What is an MSP?
A managed service provider (MSP) delivers network, application, system and e-management services across a network to multiple enterprises, using a “pay as you go” pricing model. A “pure play” MSP focuses on management services as its core offering. In addition, the MSP market includes offerings from other providers — including application service providers (ASPs), Web hosting companies and network service providers (NSPs) — that supplement their traditional offerings with management services.
What we do is worry about your technology so that you can focus on your business. We can manage your entire technology infrastructure most often at a lower cost than internal staff, or we can supplement your existing staff so that they get the power behind not just hiring one extra body but getting the benefit of the talent and training of over 650 qualified technicians.
What is an MSSP?
An managed security service provider (MSSP) provides outsourced monitoring and management of security devices and systems. Common services include managed firewall, intrusion detection, virtual private network, vulnerability scanning and anti-viral services. MSSPs use high-availability security operation centers (either from their own facilities or from other data center providers) to provide 24/7 services designed to reduce the number of operational security personnel an enterprise needs to hire, train and retain to maintain an acceptable security posture.
In addition, MSSPs assist with helping to keep your business in compliance with State and Federal Regulations like HIPAA, PCI-DSS, SOC, ect.
What is the difference between a MSP and a MSSP?
A MSP, at its fundamental level, is very similar to a normal internal information technology department. They cover all facets of technology based on the individual MSP organization’s capabilities.
A MSSP, functions a little differently in that it is focused on a single aspect of technology with engineers that are finely tuned and educated for that purpose, which in this case is security.
A prime example to demonstrate the difference would be looking at a firewall for your organization as both a MSP and a MSSP:
A MSP would do the research, create the specification, quote, purchase, install and configure that firewall. They would then maintain it with software updates and monitoring the log for any potential failures. This of course is based on having a monthly managed contract that covers the firewall entity.
A MSSP, looks at the firewall completely different. While the security engineers have the capability to perform the steps that the MSP did, the security engineers are more focused on testing the actual protection that the firewall delivers. This does not mean that the firewall that the MSP purchased and configured is faulty, but any firewall once configured and ports are opened becomes vulnerable to attack. Security engineers take on the role of a hacker and based on contractual arrangements test your security on a monthly, quarterly or annual basis.
Using the results from these tests, the security engineers are then in position to provide guidance and proposed remediations to protect the organization itself. This also includes making sure that the organization is following the proper steps and guidelines for any regulatory laws that they fall under.
Longevity Technology is uniquely positioned to offer both the services of a MSP, under the guidance of a veteran in the industry, but also the services of a MSSP, under the guidance of a former active-duty crypto technician in the United States Marine Corps and former Director of Cybersecurity and Security Research with an awareness and educational organization created by legislation and signed by Gov. Rick Scott of the state of Florida.
What are Best Practice Standards and why do they matter?
Let’s first discuss the technical aspect of the definition of a best practice:
A best practice is a technique or methodology that, through experience and research, has proven to reliably lead to a desired result. A commitment to using the best practices in any field is a commitment to using all the knowledge and technology at one’s disposal to ensure success.
So now that we have an even playing field on the definition of a best practice, let’s start to answer why they are important to your organization. Just like in any business there are defined ways to accomplish reliable results in a consistent manner and we in the technology field turn these into best practice policies and procedures. It is our commitment to our client that we apply these best practices as they fit into their organization as consistently as possible and as often as possible, because these best practices, once implemented, have a historical and statistical track of preventing downtime and discovering issues before they become issues. They also provide well documented and well tested set up and configuration scenarios for most technology, so that you as the client are not in a position of being the guinea pig testing some new idea.
What is the purpose of a “Proactive“ time block?
A proactive time block is probably one of the most important time blocks that you can purchase. During a proactive time block, whether remotely or on-site, is the time in which your assigned network administrator performs best practice tickets that have been created based on reviews of your environment. It is these best practice tickets that lead to a stable and functional technology environment that an organization can count to be reliable on a consistent basis.
It is also during this time that your network administrator will put on their detective hat, and review logs across all of your systems, check major applications for errors, check that your firewall is operating correctly from a configuration perspective and all sorts of other behind-the-scenes maintenance that the client typically does not see but is the single most important objective to maintaining a stable and operational environment.
What is the purpose of a “Reactive“ time block?
A reactive time block is designed for escalating active issues from a remote response to a nonscheduled on-site response. This is defined as a system having a problem that is first attempted to be resolved by remote means but these methods prove to be inadequate for the current situation and so we must dispatch your network administrator on-site, unscheduled.
The purpose of purchasing a reactive time block is that it is typically purchased at a reduced rate when pre-purchased than the rate that would be charged on the day of an event. Reactive time blocks that are not utilized our rolled over and converted into proactive time blocks for the next month to give longevity technology more proactive time with your network. We reserve the right to determine whether this rollover will be done remotely or on-site.
What is the difference between a “Proactive“ and “Reactive“ time block mean to me?
There is an extremely important difference between a reactive time block and a proactive time block, not just in what the purpose of the time block is but what happens when your network administrator arrives on site. Let me show this to you an example:
The typical 10 to 15 computer environments will purchase a four-hour when we do proactive time block with their monthly maintenance program. Now, remember based on previous definitions this is supposed to be a proactive visit. This is typically happening when you’re wider does not define the difference between the two:
- The network administrator shows up on-site with a proactive checklist that’s been tailored to your specific environment. During that time block they are required to review each item on the checklist and either greenlight the item, fix the item if there is an issue or create a best practice ticket if a senior engineer is needed to intervene.
- The network administrator sets up his or her equipment to begin and then they are suddenly rushed by employees who have “honey do lists”. Lists and items brought to our attention by the employee, and typically could have been handled through the service desk remotely, reduce on average the four-hour proactive visit by 50 to 75% of the time that was allotted for proactive work, meaning that the proactive work does not get completed unless the client wishes to buy more proactive hours which are not at the reduced rate. Again, based on experience, the client does not wish to do this, and the overall proactive environment starts to lose the stability and resiliency that comes from doing that proactive block time.
Believe it or not, this is the norm not the exception.