A new report from IDG indicates that most business’ websites are not as secure as the business thinks they are. When asked, 74% of IT managers at US corporations of all sizes said that their sites were either “totally” or “very” secure and another 15% named their sites “reasonably” secure. However, when IDG looked into the sites they realized they were not as secure as the IT managers thought.

Reasons that IDG claimed these websites were not as secure as IT managers thought include:

  • 33% of these organizations never conduct vulnerability scans or assessments of their website
  • 11% don’t know whether or not their site is secure
  • 59% were not sure if their site was protected against brute force attacks
  • Only 38% said it is very likely their site is protected across cross-site scripting

With this lax approach to site security MSPs might be able to help organizations fill the gap. Here are some suggestions from MSPmentor on how MSPs can fill the gap:

  1. Think Small: Small and medium size businesses feel as though their websites are less secure and are often overlooked by larger service providers making them perfect for MSPs to target.
  2. Automate Scanning: Organizations that use automated report scanning feel more confident about their security effectiveness. Therefore, providing this to clients and explaining to them how to use it will help them feel more confident in their site security.
  3. Once Bitten, Twice Shy: After a security lapse companies are much more willing to invest in third party security. MSPs should keep track of companies that have recently had a security lapse, either from networking or media reports, and then offer their services when appropriate.

Do you agree there is an opening for MSPs when it comes to site security and this is ripe? Or is this only hype?

[poll id=”305″]