FortMesa’s Continurisk GRC (governance, risk and compliance) platform will be deployed to support the new Trustmark program from CompTIA, the Downers Grove, Ill.-based, nonprofit association for the global technology industry and workforce.

“The work CompTIA is doing in building a scalable cyber credibility model for MSPs and other IT providers is core to the FortMesa ethos and an essential part of rebuilding public trust in outsourced information technology systems – we’re all very excited to support this mission,” said Mathew Fisch, founder and CEO of FortMesa, in a statement.

FortMesa’s GRC platform will:

•  Allow CompTIA Cybersecurity Trustmark applicants to track progress in addressing and completing the standards outlined in Trustmark documentation.
• Be accessible to CompTIA members as they enroll in the Trustmark program.
• Provide actuarial insights and feedback to the Trustmark program.

“MSPs will be able to measure the effectiveness of their evolving security program as they progress through the Trustmark process. The addition of FortMesa as a Cybersecurity Programs partner and the inclusion of its GRC platform are exciting and important developments for our Trustmark program and for the global MSP community,” said Wayne Selk, vice president, cybersecurity programs at CompTIA, in a statement.

The CompTIA Cybersecurity Trustmark details a clear path for MSPs to achieve foundational cybersecurity hygiene, laying the groundwork for a functional security program within the organization.

The Trustmark maps to several control frameworks recognized as industry-accepted best cybersecurity practices, including the Center for Internet Security Critical Security Controls, ISO/IEC 27001, the National Institute of Standards and Technology (NIST) SP 800-171, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and the New York Department of Financial Services (NYDFS) Cybersecurity Regulation.

The post FortMesa Joins CompTIA to Strengthen Cybersecurity Culture Throughout MSP Community appeared first on My TechDecisions.

Through this partnership, Utelogy users can expect seamless integration of the NETGEAR AV Line Switches with the Utelogy Platform, where it will help deliver proactive alerts and monitoring for an enhanced user experience. Users will also have full insight and management of the NETGEAR system. This includes connection status, PoE status, port speed, port mode, firmware and additional metrics. Per a statement, the AV Line switches combine years of networking expertise with best practices from leading experts in the professional AV market.

The new NETGEAR AV user interface also presents common AV controls right up front with user-selectable profiles for common AV platforms. As a result, it enables easy configuration. With the use of a REST API, NETGEAR switches can also integrate quickly and easily; making them an ideal partner for integration into Utelogy’s Utelligence program. With this, it satisfies all the controlling, monitoring and security requirements labeled as Utelligent+.

An Integrated Offering

Frank Pellkofer, president, and co-founder at Utelogy, says, “The Utelligence standard for secure and robust APIs for easy integration has become increasingly powerful in our industry. It’s proving to be an excellent way of building partnerships that focus on security and making sure the end user’s voice is heard.”

The Utelogy Platform is becoming more innovative and feature-rich, the company notes. It attributes this to the collaborations and partnerships with manufacturers like NETGEAR. Together, they are thus creating a “single-pane of glass” management and monitoring solution that delivers an exceptional user experience. At the same time, they help reduce the total cost of ownership, Utelogy adds.

“We are excited about the strategic relationship with Utelogy; which allows our customers to take advantage of the integrated solution and deliver a new level of visibility and management of their AV assets,” says Laurent Masia, director of product line management for managed switches at NETGEAR. “The integration of our AV Line switches with Utelogy’s solution enables customers to manage their entire AV estate from a single console; providing a more efficient and simplified way to manage their AV infrastructure.”

NETGEAR and Utelogy will thus continue to innovate and deliver exceptional value to its customers. Moreover, it represents a significant step forward in providing a comprehensive solution for AV and UC device standardization.

Another version of this article originally appeared on our sister-site Commercial Integrator on April 11, 2023. It has since been updated for My TechDecisions’ audience.

The post Utelogy Integrates with NETGEAR AV appeared first on My TechDecisions.

These cloud-based solutions from Sony provide end users with the ability to automate BRAVIA professional display provisioning, configuration and enrollment processes to reduce time required to deploy at scale, while dramatically improving accuracy for MSP asset management tools, says Sony. Additionally, the platform offers remote capabilities, making the displays easily manageable on-premises or offsite.

Powerful Device Management Platform

“With the introduction of our powerful Device Management Platform, our professional BRAVIA displays can now be quickly deployed, automated and controlled from virtually anywhere,” Rich Ventura, vice president of professional display solutions, Sony Electronics, says. “This new platform not only substantially reduces installation times, resource demands and complexity for Managed Service Providers, but it helps contribute to users’ sustainability goals by reducing the need for operators, technicians and support personnel to travel on-site which translates to a smaller carbon footprint.”

The professional display DMP can be employed on singular installations. Alternatively, it can provide a path for scalable provisioning across large-scale deployments.  The platform’s provisioning tool can be used separately or in conjunction with the remote device management option.

The user-friendly solutions also provide valuable and granular insights, such as device location alerts and on/off status. These, of course, can reduce the likelihood of, or the average resolution time for, potential performance issues. With a set of device management tools and open APIs, MSPs can also perform remote software and firmware updates, analysis and issue resolution for Sony’s professional BRAVIAs from the Network Operations Center (NOC).

Sony’s Professional 4K HDR BRAVIA System-on-Chip displays, available in sizes ranging from 32 inches to 100 inches (diagonal), are based on a secure Android TV operating system. With the use of Sony’s DMP, the displays add SOC 2 Type 2 and ISO 27001 compliant cloud management solutions. This, therefore, provides IT and AV professionals with additional confidence, security and peace of mind.

Sony’s Device Management Platform for the company’s professional display solutions is expected to be available in early 2023.

Don’t forget to shop and compare Sony products on MyTechDecisions’ sister-site AV-IQ.com.

This article originally appeared on MyTechDecisions’ sister-site CommercialIntegrator.com.

The post Sony Electronics Launches Device Management Platform for Professional Display Solutions appeared first on My TechDecisions.

More than any traditional managed service model, Co-MITs are a very flexible arrangement designed to provide a compromise between the IT department maintaining control of its server while also leaning on support from a vendor in various ways.

Organizations which have been burned by a low-price service provider which let them down or is closing shop; organizations that are beginning to rethink the value of internal IT; organizations whose internal IT team is in need of a partner…these are examples of situations where a co-managed service model may be appropriate.

Related: Cloud Contracts: The Best and the Worst

But what does that look like, and how should IT & tech leaders pursue it?

What is a co-managed service model?

Co-MITs involve a relationship between client management, managed service provider (MSP), and internal IT teams. This contrasts with the “pure” MSP world, where the relationship is primarily between client management and an MSP.

Bad relationships lead to bad business. In discussions surrounding the possibility of entering into such a relationship, all three parties have to agree on goals, terms, and standards.

Co-MIT benefits

Internal IT resources are obviously expected to know the value-adds for the company better than any MSP. Even those companies who enter into a partnership with an MSP often have trouble in the contract when an expectation is broken and the internal IT knows better in a given situation.

Still, MSPs know the technology and overall industry better in many situations. Combining these two pools of strength and talent can create something that’s greater than the sum of its parts.

Organizations with internal IT were traditionally seen as a no-go for MSPs, says Bob Coppedge, author of two books on CoMITs and founder of Simplex-IT & www.comits4msps.com.

“About 70% of MSPs have a co-managed client but they didn’t even know it — many IT departments are actively seeking out these agreements and sometimes don’t even know that this is what they’re asking for.

“They’re searching for more efficiencies while maintaining control of their networks — that’s the key benefit to it.”

Creating successful Co-MIT agreements

Coppedge says the best agreements are made typically when an internal IT group recognizes what their weak points are, not when an MSP pressures you to change your agreement.

“Co-MITs are at their best when they lift up internal IT, training them on best practices, so that the IT department becomes more productive themselves,” he says.

“MSPs need to be there to make the IT’s lives’ better. It should be about training and teaching.”

MSPs can take on some responsibility, or simply act as a backup; IT can make them an extension of technical staff, or vice versa.

CoMITs are most effective when the processes of CoMITs business are similar (if not identical) to “pure” MSP business, Coppedge says.

Opportunities for MSPs:

• Become a traditional MSP, but for clients who were unsatisfied from service by a cheap MSPs who low-balled and couldn’t provide support, creating need for something better
• Help out those organizations that felt let down by internal IT and who want to completely outsource
• Find a co-managed situation where an organization with one or two IT people had to struggle to switch to remote work infrastructure and might be open to partnerships going forward

Opportunities for IT:

• If the department has a director or single-person shop; it’s hard to drain the swamp when you’re surrounded by alligators. It’s hard to put in VPN-from-anywhere, track all the documentation, etc. in such a way where you have control and access to everything. You don’t want to give up control of a network, but a Co-MIT offers perks like remote management and other tools without the need for IT to sacrifice control over the network
• The things that make an internal IT department very well-defined and organized are being sacrificed in the current environment.

Getting buy-in

Above all, an IT department interested in an arrangement like this needs to get all three parties on the same page.

IT leaders should stress how much more productive theirs and others’ teams can be with a co-managed service model; how the sale and service of widgets will be improved. Getting too caught up in technical details with management will cloud the value.

“It comes to the same issue: quit talking about cost and talk more about benefits. Talk about how internal IT can ‘do X-percent more in Y-area’ by having some of their time cleared up by an arrangement,” Coppedge says.

Stress that the agreement can be controlled very heavily by the CIO if necessary.

Remember, change begets change. If there’s nothing different going on within an organization, it will only embrace change when they finally decide it is time.

The post Co-Managed IT Services: What IT Directors Need to Know appeared first on My TechDecisions.

As Corey Kirkendoll, CEO of 5K Technical Services, said during the session: it’s more important to make sure your own company utilizes internal security best practices.

“As MSPs, we’re always under attack. If they get us, they can get our customers,” he said.

Kirkendoll has been aggregating best practices from within the ASCII and vendor community into a definitive guide to help MSPs lock down their environments from would-be attacks.

He focused on the things most MSPs are not doing that are leaving them vulnerable to being breached. This has been a collaborative effort for our industry as we present the findings to all attendees.

First: assess your ‘security posture’

It’s critical do develop what Kirkendoll called a “security posture.” You can develop one by answering the following questions:

• how much risk are you accepting?
• have you had a security assessment done by a third party?
• have you prioritized what you need to protect?
• do you know what is critical to your business?

Let your answers to these questions guide your approach to all things internal security going forward. If you feel any response to the above questions is weak or leaves you & your team asking more questions, you need to address those areas first, Kirkendoll said.

Pick a cybersecurity framework: CIS, zero-trust, NIST, etc.

Are you a customer of yourself, using your own business to service yourself? Using your own helpdesk, etc.?  “This allowed us a better insight into how we really work,” Kirkendoll said.

Do you onboard yourself and have consistent documentation and training?

Are 2FA and proper security measures implemented? “I may be taking a firm stance here, but there’s just no acceptance anymore for a lack of 2FA implementation.”

A quick MSP security checklist

• You need disaster recovery and contingency plans in place in the event of a data breach or ransomware attack
• Pursue certifications wherever possible (Security+, CISSP)
• The ability to partner with other MSPs for help in the event of a major attack is a good “all-else-fails” resource
• Harden your stack!

Don’t doubt the importance of tabletop exercises

“We run through scenarios where there are factors like breaches and hacks, but also physical disasters like tornadoes. What happens with the hardware? If something happens, the way people communicate about it will determine the outcome. If they’ve never even heard of a specific situation happening, they’ll probably mess something up,” Kirkendoll said.

Related: Tips for Researching New Technology Options for Your Business or Org

“Getting my team to wrap their heads around the importance of these exercises can be tough, but in the end, it strengthens our communication and makes us more prepared for the inevitable day when something happens.”

Additional resources for internal MSP security:

• Infraguard – provides a vehicle for seamless public-private collaboration with government that expedites the timely exchange of information
• ISACA – global association that provides IT professionals with knowledge, credentials, training and community in audit, governance, risk, privacy and cybersecurity
• staysafeonline – National Cyber Security Alliance
• MSSP Alert – research for Managed Security Services Providers

The post What Every MSP Internal Security Framework Should Include appeared first on My TechDecisions.