All Blogs
Peer Practices
Posted
December 15, 2021

Using ScalePad to Monitor IT Security Compliance

Antonio Neglia

Tips for MSPs to manage client risk & exposure from Matthew Bookspan, CEO of Blacktip IT Services

Using ScalePad to Monitor IT Security Compliance

With over two decades in software product management, building solutions for Microsoft, Electronic Arts, Cisco, Salesforce, and more, Matthew Bookspan set his sights on transforming technology consulting for the Floria and regional Southeast markets. Now, as CEO of Blacktip IT Services (Blacktip), Matthew carries on his belief that the right technology solutions can make companies, and their teams thrive, enabling clients to be provided with the highest quality service. 

But what does the highest quality service mean in the real world? Working as a long-term partner to keep technology accessible, efficient, invisible, and secure. With a DMI™ Score of over 835, there’s no disputing that Blacktip does things by the book. How do they do it?

They Follow a Compliance Framework for Security

Cybersecurity has, unfortunately, become front-page news. The increasing number of breaches, caused by lapses in device security, has left MSPs bearing the brunt of their clients’ anxiety and looking for ways to safeguard their environments. Recognizing this, Blacktip uses a compliance framework for security to mitigate risks and secure their clients’ environments.

Security compliance frameworks provide standards, guidelines, and best practices to manage client cybersecurity risks. After a strong recommendation from Matt Lee (Senior Director of Security and Compliance, Pax8), Matthew adopted and implemented the Center for Internet Security’s Critical Security Controls Version 8 for Blacktip. Part of the CIS Critical Security Controls v8 framework calls for the checking of asset data weekly, to ensure devices are up-to-date.

They Use ScalePad to Manage Risk and Exposure

Security relies on having accurate and up-to-date information at all times. With integrations including ConnectWise manage, IT Glue, Datto BCDR, Microsoft Endpoint Manager, and more, there’s a lot of duplicated data to sort through. That’s why Blacktip trusts ScalePad to pull accurate, deduped equipment, warranty, and software data directly from their stack. The ability to have this data in one view and shareable with clients, in the form of reports, enables information to be presented quickly and for action to be taken faster.

Because ScalePad provides an on-demand, super-accurate asset list, Blacktip is able to remain fully compliant with the CIS v8 framework. With weekly hard checks of the data, Matthew and the Blacktip team are able to correct any asset issues as they surface, rather than waiting for exploits to happen.

They Use the Digital Maturity Index™ and Reports to Communicate Risks

An early adopter of ScalePad’s newly-released Strategy update, Matthew found value in the Digital Maturity Index™, specifically its ability to expose PCs that were not updated to current feature packs. While Matthew and team know of the inherent security risks these assets possess, they needed to find a way to communicate the risks to their clients.

It’s the norm for Blacktip to share asset lifecycle reports with clients on a quarterly basis, but the simplicity of ScalePad’s reports led to something unexpected - clients were requesting data much earlier than anticipated. Because these reports use a simple, color-coded system to visualize asset health, Matthew finds clients are able to see the critical issues in their environments and are more motivated than ever to fix them immediately. 

ScalePad automatically exposes PCs that may not be updating correctly to the most current feature packs. It shows us what needs to be addressed so we can take action immediately.

Curious to learn more about ScalePad? Get Free Edition or Book a Demo today.