What Should A Firm Look For When Selecting An MSSP?


What Should A Firm Look For When Selecting An MSSP?

Introduction:

The arrival of several new MSSPs in late 2004 reduced costs somewhat and allowed these companies more choice on which providers they work with. Retailers like TJX Companies (Marshalls, TJ Maxx) and Alcatel-Lucent began offering identity theft insurance directly to their customers at this time as well.

Most MSSPs work to provide similar services that range from 24/7 monitoring of all three major credit bureaus, Fraud Resolution support, ID restoration & support and in some cases assistance in opening new bank accounts. There are also segment-specific MSSPs that help banks and retailers with customer identity verification for the purpose of establishing a new account. These companies include IntelliLink / FIS, Verified Identity Pass & Acculynk.

Key factor:

The key to finding an appropriate vendor is one that’s going to have a positive impact on your customers’ experience both prior to and during the unfortunate event of identity theft. 

An effective system will enable your customers to easily contact you without long wait times or automated messages getting in their way and will allow your clients to more easily get through the process of restoring their identity.

  1. MSSPs should provide references before, during and after an event has transpired.
  2. There should also be a service level agreement that details exactly what they will provide when it comes to identity theft services.
  3. Companies should be prepared to answer any questions or concerns raised by their clients in English so there is no doubt in communication between the two parties involved.
  4. An Identity Theft Provider should always have staff available to answer any questions or raised by their clients and if they do it in another language, don’t hesitate to request them to switch to English so there is no doubt in communication between the two parties involved.
  5. They should also disclose data breaches within 45 days after confirming it.
  6. Provide as much information as they can about the types of data breached, approximate number of records breached and offer identity theft insurance to those affected by the breach.

The most effective MSSPs provide an easy to use website portal that allows your customers to check on the status of their claim at any time, get case updates and get in touch with their Identity Restoration Specialist (IRS) via phone or email. Your goal is always going to be minimizing the amount of time it takes for a customer to contact you and for you to respond appropriately. This can oftentimes mean life -and business-improvement issues, such as “missing” funds sent during a data breach and stolen credit cards used by thieves. The longer it takes for your customers to communicate what has happened, the worse off they are when it comes to mitigating the damage done.

General rule:

As a general rule, any MSSP should be capable of providing you with an impressive list of clients they have provided services to in the past. 

This serves as your best indicator on whether or not their services are appropriate for your company or one that you would recommend to other contacts. The organization should be able to provide references before, during and after the event has transpired. Some companies will even give their references discretion prior to sharing anything with you so that if it’s necessary they only discuss limited details only upon your request due to privacy compliance issues.

Q /A Module:

The strength of identity theft insurance can vary greatly depending on how well it is presented by the provider. Pricing changes constantly, so do not rely on them as the basis for selecting your provider. Ask questions such as: How do you handle restoring my customer’s identity? Will I be provided their IRS and Restoration Specialists to contact if needed? What services are included, not just what they charge for – There should be a service level agreement that details exactly what they will provide. The more a company can control a situation, the better off its customers will be.

A good rule of thumb is checking whether or not the MSSP has any form of accreditation from organizations such as Trustee or have been certified by organizations including PCI DSS & HIPAA Compliance. Oftentimes this implies to buyers that there are certain standards being employed by the organization.

Warning Signs to Watch Out For:

If you’re not provided with any of your customer’s IRS information (first & last name, phone number, email address) this may be a sign that the organization is not experienced with dealing with identity theft. If they are not prepared to provide you specific details on what exactly will happen when it comes time for restoration of your customers’ identity, this may also be an issue.

An Identity Theft Provider should always have staff available to answer any questions or concerns raised by their clients and if they do it in another language, don’t hesitate to request them to switch to English so that there is no doubt in communication between the two parties involved. The National Association of Insurance Commissioners recommends that companies disclose data breaches within 45 days after confirming it. It also recommends that companies provide as much information as they can such as the types of data breached, approximate number of records breached and offer identity theft insurance to those affected by the breach.

Conclusion:

The firm should look for an MSSP that will offer service, support and transparency. There are a variety of providers available on the market today and most specialize in different areas so it’s important to do your research and find out which type of plan is right for you. Identity theft insurance benefits depend on how much time and energy you want to put into learning about the topic. The more patient and detail-oriented the buyer is, the larger their options will be in terms of choosing a high quality plan that suits them.

Recent Posts