CIO Influence
CIO Influence News Cloud Security

MSPAlliance Leadership Council Forms Vendor Council to Address Managed Services Supply Chain Risk

MSPAlliance Leadership Council Forms Vendor Council to Address Managed Services Supply Chain Risk
MSP supply chain threats will be mitigated through transparency, education, business continuity planning, and managed services channel certification

The International Association of Cloud & Managed Service Providers (MSPAlliance) announced several significant breakthroughs in the fight against managed services supply chain vendor attacks. Among the most significant announcements is the creation of Vendor Verify, a new certification designed to raise transparency and cybersecurity resiliency amongst supply chain vendors commonly used by managed service providers (MSPs).

In response to recent cyber-attacks designed to disrupt external IT management services delivered to organizations and extract ransomware payments, the MSPAlliance Leadership Council, comprised of hundreds of certified MSPs from around the world, have acted to secure their own supply chain by involving and working with hardware and software vendors who deliver vital products and services to MSPs (and their customers).

Top iTechnology IoT News: Semtech Collaborates With Everynet and Telkom Indonesia for Insulated Vaccine Carrier Leveraging LoRaWAN

“Collaboration among MSPs and vendors is a vital step in meeting our ultimate goals of securing the shared infrastructure and systems we use to provide the best possible cybersecurity for our customers,” said Corey Nachreiner, CSO of WatchGuard Technologies. “WatchGuard is proud to join with the MSPAlliance, and the other participating vendors, to bring the Vendor Verify Certification to life.”

“MSPs are an important part of the LogMeIn and LastPass partner ecosystem. LastPass MSP was designed to be easily deployed so MSPs can seamlessly manage their client’s LastPass accounts. The MSPAlliance’s Vendor Verify Council will be a valuable tool for MSPs. I’m confident that LastPass will continue to be the right choice to meet MSPs security requirements.” Patrick McCue, Vice President, Global Channel Sales.

“Collaboration amongst vendors and MSPs is a meaningful step towards truly addressing cybersecurity threats,” said PC Matic Vice President Corey Munson. “PC Matic is proud to be a participating vendor in the Vendor Verify Certification program, and we are looking forward to working with the MSPAlliance community to promote transparency and strengthen cybersecurity resiliency”

“We are honored to see this level of support from the vendor community,” said Celia Weaver, President of MSPAlliance. “We, along with all of the MSPs working with this new council, see this as a big win for the industry.”

Top iTechnology Cloud News: Vertica to Leverage NetApp StorageGRID to Deliver Cloud-Scale Analytics to On-Premises Environments

Participating Vendors

Participating members of the MSPAlliance Vendor Verify Council are senior level executives from:

PC Matic, Watch Guard, LastPass by LogMeIn, Tigerpaw, Axcient, Loop Communications, CryptoStopper, bvoip, Intotoware, Vultr and INKY.

Vendor Verify Goals

While still being deliberated, the objectives of the program articulated by both MSP and vendor alike include:

  • Transparency enhancements from vendors to their MSP partners. Such transparency will be delivered through a centralized database of recognized vendor organizations including their relevant certifications, audits, and security practices so MSPs can make better and more informed purchasing decisions as well relay such information to the MSP customers and compliance personnel.
  • Cybersecurity channel best practices. Leveraging existing cybersecurity frameworks such as MSP and Cloud Verify, SOC 2, ISO 27001, CMMC, and others, the Vendor Verify program will use this data to build cyber security profiles and ratings all designed to make it easier for MSPs to make sound purchasing decisions.
  • Assurance to the MSP and end-user communities. By establishing and communicating these essential cybersecurity practices, MSPs can make more informed decisions about the vendors with whom they work, but so can end-user organizations. As more end-users make decisions to work with MSPs, they want to know that their MSP (and their suppliers) are safe and taking every available precaution when it comes to cybersecurity preparedness.
  • Risk alignment. Part of the Vendor Verify program will involve contract and insurance best practices. Contracts between MSP and vendors need to be revised to ensure proper alignment of risk in the managed services supply chain, as well as to communicate these measures to customers who rely on such information when making their own risk decisions. A crucial benefit arising from the program will involve more effective information which can be delivered to insurance underwriters who issue cyber insurance policies to all organizations, vendors, MSP, and customers alike.

Top iTechnology IT and DevOps News: 2021 TCCF Opens The Expo with Vice President LAI Ching-Te to Experience the Convergence of Technology, Content, and the Metaverse

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

Ranovus Demonstrates Industry’s First Adaptive Compute Acceleration Co-Packaged Optics Platform with Xilinx Versal and Ranovus Odin™ 800Gbps CPO 2.0

Airbyte Releases API to Automate Data Movement for Large-scale Deployments

Business Wire

Leave a Comment