MSP vs MSSP

There is some very understandable confusion between an MSP and an MSSP, but we’re here to help. While the names Managed Services Provider and Managed Security Services Provider are nearly identical, those services are complementary and do not overlap as much as the words themselves.

The more you know about IT services that can increase your company’s security and productivity, the better prepared you are for the challenges of running an organization smoothly. As always, knowledge is power, and we can explain what makes these two IT services distinct.

 

What is an MSP?

Gartner defines an MSP (Managed Service Provider) as delivering services, such as network, application, infrastructure, and security, via ongoing and regular support and active administration on customers’ premises, in their MSP’s data center (hosting), or in a third-party data center.

With the rise of internet-based companies in the Dot Com era, accessibility over the Worldwide Web granted companies the ability to manage and troubleshoot computer programs from remote locations. Companies appeared strictly to help others manage their programs and networks through a provided service, thus the name Managed Services Provider. Generally, an MSP maintains a Network Operations Center (NOC) to handle this workload.

In plainer language, an MSP keeps everything running smoothly inside the building so you can focus on other matters. You hire someone to take care of this for you, and thus free up your employees’ hours that would otherwise be spent on run-of-the-mill maintenance and patch updates.

 

What is an MSSP?

Gartner defines an MSSP (Managed Security Service Provider) as a company that provides outsourced monitoring and management of security devices and systems. Common services include managing security appliances, virtual private networks, vulnerability scanning, and endpoint detection and response.

Shortly after MSPs came into existence and began to manage the networks and programs of other companies remotely, hackers and malicious interests began exploiting the same channels for their own benefit and to the detriment of everyday companies. Internet service providers began offering their clients managed firewall appliances and services, which served as the beginning of managed security services. Over time, this has developed from simple firewalls and spam blockers to the modern MSSP approach, which includes Vulnerability Assessment / Penetration Tests (VAPTs), Security Information / Event Management (SIEM), and Continuous Security Monitoring.

Said another way, an MSSP keeps everything running smoothly from outside the building, making sure nothing gets in that shouldn’t get inside. There are forces out there that see the value in all your hard work in building your company and how smoothly it runs from the inside. Some of those forces see the value in slipping in through the cracks and holding your work hostage until a ransom is paid.

If you have any questions on the difference or similarity between the two from here, ATS offers both services. We’d be happy to chat!

Ben Bartolone is a Sales Representative at American Technology Services with a passion for guiding people through the tech landscape. You can reach him by email or on LinkedIn.