The EDR dilemma: Meeting an MSP’s client demands while protecting profit margins

For managed service providers (MSPs) and technology solutions providers (TSPs), there has arguably never been a more critical time to have a robust cybersecurity offering. Global cyber attacks increased by 38% in 2022 compared to 2021, with the World Economic Forum stating that, “the Asia Pacific (APAC) region is experiencing a huge increase in cyberattacks compared to its global counterparts.” Indeed, a report by Check Point Research stated, “[the] APAC witnessed the highest year-over-year increase in weekly cyberattacks during the first quarter of 2023, averaging 1,835 attacks per organisation.

Cybersecurity is certainly at the forefront of clients’ minds; 94% of small and medium businesses would consider switching to a new MSP if offered a more comprehensive security solution. It is becoming increasingly clear that traditional antivirus software no longer provides strong enough protection on its own. Businesses are actively searching for more comprehensive solutions to arm themselves against the rapid evolution of malware and other cyberthreats.

MSPs have an opportunity to meet this growing demand by offering an endpoint detection and response (EDR) solution. These are designed to provide real-time monitoring and threat detection right at the endpoint, helping to quickly identify and respond to malicious activities and security breaches. However, implementing and managing a comprehensive solution can be challenging without the right expertise. Misconfigurations or improper management of EDR tools can result in false positives, operational disruptions, and potential gaps in security coverage.

Poor EDR solutions also impact users’ experiences with their devices, making the threat of shadow IT a real concern.

EDR solutions can be expensive, with providers charging up to US$170 per year, per endpoint. Depending on the size of the business, costs can add up quickly, eating into an MSP’s profit margins. Configuring EDR solutions to suit each client’s unique infrastructure and ensuring they work effectively can be time-consuming and require specialised skills. What’s more, many MSPs do not have the necessary expertise or personnel to handle these complexities, leading to potential gaps in security or increased operational overhead.

Smooth-running and secure EDR solutions must be carefully managed. The effectiveness of EDR solutions heavily relies on continuous monitoring and timely response to security incidents. This demands round-the-clock vigilance and skilled cybersecurity professionals who can interpret alerts, investigate attacks-in-motion, and execute appropriate remediation measures. These alerts will only grow in number as client businesses expand.

Many MSPs may not have the capacity to provide extensive 24/7 support, particularly when each solution is tailored to a different client, and increasing staff headcount is incredibly challenging for this specialism without very deep pockets.

However, these challenges can largely be eradicated if a trusted third-party security operations centre (SOC) is recruited to manage the EDR offering. This is why ConnectWise, a leading cybersecurity software and support provider, has collaborated with Microsoft to offer a new holistic solution: ConnectWise MDR with Microsoft Defender for Business. By harnessing Microsoft’s advanced threat detection technology and intelligence, alongside ConnectWise’s industry-leading SOC, this solution delivers a comprehensive and cost-effective defence system that provides unmatched protection against emerging threats

The EDR on offer is Microsoft Defender for Business, an enterprise-grade solution, tailored for SMBs, with robust security features and comprehensive threat-detection capabilities. Clients can benefit from real-time monitoring, automated threat detection, and advanced analytics to safeguard their digital assets. Enhanced with advanced data enrichment and human-guided escalation, the solution delivers more accurate responses, reducing the occurrence of false positives and preventing red-flag fatigue.

Given its widespread adoption, many clients may already have Microsoft Defender for Business installed. MSPs can now offer best-in-class protection while eliminating the need to purchase additional EDR solutions or subpar preventative-only tools, thereby maximising profit margins. Guidance and solutions from ConnectWise mean goals of 55% average gross margins and operating margins of 45% can be attained within three years.

ConnectWise MDR comes with a centralised, multi-tenant platform that allows MSPs to monitor multiple clients’ EDRs simultaneously. This scales with the business, eliminating the risk of slow response times and helping to maintain positive client relations. It also seamlessly integrates with other ConnectWise products, creating a unified ecosystem that streamlines operations and simplifies the management of clients’ cybersecurity.

While it can be difficult for an MSP to acquire the personnel necessary for an EDR offering, ConnectWise MDR can alleviate the burden. Serving as an extension of the existing team, the ConnectWise SOC is comprised of over 200 security experts hunting for anomalous activities, and adding new detections as threats emerge.

With a team of dedicated analysts investigating and managing security alerts, the ConnectWise SOC reduces the need to hire additional staff as workloads increase. This not only enhances the security of clients but also allows executives to allocate more time and resources towards strategic and profitable activities.

One ConnectWise partner said: “You’re looking at well over a million dollars in resources to create what we get for a fraction of that cost from ConnectWise.”

Don’t wait to secure your clients’ businesses. Contact ConnectWise’s experienced sales team today and discover how ConnectWise MDR with Microsoft Defender for Business can provide a managed EDR solution to ensure cost-effective, enterprise-grade security.

---

---

---