profile

Evolved Management

How paranoid is your client security posture?

Published about 1 month agoย โ€ขย 1 min read

Reader

You know your client security posture needs to be strong, but how do you know what is good enough?

Security is a sliding scale.

It's a constant battle between cost and security. Sure, you could throw crazy amounts of money at the problem, but in what case is that necessary?

Your clients don't have an enterprise-level budget to dedicate to security.

As a former Citrix administrator I used to fight a similar battle on uptime. How much was enough to keep the systems up?

How much downtime was the business willing to tolerate?

In some cases, 2 hours wasn't that big of a deal. In other companies, 20 minutes costs them tens of thousands of dollars.

This is where the five nines conversation came in.

Executives would tell me they want five nines of uptime (99.999%).

"Sure you can have five nines, but it's gonna cost you X." I would tell them.

They would often deflate and say, "Oh... well... maybe three nines will do."

๐Ÿ™‚

It's the same in security. Having a strong posture is critical for everyone's protection.

99.999% protection often isn't necessary, though.

No one wants to have a breach, but isolating a workstation and dealing with it afterward is A LOT cheaper than active countermeasures.

I would encourage you to invite clients into that decision.

How much security is enough, and what are their risk tolerances?

If you discover they have a very low risk tolerance, great! Work with them to develop a more advanced solution. Worst case, they have a better understanding of what they pay for, and the realities of breaches happen sometimes.

โ€‹

โ€‹

โ€‹

โ€‹

โ€‹

โ€‹

โ€‹

โ€‹

โ€‹

โ€‹

113 Cherry St #92768, Seattle, WA 98104-2205
โ€‹Unsubscribe ยท Preferencesโ€‹

Evolved Management

Todd Kane : MSP Operation Nerd

Join the 2000+ IT services people that enjoy my weekly newsletter. No Fluff, all good stuff! Industry insights, leadership thoughts, practical advice to help you.

Read more from Evolved Management

Reader, did you know that last year I accidentally deleted my YouTube channel? Yeah, it was a sad day. Luckily, I hadn't invested heavily in the channel, so it was a frustrating and annoying loss, but not a catastrophic one. Many of the edited videos are unrecoverable. I've been reviewing some of the raw recordings I've saved to see what I can restore. I'm not one of those people who hate hearing their own voice or seeing recordings of themselves. I used to make home movies with friends as a...

1 day agoย โ€ขย 1 min read

Hey Reader, when was the last time your sales team had to explain their metrics the way your help desk does daily? Does that same level of scrutiny apply to other teams in your company? In many MSPs, I observe this odd situation where the expectations of the help desk teams are very high. There is extreme scrutiny of performance and plenty of corrective feedback based on client feedback or other sources. Meanwhile, the project, sales, and admin teams are left to do their thing without much...

16 days agoย โ€ขย 1 min read

Hey Reader I rant about how useless the word busy is all the time. I love this fantastic visual representation of what busy vs. productive looks like. Don't try to hero your way through your work. When you're feeling overwhelmed, it's not the time to do more. It's time to stop, step back, reflect on your priorities, and start creating more proactive time for the important tasks you have on deck. Being able to measure your progress and point to your achievements is far more important than how...

23 days agoย โ€ขย 1 min read