Start with These 5 Best Practices
As listed in the president's new Cybersecurity Executive Order, the U.S. government has selected five highly impactful steps to help organizations focus and make rapid progress in driving down ransomware risk. The recommended best practices are:
- Ensure that your backups are regularly tested and that they're not connected to the business network.
- Update and patch systems promptly and maintain the security of operating systems, applications, and firmware promptly.
- Regularly test your incident response plan.
- Use a third-party pen tester to test the security of your systems and your ability to defend against a sophisticated attack.
- Carefully filter and limit internet access to operational networks.
- Adopt multifactor authentication and encryption for data at rest and in transit.
Businesses will increasingly look for MSPs that can help them implement these best practices.
You can demonstrate your commitment to security by offering clients penetration-testing services that evaluate their current defenses and gauge their vulnerability to attack. Organizations will appreciate this because most don't do their security tests and know—or should know—that they're vulnerable to ransomware. As part of your penetration-testing services, you might send dubious-looking emails to your clients and see if their employees open them or click on links embedded in the email body.
You can also help your clients implement better systems for data backup and recovery. If you assist them with deploying an effective backup system, they'll be prepared to respond to attacks and repair any damage quickly. You should recommend a solution that provides immutable object storage on-premises or in the cloud. Such a solution takes an immutable snapshot of data every 90 seconds. It establishes a continuous series of recovery points, thereby ensuring that the customer's data will be safe even if a ransomware attack is successful.
The unfortunate reality is that ransomware is here to stay. Indeed, we can expect the problem to increase and threaten businesses of all sizes. As an MSP, you can play a valuable part in helping your customers defend against attacks and safeguard their data—and their future.
ANDY ZOLLO is EVP of worldwide sales at Arcserve, where his responsibilities include managing the global channel strategy, expanding the worldwide channel business, and growing existing partner potential. Zollo joined Arcserve in 2021 through the merger with StorageCraft, where he had been in charge as vice president for EMEA Sales, then international sales, and finally global sales since 2016.