Remote work has increased over the last few years, and as the world navigates this new norm, organizations must prepare and improve their teams and processes to prevent cyberattacks and mitigate increased security threats.
In CompTIA’s YouTube series Tough Talk on Cybersecurity, Wayne Selk, vice president of cybersecurity programs at CompTIA, and guest experts discuss some potentially uncomfortable topics for MSPs, namely the current state of MSP cybersecurity, components that could be missing from an MSP’s cybersecurity portfolio and how to adopt best practices to better protect customers. Below, we’ll take a closer look at the series.
Acceptable Use and Password Policies for MSPs
It’s not enough to just say you have acceptable use and password policies. MSPs should constantly be inspecting and enforcing those policies with their customers, ensuring that spam protection, email filters and other solutions are following best-practice guidelines to protect everyone.
Corey Kirkendoll, CEO of 5K Technical Services and an executive council member of CompTIA's Advancing Tech Talent and Diversity Committee, discusses the benefits and best practices around acceptable use and password policies.
“We need to make sure [customers] understand the importance of these policies and procedures because when a breach happens and it comes down to that situation, they’re going to want to see those policies and procedures,” Kirkendoll said. “One, do they exist? Two, are they enforced? And three, when is the last time they were updated?”
User Awareness Training for MSPs
Technology solutions are great tools to help safeguard customers from the latest security threats, but it takes more than technology to get the job done. Users need to understand—and use—cyber best practices to ensure their businesses and data are fully protected.
Ann Westerheim, founder and president of Ekaru, offers some expertise on the importance of user awareness training and advice on establishing a training curriculum for customers and more.
“If you open up the front door for the cybercriminal, they’re definitely going to get in,” Westerheim said. “And a lot of our clients really like the cyber training for their personal lives, too. They appreciate how important it is, and they see how they can use it in other aspects of their lives.”
Data backups are a vital component of staying safe, but it’s critical to follow correct policies and procedures to ensure that backups are completed correctly to prevent ransomware and other cyber incidents.
Jay Tipton, president of Technology Specialists and cyber incident survivor, discusses why it’s important to have (and follow) data backup policies and procedures, how to create a documented backup and how to avoid common backup pitfalls before it’s too late.
Cybersecurity professionals typically opt for secure password managers to keep passwords secure, but Tipton offers a recommendation that some might find surprising, “Have your passwords backed up on paper,” he said.
Do you know where your cyber vulnerabilities lie? If you’re not conducting regular risk assessments of both you and your clients, you may be courting catastrophe. And if you experience a full MSP breach, all of the work you’ve put in to protect your clients goes to naught.
Jason Slagle, president of CNWR, discusses why assessing risk is critical to protecting client information and networks and how to develop an assessment if you’re not sure where to start. “It’s definitely a process of continuous improvement,” Slagle said.
Patch Approval and Change Management
Keeping software applications patched and up-to-date is one of the most important responsibilities that MSPs have. That includes testing, vulnerability scans and making sure that your third-party applications are running properly.
Alex Spigel, COO of Choice Cyber Solutions, talks about why you should create policies and procedures around patch management, the need to test your updates to ensure everything is running correctly and best practices to keep your own applications updated.
“Any one software that you download can always be the weakest link that can always be your Swiss cheese hole that lets in the bad guys,” Spigel stated. “So, it’s important to protect yourself and your client by really locking things down both internally and for them, and making sure that these processes are followed and that they can rely on you and trust you from a client perspective to make sure that these things are implemented and completed.”
Protective Filtering and DNS Security
Protecting and inspecting the traffic coming into and out of a network is critically important for any business, and a big concern if you don’t have the proper solutions in place. For MSPs, protective filtering and DNS security tools allow you to understand the traffic and remove anyone or anything that shouldn’t be there.
Goran Lepan, customer success manager at InfoTrust in Australia, discusses how protective filtering and DNS tools can make you a hero to your customers, why MSPs need to practice what they preach and why testing and inspections will help ensure that malicious behavior is stopped.
“You need a DNS in your business,” Lepan said. “Because it doesn’t have a strong security focus in its own design, you need to protect it in different ways.”
Dark Web Monitoring
It’s estimated that only about 20% of the content on the internet is indexed—and sitting below the surface is the dark web, where shady figures can go to buy, sell or trade personal information to be used for nefarious purposes. Monitoring that content is critical to ensure that you and your customers are well protected from cyber threats.
Drew Sanford, vice president of global security operations at ConnectWise, talks about what the dark web is and how it is used, why MSPs need to monitor the dark web to ensure that pertinent sensitive information isn’t available there and how to develop solid practices to minimize your risk.
“Make sure you’re double checking everything you think is in place, and if you don’t have those things in place, implement,” Sanford advised.
Two-factor Authentication and Advanced Endpoint Defense
Two-factor authentication (2FA) is an additional layer of security that helps protect businesses from cyber incidents. And yet, it’s far from being standard across most enterprises and small businesses. Therein lies the opportunity for MSPs.
Patrick Burgess, technical director for Nutbourne Ltd. in the UK, discusses what two-factor authentication is and how it works, why 2FA should be applied and how important 2FA is now in a remote-working world.
“You’ve got to understand the bigger picture,” Burgess stated. “Your staff are no longer in one place. They’re all over the place. So, your detection and your response and your protection has to go with that.”
Want to learn more?
Read CompTIA's State of Cybersecurity 2022.