7 cybersecurity practices MSPs should be addressing

Targeted ransomware attacks against IT managed service providers (MSPs) are on the rise with potentially catastrophic implications for both the MSP and the customers who depend on them.

Cyber Article 1 min Fri, Oct 23, 2020

Both the frequency of attacks and the associated ransom demands are climbing, not to mention the reputational impact and potential litigation the MSP may face from disgruntled customers who are unable to access their network.

The following are some basic best practices that MSPs should be putting front of mind to protect themselves, and by extension, their customers:

  1. MFA for MSPs, please

    It’s crucial that MSPs implement advanced multi-factor authentication (MFA) on all applications to reduce the risk of a malicious third-party intrusion. This process is used to ensure that a person is who they say they are by requiring a minimum of two pieces of unique data that corroborates their identity. This unique data comes in three forms - something you know (i.e. your password), something that you have (i.e. a one-time passcode generated by an app or hardware token), or something you are (i.e. fingerprint, retinal pattern, voice signature or facial recognition). A significant number of cyber incidents could be avoided simply by implementing advanced MFA. Find out more.

  2. Password123 really is as easy as ABC

    Simple and commonly used passwords enable intruders to easily gain access and control of a computer, whether they are taking advantage of unchanged default settings or running brute force attacks. It may sound simple, but strong, long, unique passwords that are changed regularly are a must for all MSP employees. Keeping track of passwords can be difficult – one little trick is to use sentences as passwords, but you can also use one of a number of handy and affordable password managers on the market.

  3. Whoa! Back it up!

    MSPs should not only be doing regular backups of their data, but ensuring that those backups are bulletproof. This means storing these outside the network and offsite and testing them regularly. To find out how failed backups affected one of the technology firms we insure, check out this cyber claims case study.

  4. Responsibility for cybersecurity

    Given the potential widespread impact of a breach emanating from an MSP, every MSP should have a written cybersecurity program with a person assigned a role as a cybersecurity officer who has relevant experience and qualifications. Cybersecurity should not be considered an afterthought or an upsell – it should be a number one priority for all MSPs, with someone internally designated to lead the charge on cyber protection and risk mitigation.

  5. Know your client

    Sales are one thing but are you aware of what your client’s expectations and needs are?  Different industry segments have vastly different requirements – including uptime requirements and backup frequency. Taking on clients and treating them all equally without understanding their specific requirements can have disastrous consequences in the event of a cyber event. Clients in the healthcare, legal and financial sectors, for example, hold and rely on a lot of sensitive information and thus should be treated differently. A  significant outage from a cyber event can be disastrous for them – and in turn for the MSP too!

  6. Know your vendor

    Even if an MSP has the most robust security program possible, their data is only as secure as the weakest vendor that has access to their data. It is therefore critical that all MSPs have a vendor due diligence program to ensure their cybersecurity practices meet minimum standards. This is crucial in mitigating and avoiding threats.

  7. Know your weaknesses

    It might sound obvious, but all MSPs should implement an effective vulnerability management program which identifies and remediates security vulnerabilities in software. Vulnerability management is not just about patching (though very important!) but about making informed decisions and properly prioritizing the most serious security vulnerabilities first.