[BreachExchange] Holistic Data Protection for the SMB: Five Steps for MSPs

Audrey McNeil audrey at riskbasedsecurity.com
Mon Feb 29 19:24:13 EST 2016


http://mspmentor.net/blog/holistic-data-protection-smb-five-steps-msps

In today’s competitive business climate, data is king. Organizations, both
large and small and across all vertical industries, rely heavily on data to
stay in business. The fact is that any outage, whether caused by nature or
man-made, has the potential to put a company out of business
indefinitely--or, in some cases, permanently.

I believe that no business should fail due to data loss, and this is why it
is important that any business, regardless of its size, do everything in
its power to protect its data on a holistic scale. For SMBs, this often
means relying on the expertise of their MSP or IT solution provider, which
can help them put the processes and solutions in place that provide
end-to-end protection for data and critical IT infrastructure.

To help MSPs and IT solution providers ensure that their SMB customers are
taking a holistic approach to data protection, we recommend that they
follow these five steps:

1. Get to know your customer: Prior to recommending or implementing a data
protection solution, get to know your customer. If they are operating in a
regulated industry such as banking, legal services or healthcare, or if
they are a school or government agency, they will have different data
protection needs than the marketing firm down the street or the restaurant
across town that you work with. Based on the type of business they are
operating, you need to determine up-front how much downtime they can afford
and what files and applications (such as VMware) they need to protect most.
2. Create a plan: Once you know the unique business requirements of your
customer, it is time to create a data protection plan and identify the
tools or solutions your customer will need to support that plan. Data
protection procedures should be documented to protect the business
following any disruption--whether it is a power outage, system crash,
natural disaster or human error. Pre-emptive backup and recovery planning
can vastly minimize the impact of some of these disruptions. You can work
with your customers to develop scenarios before disaster strikes, so they
will be prepared to recover their data regardless of what happens.
3. Don’t forget data security: When it comes to protecting your customers’
data, not just any encryption will suffice, and only military-grade 256-bit
AES encryption will ensure the highest levels of data security. When
coupled with strong encryption in transit, this technique can provide
end-to-end protection of the data while it is being stored and transmitted
to and from the data center.
4. Check the compliance box: When implementing a provider’s backup and data
protection solution, always check to make sure it is compliant with the
industry standards and regulations your client must follow. This is
especially important in regulated industries such as healthcare and
financial services.
5. Centralize management: To make it easier on yourself and your customers,
you should select a data protection solution that offers centralized
management. Integration with today’s leading PSA and RMM tools is among the
key features that many MSPs and IT solution providers look for in a data
protection solution.

One last thing: When selecting backup and data protection solutions for
your SMB customers, properly vet your provider to ensure it offers holistic
data protection. Because, when the unthinkable happens, you want your
customer to quickly recover, as if nothing had ever happened.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160229/05f36376/attachment.html>


More information about the BreachExchange mailing list