[BreachExchange] 3 MSP Best Practices for Protecting Users
Destry Winant
destry at riskbasedsecurity.com
Wed Jun 13 20:00:18 EDT 2018
https://www.webroot.com/blog/2018/06/12/3-msp-best-practices-protecting-clients/
Cyberattacks are on the rise, with UK firms being hit, on average, by
over 230,000 attacksin 2017. Managed service providers (MSPs) need to
make security a priority in 2018, or they will risk souring their
relationships with clients. By following 3 simple MSP best practices
consisting of user education, backup and recovery, and patch
management, your MSP can enhance security, mitigate overall client
risk, and grow revenue.
User Education
An effective anti-virus is essential to keeping businesses safe;
however, It isn’t enough anymore. Educating end users through security
awareness training can reduce the cost and impact of user-generated
infections and breaches, while also helping clients meet the EU’s new
GDPR compliance requirements. Cybercriminals’ tactics are evolving and
increasingly relying on user error to circumvent security protocols.
Targeting businesses through end users via social engineering is a
rising favorite among new methods of attack.
Common social engineering attacks include:
An email from a trusted friend, colleague or contact—whose account has
been compromised—containing a compelling story with a malicious
link/download is very popular. For example, a managing director’s
email gets hacked and the finance department receives an email to pay
an outstanding “invoice”.
A phishing email, comment, or text message that appears to come from a
legitimate company or institution. The messages may ask you to donate
to charity, ‘verify’ information, or notify you that you’re the winner
in a competition you never entered.
A fraudster leaving a USB around a company’s premises hoping a curious
employee will insert it into a computer providing access to company
data.
Highly topical, relevant, and timely real-life educational content can
minimize the impact of security breaches caused by user error. By
training clients on social engineering and other topics including
ransomware, email, passwords, and data protection, you can help foster
a culture of security while adding serious value for your clients.
Backup and Disaster Recovery Plans
It’s important for your MSP to stress the importance of backups. If
hit with ransomware without a secure backup, clients face the unsavory
options of either paying up or losing important data. Offering clients
automated, cloud-based backup makes it virtually impossible to infect
backup data and provides additional benefits, like a simplified backup
process, offsite data storage, and anytime/anywhere access. In the
case of a disaster, there should be a recovery plan in place. Even the
most secure systems can be infiltrated. Build your plan around
business-critical data, a disaster recovery timeline, and protocol for
disaster communications.
Things to consider for your disaster communications
Who declares the disaster?
How are employees informed?
How will you communicate with customers?
Once a plan is in place, it is important to monitor and test that it
has been implemented effectively. A common failure with a company’s
backup strategy occurs when companies fail to test their backups.
Then, disaster strikes and only then do they discover they cannot
restore their data. A disaster recovery plan should be tested
regularly and updated as needed. Once a plan is developed, it doesn’t
mean that it’s effective or set in stone.
Patch Management
Consider it an iron law; patch and update everything immediately
following a release. As soon as patches/updates are released and
tested, they should be applied for maximum protection. The vast
majority of updates are security related and need to be kept
up-to-date. Outdated technology–especially an operating system (OS)–is
one of the most common weaknesses exploited in a cyberattack. Without
updates, you leave browsers and other software open to ransomware and
exploit kits. By staying on top of OS updates, you can prevent
extremely costly cyberattacks. For example, in 2017 Windows 10 saw
only 15% of total files deemed to be malware, while Windows 7 saw 63%.
These figures and more can be found in Webroot’s 2018 Threat Report.
Patching Process
Patching is a never-ending cycle, and it’s good practice to audit your
existing environment by creating a complete inventory of all
production systems used. Remember to standardize systems to use the
same operating systems and application software. This makes the
patching process easier. Additionally, assess vulnerabilities against
inventory/control lists by separating the vulnerabilities that affect
your systems from those that don’t. This will make it easier for your
business to classify and prioritize vulnerabilities, as each risk
should be assessed by the likelihood of the threat occurring, the
level of vulnerability, and the cost of recovery. Once it’s determined
which vulnerabilities are of the highest importance, develop and test
the patch. The patch should then deploy without disrupting uptime—an
automated patch system can help with the process.
Follow these best practices and your MSP can go a lot further toward
delivering the security that your customers increasingly need and
demand. Not only you improve customer relationships, but you’ll also
position your MSP as a higher-value player in the market, ultimately
fueling growth. Security is truly an investment MSPs with an eye
toward growth can’t afford to ignore.
More information about the BreachExchange
mailing list