MSP Blog Logo

BDR

Business Growth

Cybersecurity

Help Desk

MDM

RMM

Sales & Marketing

Subscribe

Empowering Your MSP Business to Grow and Prosper—One Post at a Time

5 Ways to Improve Your MSP Service Level Agreement (SLA)

Featured Post

5 Ways to Improve Your MSP Service Level Agreements (SLAs)

SLAs are the foundation of your MSP business. They are essential to building strong client relationships and must be clear, reasonable and well-constructed.

Read Now

What MSPs Need to Know about Compliance: Your IT Policy Checklist by Vertical

Posted April 13, 2015by Raj Goel

The IT Support/MSP game has changed. Clients are no longer satisfied with just getting their desktops managed and servers supported.

Almost every industry has customer privacy and security compliance regulations – and clients are looking at us, their IT providers and business confidantes, to help them become and remain compliant.

So what do you need to know about compliance?


Target Your Vertical

First – determine what industry or vertical you will tackle, then dive into it.

In my experience, clients do not want a generalist firm that says we provide HIPAA/HITECH/PCI-DSS/Sarbanes-Oxley/GLBA/SEC Cybersecurity /  [insert acronym here] compliance. More and more, savvy buyers want MSPs that focus on their vertical.


Healthcare IT

If you’re tackling healthcare, you must deep-dive into:

  • HIPAA/HITECH
  • FTC Health Breach
  • State Records Retention
  • SEC Cybersecurity Guidance
  • State Privacy Laws

If medium-to-large retailers ($10M-$4B) are your targets, then a thorough understanding of PCI-DSS and State Privacy Breach Laws is required.

Related: Healthcare IT - The Next Big Thing for MSPs?

Financial IT

If you're focusing on banking and finance, then make sure you understand compliance in:

  • GLBA
  • SOX-404
  • State Privacy Breach
  • FINRA regulations
  • PATRIOT ACT
  • FFIEC 


For All Verticals...

Underpinning all these regulations, standards and statutes are 3 simple truths:

  1. Every regulation or standard requires good, tested, verifiable backups.
  2. Use of strong passwords and tested security configurations is a must.
  3. Encrypting data in-motion, and data-at-rest is a very, very, good idea.

Related: Your Biggest Security Threat May Be Your Easiest Fix


As you start your journey towards becoming a compliance-oriented MSP, I can offer you a few resources for HIPAA/HITECH, PCI-DSS, SEC Cybersecurity and PRIVACY LAW compliance.


HIPAA/HITECH Compliance: Email me and request the

  • WHAT DO MSPS NEED TO KNOW ABOUT HIPAA/HITECH slides
  • HIPAA Compliance Checklist
  • Articles and newsletters regarding trends in HIPAA enforcement and compliance

Related: How to Add HIPAA Compliance to Your Service Offering


PCI-DSS and STATE PRIVACY LAW Compliance

  • Overview of the state privacy breach laws
  • Trends in Financial Crimes
  • Lessons Learned from Superstorm Sandy


SEC Cybersecurity Compliance

  • Overview of SEC Requirements
  • Trends in Financial Crimes
  • Lessons Learned from Superstorm Sandy
  • Challenges endemic to the financial sector


As always, if you have questions regarding security, privacy or compliance, feel free to contact me at raj@brainlink.com.

For more of my latest articles, blog posts, presentations and webinars, check out www.RajGoel.com


Are you primarily serving doctors' offices?

Managed IT Services in Healthcare [eBook]

MSP Owner, Author, entrepreneur, IT expert and public speaker, Raj Goel is globally known as the go-to man in cybersecurity and privacy law. By day, Raj runs a successful MSP in New York City named Brainlink. Learn more at www.Brainlink.com. By night, he is committed to educating individuals and organizations about online safety and how to protect their most important assets – people and data. His expert advice helps individuals, companies and conglomerates navigate their way through the world’s ever-changing technology and increasingly complex IT compliance laws. He often appears in the media and at conferences world-wide to educate the public on cybersecurity and digital privacy, a subject he is passionate about. He is the creator of SOPCULTURE – a well-defined methodology and process that elevates MSPs from OK to phenomenally profitable. So, whether you’re looking for a seasoned IT veteran who’s lived in the trenches, a successful business owner on a mission to increase client happiness and profitability or a caped crusader devoted to cyber-civil rights, you’ll want to contact Raj at 917-685-7731 or raj@brainlink.com. And don't forget to visit www.SOPCulture.com to read his articles, watch previous webinars on improving your service delivery and increasing profitability by reducing client frustration.

RMM 101: Must-haves for Your IT Management Solution
MSP Guide to Managed Services SLAs  [white paper]
comments powered by Disqus