MSP Maturity Check

Managed Service Providers (MSPs) are increasingly targeted by attackers for the privileged access they hold in multiple customer environments. The MSP Maturity Check includes questions you can use to vet your MSP or MSSP's cybersecurity maturity and ensure they are helping, not hurting, your own security posture.

Vetting Your MSP’s Security Posture

If your business uses a third-party vendor such as an MSP or MSSP to manage your IT or security operations, for better or worse, you inherit many elements of the vendor’s own internal cybersecurity maturity (or immaturity).

This guide includes questions you should ask a potential MSP or MSSP partner to better understand their security posture and ensure they are not putting your organization at risk. The guide covers topics such as:

– Why MSPs Are Increasingly Targeted by Attackers
– The Unacceptable Risk of MSP-Managed Remote Access
– Questions to Vet Your MSP’s Security Controls
– Compliance Considerations When Working With an MSP
– Determining if Your MSP Practices What They Preach

Related Resources

GCC High Buyer’s Guide

The GCC High Buyer's Guide is a flight manual for organizations to make informed decisions around leveraging evaluating Microsoft 365 GCC High for compliance with DFARS, CMMC, and U.S. export...

Learn More

Zero Trust Strategies for DoD Compliance

As today's dominant security paradigm, zero trust moves cybersecurity defenses away from network-based security perimeters toward individual resources like user identities and devices. For defense contractors, adopting a zero-trust strategy...

Learn More

CUI Marking & Identification Guide

A guide to understanding Controlled Unclassified Information, how to identify CUI in your organization, and how to correctly mark information as CUI.

Learn More