MSP Decoder

A Managed Service Provider, or MSP, is an outside company that a business like yours hires to manage your IT infrastructure, typically on a fixed-price subscription basis.

We’ve been known by various other terms through the years, including “Outsourced IT provider” and “IT services provider,” but MSP seems to have been the one that stuck.

Unfortunately for practically everyone in our industry, most people don’t search for “MSP” when they look for a company like ours. They tend to look for “IT rescue” or “IT services,” depending on the urgency of the problem they’re trying to solve at the time.

We like this definition from gartner.com the best:

A managed security service provider (MSSP) provides outsourced monitoring and management of security devices and systems. Common services include managed firewall, intrusion detection, virtual private network, vulnerability scanning and anti-viral services.

Two-factor authentication (2FA) is an identity and access management security method that requires two forms of identification to access resources and data. 2FA gives businesses the ability to monitor and help safeguard their most vulnerable information and networks.

For reference:

The difference between two-factor authentication, 2FA, and multi-factor authentication, MFA, is that 2FA, or two-factor authentication, involves two sets of steps to identify a user. In addition, 2FA utilizes one-time passcodes that are time-sensitive to prevent identity theft. On the other hand, MFA, or multi-factor authentication, involves two or more steps or processes to identify a user.

Usually, businesses with high-level security (i.e., healthcare facilities, government agencies, or financial services) opt for multi-factor authentication versus two-factor authentication. Two-factor authentication helps add a layer of security to all your online personal and business accounts.

Business Email Compromise is a type of cyberattack where attackers use email to deceive organizations and gain access to sensitive information or funds. It typically involves phishing or social engineering tactics to impersonate trusted individuals, such as a company executive, vendor, or client.

In the simplest possible terms, “Business Continuity” means keeping the business running while dealing with a disruption or disaster of some sort.

A few years back, Hurricane Sandy took our area by surprise. Businesses caught in Sandy’s wake were stunned – and many were unable to get back up and running quickly, hurting their revenues and overall financial performance, as well as hitting them with unbudgeted expenses.

Clients with IBS on standby were able to get back online much more quickly than those who didn’t have a business continuity plan.

Business continuity planning is a part of incident response planning, comprehensive incident response planning, and generally included as a part of an IT Services subscription.

In addition to the coverage for cyber events as provided in the standard IRP (Incident Response Plan, explained elsewhere), the CIRP (Comprehensive Incident Response Plan) is a unique offering by IBS and additionally covers incident response planning for non-cyber disasters and disruptions.

With the CIRP, one policy/plan will cover most IT-related disruptions that could cause losses of revenue or unplanned expenses.

CISA, the Cybersecurity and Infrastructure Security Agency, is a U.S. federal agency responsible for enhancing the nation’s cybersecurity and protecting critical infrastructure. It operates under the Department of Homeland Security (DHS) and serves as the central resource for cybersecurity expertise, guidance, and response to threats.

CISA is integral to the U.S. efforts to combat the growing sophistication and frequency of cyber threats. It plays a key role in building resilience across public and private sectors and ensuring the safety and security of digital and physical infrastructure.

Day Zero Threat (or Zero-Day Threat) refers to a security vulnerability in software or hardware that is unknown to the vendor or public at the time it is discovered. Because there is no existing patch or fix for it, attackers can exploit this flaw to compromise systems, making it a highly dangerous type of threat.

The term “zero-day” signifies that the vendor has zero days to fix the vulnerability before it can be exploited. In other words, the threat begins immediately upon its discovery by attackers.

Desk-Side Support is a type of IT support service where a technician provides in-person assistance directly at the user’s workstation. It is typically offered within an organization to address hardware, software, or connectivity issues that cannot be resolved remotely.

Desk-side support is common in organizations with complex IT infrastructures, such as large corporations, government agencies, and educational institutions. It complements remote helpdesk services by addressing issues that require physical intervention.

Disaster Recovery is exactly what it sounds like – the plan and the steps needed to recover from a disaster, whether mild or catastrophic.

The disaster in question could range from a significant power outage to a building fire to a hurricane, tornado, or earthquake that renders your physical location unusable.

Gramm-Leach-Bliley Act (GLBA), also known as the Financial Services Modernization Act of 1999, is a U.S. federal law that regulates how financial institutions handle the private information of individuals. It aims to protect consumer financial privacy while allowing financial institutions to offer a broader range of services, such as banking, insurance, and securities.

Endpoint refers to any device that connects to a network and communicates with other systems or services. Endpoints are the “end points” of a network connection, typically used by individual users or systems to interact with data and applications.

Endpoints are often the most vulnerable points in a network because they interact directly with users and external environments. This makes them prime targets for cyberattacks, including malware, ransomware, phishing, and unauthorized access.

Examples of Endpoints:

• Computing Devices: Desktops, laptops, servers, and virtual machines.
• Mobile Devices: Smartphones and tablets.
• IoT* Devices: Smart TVs, sensors, cameras, and wearable tech.
• Peripherals: Printers, scanners, and external drives.

*IoT = “Internet of Things” which is another way to say “Devices that connect that aren’t considered to be computers, mobile devices, or peripherals.” Other common examples include the newer refrigerators that can send you your shopping list based on what it sees on the inside, doorbell cameras, and thermostats (think NEST).

The National Institute of Standards and Technology (NIST) is a U.S. government agency that promotes innovation and industrial competitiveness. It does this by advancing measurement science, standards, and technology to enhance economic security and improve quality of life. NIST’s work spans various fields, including cybersecurity, quantum science, and manufacturing. 

Specific to cybersecurity,

NIST plays a crucial role in enhancing cybersecurity through several key initiatives and frameworks:

1. Cybersecurity Framework (CSF): NIST’s CSF provides a policy framework of computer security guidance for how private sector organizations can assess and improve their ability to prevent, detect, and respond to cyber attacks. It is widely adopted across various industries and helps organizations manage and reduce cybersecurity risk.

2. Special Publications (SP): NIST publishes a series of Special Publications, such as SP 800-53, which provides a catalog of security and privacy controls for federal information systems and organizations. These guidelines are also used by private sector organizations to enhance their cybersecurity measures.

3. Risk Management Framework (RMF): The RMF integrates security and risk management activities into the system development life cycle. It helps organizations manage risks from information systems in a cost-effective manner.

4. Cryptographic Standards: NIST develops and promotes cryptographic standards that are essential for securing sensitive information. These standards are used globally to protect data integrity, confidentiality, and authenticity.

5. Research and Development: NIST conducts cutting-edge research in areas like quantum computing, artificial intelligence, and advanced cryptography to stay ahead of emerging cybersecurity threats.

These efforts collectively help organizations improve their cybersecurity posture, protect sensitive information, and ensure the resilience of critical infrastructure.

A Network Operations Center (NOC) is a centralized facility where IT professionals monitor, manage, and maintain an organization’s network, servers, applications, and other IT infrastructure. The NOC serves as the nerve center for ensuring the smooth operation of IT services, minimizing downtime, and addressing network-related issues proactively.

NOCs are critical for organizations that rely on complex IT infrastructures, such as large enterprises, service providers, and managed IT service companies. By ensuring continuous availability and reliability, a NOC helps maintain business operations and customer satisfaction.

The New York SHIELD Act (Stop Hacks and Improve Electronic Data Security Act) is a state law aimed at enhancing the protection of personal data for residents of New York and imposing stricter requirements on businesses that handle this data.

This applies to anyone doing business with residents of the state of New York, not only businesses within NY. You could be located in California, and if you’re doing business with residents of NY, you need to pay attention to the New York SHIELD Act. The penalties for being out of compliance can mount up quickly.

Personally Identifiable Information (PII) refers to any information connected to a specific individual that can be used to uncover that individual’s identity, such as their social security number, full name, email address, or phone number.

With the increasing reliance on digital technologies, safeguarding PII has become a critical component of cybersecurity and data governance efforts worldwide. Legal frameworks, technical controls, and organizational practices must all align to protect individuals’ privacy and prevent the misuse of their personal information.

The Preparer Tax Identification Number (PTIN) is an identification number that all paid tax return preparers must use on U.S. federal tax returns or claims for refund submitted to the Internal Revenue Service (IRS). Anyone who, for compensation, prepares all or substantially all of any federal tax return or claim for refund must obtain a PTIN issued by the IRS.

A PTIN is required for all tax return preparers, whether a one-person operation or an office filled with preparers. Further, each individual preparer must have his or her personal PTIN. Sharing a PTIN within an office or firm is not allowed.

Ransomware is a type of malicious software (malware) designed to block access to a computer system, network, or data by encrypting it or locking it until a ransom is paid to the attacker. Ransomware attacks are typically carried out by cybercriminals with the goal of extorting money from the victim in exchange for restoring access to the compromised systems or data.

Ransomware is one of the most disruptive and dangerous forms of cyberattack. It can impact individuals, businesses, and government entities alike, often resulting in financial loss, data theft, and operational disruption. Prevention, preparedness, and a well-defined incident response plan are critical to mitigating the risks of ransomware and minimizing its impact on organizations.

Sender Policy Framework (SPF) is an email-authentication technique that is used to prevent spammers from sending messages on behalf of your domain. With SPF, an organization can publish authorized mail servers. It also asked if your desktop email platforms or firewalls provide sandbox capabilities to evaluate attachments.

A Security Operations Center (SOC) is a centralized unit within an organization that is responsible for monitoring, detecting, responding to, and mitigating cybersecurity threats and incidents in real-time. The SOC plays a critical role in protecting an organization’s information systems, networks, and data from cyberattacks, unauthorized access, and other security breaches.

Threat actors (also known as attackers, adversaries, or hackers) are individuals, groups, or entities that deliberately engage in activities with malicious intent to exploit, damage, or disrupt an organization’s systems, data, or networks. They can vary in skill level, motivation, and resources, and their goals can range from financial gain to political or social objectives.

A Written Information Security Plan (WISP) is a comprehensive document that outlines an organization’s strategies, policies, and procedures for securing its information and managing its data protection practices. A WISP is designed to safeguard sensitive information from security threats such as cyberattacks, data breaches, unauthorized access, and other risks. It is a crucial component of an organization’s overall information security program, ensuring that data handling practices comply with relevant laws and industry standards.