Performing network assessments can provide a range of benefits to managed services provider (MSP) businesses. Network assessment tools give you a clearer picture of your clients’ IT environments, enable you to compile a complete inventory of all devices on the network and their status, and allow you to identify potential risks. In 2020, as businesses were forced into supporting remote workforces, network assessments became even more valuable.
Victoria Rawlings, Client Manager, Consulting Services Group, with American Technology Services (ATS), a managed cloud services provider in Fairfax, VA, says that while some solutions providers experienced a slow-down during COVID-19 shutdowns, ATS was busier than usual due to a greater demand for network assessments and needs they revealed.
What is driving the need for network assessments among businesses with newly remote workforces?
Rawlings: With organizations, in some cases, being required to implement a greater mix of a BYOD (Bring Your Own Device) and corporate IT policies, it is extremely important to have a holistic view of all points of entry into an organization’s network as well as any potential vulnerabilities.
ATS performs several different types of assessments — how does each apply to a business with a remote team?
Rawlings: We perform vulnerability and penetration assessments, compliance assessments and IT assessments for businesses with remote teams:
- Vulnerability and Penetration Testing. Dependent upon the nature of their business, certain companies may become larger targets for attacks. Our vulnerability and penetration test (VAPT) proactively exposes areas in which a client may have previously presumed was secure but due to a multitude of reasons has become a direct opportunity for an attack, for example, patches and updates needed or expired licenses and certificates.
- Compliance. It is understandably easier to ensure compliance with an assessment, especially when your entire or mass majority of staff are working offsite. Knowing that all devices connecting to the internet are doing so through a secured wireless connection is one example. However, this seemingly simple compliance requirement becomes far more difficult to control when staff members are connecting to the internet via their individual home solutions. By conducting an assessment while a client’s full staff is remote, we can provide a real-time gap assessment of practices or areas potentially bringing them out of compliance.
Understanding the current level of implementing MFA (multifactor authentication) is another direct example of why a compliance assessment is so important during the time a business is operating remotely. Once again, as all staff are working from their homes, businesses have an increased need to ensure only those authorized and fully verified are accessing their corporate/organization systems and/or networks.
- IT Assessment. Due to the COVID-19 pandemic, businesses across the world have found themselves in a position in which they are required to immediately re-evaluate their current IT roadmap, or immediately devote resources to develop an IT roadmap. Having a comprehensive assessment of the overall infrastructure and networking provides a company a roadmap of needs based upon criticality. This not only ensures technical needs are properly addressed but allows for proactive budgetary planning. As the work-from-home-model has recently become the “new norm,” and may continue to be for the foreseeable future, proactive planning has quickly become a higher priority. The prioritization of providing sufficient equipment that allows for an ease of transition from onsite to remote work directly correlates to the level of importance an organization dedicates to the health and well-being of staff.
How can an MSP conduct an assessment when all workstations, devices, infrastructure isn’t under one roof?
Rawlings: Although an organization’s staff may all be working remotely, we still have several ways in which we can conduct a comprehensive assessment. Dependent upon the incoming client’s setup (i.e., fully SaaS-based, on-premises, or hybrid) we can make use of network scanning tools, verify devices connected via VPN (virtual private network), or utilize their AD (Active Directory). Of course, each assessment may present unique challenges, especially when you have all workstations and devices operating from individual’s homes, but this kind of challenge is one that we eagerly take head-on.
In general, what types of opportunities are network assessments revealing for MSPs?
Rawlings: During the past three months, conducting assessments have revealed a multitude of additional services needed and/or current services, which may need to be revamped. For example, soft phones as replacements for physical desk phones, additional VPN licenses, the ability for an increased number of users to concurrently access an RDP server, upgraded O365 licenses, and the overarching critical capability for remote collaboration. We shared a checklist for remote work on our blog.
As an MSP, we have a professional responsibility to our clients to ensure they can provide the flexibility, security, and ease of access necessary for their employees to perform their jobs. This is not about focusing on a potential upsell or creating new business opportunities; it is about utilizing the knowledge, skillsets and experience of our staff to prioritize the health and safety of each client and their employees.
You May Never Experience a Better Time to Communicate Value
Rawlings added that when the ATS team talked with clients, there was minimal pushback about conducting a network assessment and addressing issues it revealed. “They instantly understood the value,” she says.
Forced into supporting remote work, a business recognizes the importance of investing in an overview of their network and, in some cases, accelerating their IT roadmap. “They’re telling us, ‘Now we understand what you’ve been preaching,’” she says.