Managed service providers (MSPs) offer IT consulting and support, effectively managing their client’s IT. MSPs can act as an internal IT department that implements and maintains your technology solutions and infrastructure and ensures that your data is secure.
To effectively monitor and manage their client’s systems MSPs often establish remote connections to all their client’s networks. Unfortunately, those multiple connections make MSPs a prime target for ransomware.
Essentially, a hacker can gain access to not just the MSP’s network, but all their clients too, with a single attack. They perform one hack but are able to capture the critical data of countless businesses—and then hold that data for ransom at a very high price.
Ransomware attacks are gaining popularity. Global cyber insurance provider Beazley reported a 37% increase in ransomware attacks in the third quarter of 2019 compared to the previous quarter. Particularly worrying is that a staggering 25% of all incidents were against MSPs.
If your MSP isn’t taking steps to secure themselves, they are not only putting their business and reputation at risk, but their clients as well. Here at Methodology IT, we understand the gravity of this threat and practice what we preach to our clients when it comes to cybersecurity. We don’t leave anything up to chance and prepare by simulating our response to a cyberattack, so we know exactly how to handle it if we are targeted. We take every precaution to ensure we not only keep your system secure but ours as well.
The bread and butter of any cybersecurity approach- just like how we outfit our clients with top-notch security solutions, we have fortified ourselves as well.
To prevent a hacker from gaining access to all our clients’ networks by merely accessing our own, we utilize network segmentation. We divide our system into smaller sub-networks and implement policies to control traffic flow and access to them.
We use IP filtering like a firewall to protect our clients’ sub-networks from intruders. With IP filtering, we control the IP traffic in and out of the network and have set rules to restrict unwanted users from entering.
Utilizing Microsoft 365 filter down policies, we frequently force the reauthentication of a user via multifactor authentication. If a password becomes compromised, the tools will quickly block access until the multifactor authentication is completed.
We work with an outside security firm to regularly run penetration tests on our internal systems. We understand the importance of having our work checked by another professional and identifying our gaps before a cybercriminal can.
We have a constant scanner looking for any credentials that have been advertised for sale that pertain to our business. This way we can immediately change any compromised passwords or log-ins before they can be used to gain access to our systems.
We always stress to our clients the importance of practicing your disaster protocols, and we do it ourselves consistently. Almost every drill we run, we find areas for improvement. If you leave your first run-through of your disaster response for when it counts most, you aren’t setting yourself up for success.