and hide in plain sight while strategizing their next moves. Meanwhile, antivirus and other preventive tools continue to operate under the assumption that everything is secure. The moral of the story is to not solely focus on preventing attackers from gaining entry but also address other vulnerabilities in your security infrastructure.

 

When hackers manage to infiltrate, it becomes crucial to detect and eliminate them before they can execute their attacks. Managed detection and response (MDR) serve as a crucial link in this process, aiding in the swift identification of attacks and the implementation of appropriate measures to prevent or mitigate damage. MDR services are specifically designed to detect and respond to malicious activities and bad actors. Instead of relying on predefined definitions, MDR actively searches for indicators of embedded vulnerabilities and continuously monitors for hidden and persistent threats. MDR is most effective when combined with the expertise of human analysts who can actively hunt down cyber attackers who have already breached your perimeter and swiftly neutralize them. This combination makes MDR a powerful weapon against both known and unknown. 

What to look for in choosing a MDR provider? Cost obviously, but they should also reduce your overhead. They should integrate with your current security platform and be forward looking, innovative, and enable you to offer a new service or revenue stream.

 

 

The MDR that is meeting all these requirements and is assisting many of our partners to offer these services is Huntress. Huntress MDR protection for Microsoft 365 includes constant monitoring by the Huntress security operations centre with the ability to remediate compromised accounts, often with a single click. Key features of the service include active monitoring of Microsoft 365 Active Directory logins, configuration, and email rules, as well as detection of indicators that identities have been compromised and instant lockdown capabilities.

Huntress notes that with an estimated 345 million users, particularly across small to medium enterprises, Microsoft 365 is becoming more actively targeted. A recent survey of midsized businesses found that 61% reported having no dedicated in-house cybersecurity expertise. That’s where Huntress steps in to address the critical cybersecurity resource gap.

While Huntress is only available directly it is a great complimentary solution that allows MSPs to scale their Microsoft security offering without the burden of standing up expensive resources.