Why MSP’s make DNS Filtering Part of their Security Stack

Posted by C Jones on Sun, Dec 12th, 2021

It's critical for MSPs to have a strong brand for the sole reason that their customers are buying their promise.  Your customers contract your services because they perceive your business to offer value to them.  Reputational damage following a  data breach can lead to decreased share price, market share and often the demise of the business.  According to research conducted by the National Cyber Security Alliance:

• Almost 50 percent of SMBs globally have experienced a cyber attack
• More than 70 percent of attacks target small businesses (not all are successful)
• As much as 60 percent of hacked small and medium-sized businesses go under after six months.

Being in the managed services business means you are in the cybersecurity business.  Both are deeply intertwined.  There is nothing more important than protecting the users, devices, files, and infrastructure of your customers from malicious attacks.  Furthermore, nothing can damage brand and reputation more than one or more of your customers falling victim to a ransomware attack or experiencing or a data breach.

The security of your customers and the reputation of your brand go hand in hand. This is why you need a well-conceived security stack to offer your clients protection from all types of attacks on all fronts.  You also need vendors that cater specifically to MSPs in order to reduce business risk for you.

The Role DNS Filtering plays in the security stack

There is no better example of a security tool that protects both the network and company brand more than web filtering.  Business owners that provide Wi-Fi must eliminate issues arising from customers or minors accessing unsuitable web content or violating any laws when online.  Conversely, IT must ensure the Wi-Fi network is secure. Securing a network still presents a significant challenge, and those offering public Wi-Fi who don’t deploy a network security solution to protect their Wi-Fi (and wired) networks face potential risks including stolen customer and company data, financial loss and a damaged reputation.

DNS filtering has taken the traditional web filtering industry by storm due to its increased speed and effectiveness in protecting users from web-based attacks and offensive or inappropriate content.   Standard web filtering blocks access to websites based on the URL.  DNS filtering blocks access to resolving bad sites, meaning that the web session is blocked before any HTML code is even accessed.  This eliminates malicious code and threats at the source.  It also reduces the latency for allowed sites as well, which improves the overall user experience.  Thus the advantages of DNS filtering over that of traditional URL filtering can be abbreviated to that of security and speed.

With DNS filtering in place, rather than the DNS server returning the IP address if the website exists, the request will be subjected to certain controls. If a particular webpage or IP address is known to be malicious, the request to access the site will be blocked. Instead of connecting to a website, the user will be directed to a local IP address that will display a block page explaining that the site cannot be accessed.

This control could be applied at the router level, via your ISP, or a third party – a web filtering service provider. In the case of a service provider, the user – a business for instance – would point their DNS to the service provider. That service provider maintains a blacklist of malicious web pages/IP addresses. If a site is known to be malicious, access to malicious sites will be blocked.

DNS filtering as part of a multi-layer security strategy

While a firewall is essential to provide a secure perimeter for your customers, the greatest vulnerabilities for them involve internet activities such as web browsing and email.  A cloud-based DNS filter can protect users and their enterprise devices both on and off premise, providing 360-degree coverage in a mobile Wi-Fi world.  A cloud-based DNS filtering solution requires no hardware or software client applications.  This makes deployment really easy.  Simply redirect DNS queries for your customer devices to the vendor’s servers and they are protected, requiring no special training on your part.  As a cloud-based solution, there are no worries about how it fits into your security stack. 

You should choose a solution that allows you to granularly manage web activity using additional filtering methods including URL and SURBL, web categories and keywords.  In addition, modern DNS filtering solutions include embedded malware filtering that scans all internet traffic for ransomware, malware and other types of embedded malicious code.  This is especially important in order to protect from recently compromised websites.

Choose a solution that adds value to your brand

Makes sure you choose a vendor that is service provider friendly and lets you rebrand their web-based solutions, giving you the credit and the glory in the eyes of your customers.  Not all filtering companies go out of their way to service MSPs.  Make sure you partner with one that has a committed channel program and offers special pricing packages created especially for MSPs with their profit margin in mind.   

DNS web filtering for managed service providers need not be difficult to implement or time-consuming to manage. WebTitan Cloud gives MSPs an opportunity to add a new revenue stream, increase client spending, broaden the appeal of their products and attract new business.