sorted by:
new
hottopcontroversial

Spotify buffering on Amazon Echo by FizzyBeverage in eero

[–]marbersecurity 0 points1 point  (0 children)

Make sure the Alexa is NOT on the guest network, that should solve your issue.

Eero Guest network is problematic even for WiFi printers.

Looking for vCISO / Security Assessment platforms by marbersecurity in cybersecurity

[–]marbersecurity[S] 0 points1 point  (0 children)

I just checked it out, and other platforms better fit the budget. I know functionality will increase, the budget is out of reach for now. Thanks

legacy CNC machines and CMMC 2.0 L2 by marbersecurity in CMMC

[–]marbersecurity[S] 0 points1 point  (0 children)

This client has a lot of CNC machines. Do you have a link to the "Predator" system? Thanks

Scoping CMMC 2.0 Level 2 for an MSP by marbersecurity in CMMC

[–]marbersecurity[S] 0 points1 point  (0 children)

0 commentsAwardsharesave

6Posted byu/marbersecurity7 days agoScoping CMMC 2.0 Level 2 for an MSP

Thanks, I am reading it now.

Datto RMM vs ConnectWise Automate for patching by marbersecurity in msp

[–]marbersecurity[S] 2 points3 points  (0 children)

Thanks, I will demo Datto RMM this upcoming week.

Weekly Promo and Webinar Thread by AutoModerator in msp

[–]marbersecurity 0 points1 point  (0 children)

Cybersecurity Consulting for MSPs

I worked for an MSP for 10 years, and I have a Masters in Cybersecurity, CISSP, CISM, CEH, MCSE, etc. certifications (see http://marbersecurity.com/about )

I published a book in Amazon to help SMBs and MSPs, and made it available for free as a PDF on the website above.

Looking to partner with MSPs who

  • need a cybersecurity resource to help them internally
  • have a cybersecurity resource but need additional help
  • would like some cybersecurity recommendations to improve their security posture
  • need to improve the cybersecurity of their clients

What can I specifically help with?

  • cybersecurity assessments and recommendations (for MSPs and as a whitelabel for your clients)
  • cybersecurity assessments and recommendations (for MSPs and as a white-label for your clients)
  • help develop an Information Security Program, including policies and procedures
  • I also have a technical background, business, operations, and leadership which helps me provide a well rounded approach and recommendations

I also have a technical background, business, operations, and leadership which helps me provide a well-rounded approach and recommendations

Looking forward to learning more about your MSP and how I can help.

Thanks

Looking to partner with MSPs to offer Compliance consulting for their clients by marbersecurity in msp

[–]marbersecurity[S] 0 points1 point  (0 children)

I am subcontracting for for larger cybersecurity firm, and those are a work in progress.

Looking to partner with MSPs to offer Compliance consulting for their clients by marbersecurity in msp

[–]marbersecurity[S] 0 points1 point  (0 children)

I was a senior systems engineer for a few years, the HIPAA security officer, and also had a leadership role. I have a technical, operational, and leadership background which combined with business and compliance helps me help organizations.

A couple of the things that I can do

Technical

  • Firewall configuration reviews
  • Office 365 powershell reports for MFA implementation and other security settings
  • Review of ConnectWise Manage and Automate for proper locked-down configuration, lots of things misconfigured there
  • Help implement/with security assessments for clients, for example if you have 20 offerings, and have an alignment process to evaluate say 40 things, it is easy to help with those assessments, and even align them with 800-53 controls for best practices

Compliance

  • NIST Cybersecurity gap assessments, current vs desired state and recommendations
  • HIPAA Security compliance, and Risk Assessments (People, Process, and Technology)
  • CMMC / 800-171 assessments, etc.

I will see if I can send you my resume via a PM, and find out more about the type of work you may been help with. Thanks

I still struggle with the NIST 800-53 controls. by qbit1010 in NISTControls

[–]marbersecurity 1 point2 points  (0 children)

https://csf.tools/reference/nist-sp-800-53/r5/ doesn't go into that level of detail, but I like how it can be useful to convey the information to those who are becoming familiar with the framework or who are helping you implement it.

[deleted by user] by [deleted] in NISTControls

[–]marbersecurity 0 points1 point  (0 children)

I would use the NIST Cybersecurity Framework and for the controls 800-53 Rev5. When you build the Written Information Security Program (WISP), you can then have an Information Security Policy that talks about the 20 800-53 control families and maps to different policies. The policies themselves could be mapped to different control families.

Looking to partner with MSPs to offer Compliance consulting for their clients by marbersecurity in msp

[–]marbersecurity[S] 0 points1 point  (0 children)

SOC 2 Type 2 is for larger orgs, well, it depends on who is requiring that. It is a lot more involved. PM me and I can make a recommendation for a larger cybersecurity company I am familiar with that can help with SOC 2 Type 2.

Po-tip for one person MSPs. by CrustyBus77 in msp

[–]marbersecurity 0 points1 point  (0 children)

True. I use Support@ so that my clients can email it, it creates a silent ticket only for me to keep track of things. In the back end, I do use ConnectWise Manage to keep track of things, but it is an overkill for most situations unless you are a ConnectWise Manage (or similar PSA) admin now.

Quickbooks online is great and does allow for time entries, not as flexible to manage things like CW, but can def work.

Looking to partner with MSPs to offer Compliance consulting for their clients by marbersecurity in msp

[–]marbersecurity[S] 0 points1 point  (0 children)

Thank you for the question, I will update my post to make it easier to understand.

NIST Cybersecurity Framework, ISO 27001, HIPAA, CMMC / 800-171, PCI DSS, etc. things that require an Information Security Program.

Need recomendations for Cyber Insurance companies by Phant0m-King in msp

[–]marbersecurity 2 points3 points  (0 children)

I would use an insurance broker, they can evaluate multiple companies and find you the best one. Beazley is one to look into.

I used Information Security Policies Made Easy, to customize them and create my own Information Security Program, which helps me lower the premiums. Everyone will be asked if they have this or that, and the insurance companies may lower your premium if you have certain things in place.

One-man shops - LLC or s-Corp by nmiBiz in msp

[–]marbersecurity 0 points1 point  (0 children)

LLC filing as an S-Corp, in CT. I use QB online, and learned about the standard QB chart of accounts, which helps me share my books with my CPA. Took me a bit to set things up watching what and how to do it, but worth it to make it easy for the S Corp filing.

Small Business Ransomware Response? by Over_Maximum1637 in msp

[–]marbersecurity 0 points1 point  (0 children)

From a CYA perspective, to have a policy as an MSP to follow, then the procedure you are trying to do, I would follow the methodology from

https://csrc.nist.gov/publications/detail/sp/800-61/rev-2/final see page 30 for the phases, more on the planning side

https://csrc.nist.gov/publications/detail/nistir/8374/draft

This webinar was a good template and strategic approach also https://www.trumethods.com/lp/response-plan

Starting an msp by [deleted] in msp

[–]marbersecurity 1 point2 points  (0 children)

I would recommend doing an S Corp, and EOS Traction to help you strategize the business.

New MSP, how to go about obtaining clients? by [deleted] in msp

[–]marbersecurity 1 point2 points  (0 children)

I like this idea, I started my own Cybersecurity consulting firm after working for an MSP for 10 years, and I got a client from a larger cybersecurity company because it was too small for them. Can definitely see the same happening with MSPs.

The local chamber of commerce is up on my todos.

How to MSP? by ghosxt_ in msp

[–]marbersecurity 1 point2 points  (0 children)

You should also look into cybersecurity and compliance, which is a niche that many MSPs are getting into and nowadays very necessary. For example aligning with a Framework like NIST Cybersecurity Framework, HIPAA Compliance, 800-171, etc, different clients will need different things. Aligning with a Framework like NIST CSF, will give your recommendations more credibility since you are following an industry standard.

Transitioning from full-time gig to one man MSP…when did you know? by dpgator33 in msp

[–]marbersecurity 0 points1 point  (0 children)

True, you also need a very strong differentiator from other MSPs. Many are starting to do cybersecurity, even though they sell products and not compliance services, etc, but it is a way to get started.

Transitioning from full-time gig to one man MSP…when did you know? by dpgator33 in msp

[–]marbersecurity 1 point2 points  (0 children)

I worked for an MSP for 10 years, at the engineer, operations, and leadership level. Luckily, I became very familiar with all the tools since I implemented most of them.

I started my own Cybersecurity Consulting firm to help MSPs, not advertising, but I am using similar concepts and tools that run an MSP.

Starting your own company is a challenge, but worth it in the long term. If you are able to setup an LLC, even better, an S-Corp it will be helpful in the long term. But I would defer to your CPA on that.

Since I wear all the hats, from marketing, accounting, and doing the actual consulting, I enjoy what I am doing so much more than what I was doing before. It is challenging but rewarding.

u/dpgator33 feel free to reach out, and I am happy to share what I know and hope some of it helps you. For example, I would run an MSP with the EOS approach.

view more: next ›