By David Nathans, director of security, SOCSoter
In thinking about the threat cybercrime presents to businesses, it is not a matter of if it will ever happen, it is a matter of when it will happen. If you don’t believe this, then consider the President of the United States created the Cybersecurity act of 2015 and the Cybersecurity National Action Plan (CNAP) to direct the federal government to take action now to protect not only our government, but also the private sector and our personal lives from cybercrime. This protection comes in the tune of $19 billion dollars to ensure Americans have the tools they need to protect their identities, information, and private benefit information.
MSP’s play a pivotal role in this fight as the trusted agent for businesses when it comes to all things IT related. Similarly to how physicians work where general practitioners refer to specialists, it takes a cybersecurity specialist who truly understands and is focused on security to keep up with the in-depth, rapidly changing threats that are trending.
Generic threats that impact customers are rare due to firewalls and simple anti-virus solutions, but these days’ cybercrime is anything but generic. In IT, the focus is on features and stability, but increasingly the focus has become the security of systems and data. This shift in focus is obvious when it comes to ransomware and the negative effects it creates on hard hit companies. Therefore, it is vitally important for MSP’s to align with companies offering cybersecurity solutions that can be offered to their customers, but with that comes great benefits, increased profits, and increased customer satisfaction.
For the customer an MSP is serving, the first question needs to be what the businesses cybersecurity priorities are. Today, the priority seems to be protection against ransomware and IF the best way to combat it is to invest in awesome cybersecurity tools and controls.
The first part of awesome cybersecurity typically starts with a comprehensive Remote Monitoring and Management (RMM) platform that not only provides an antivirus solution, but works hard to keep systems fully patched and up to date. But it’s not all about keeping a system up to date with patches and AV definitions — the system has to actively monitor the customer and allow MSP’s to properly react to security relevant events. As more and more businesses get hit with malware, new tools enter the marketplace to get loaded onto endpoints. MSP’s need to be careful as soon there will be no computing power left for the user to be productive and too much data for the MSP to sift through.
Another component of awesome cybersecurity is having a good backup strategy — critical to a cybersecurity offering but having a much wider, positive impact than just recovering from something from a ransomware attack. MSP’s should look at not only backup solutions for their customers but how secure those backups really are. Make sure backups are kept off-line, otherwise they can become infected with ransomware as well —and that includes solutions that leverage cloud storage. Instead, think about using a server with high-level encryption and multiple-factor authentication.
Lastly, you cannot have awesome cybersecurity without network monitoring and log analysis as it’s critical for the protection of any customer wishing to catch malware, data breaches, find insecure configurations, and user policy violations. Not only that, but network monitoring is a key component of most all regulatory compliance requirements such as PCI-DSS and the U.S. governments continuous monitoring requirements. More than a requirement, as fileless malware increases, new Internet of Things devices get installed in businesses and bad behavior hides inside allowed traffic, the importance of monitoring the network for malicious activity also dramatically increases. Having a network monitoring system that is consistently updated and monitored by certified professionals trained to actively hunt for any malicious activity from any type of device is an invaluable tool in an MSP’s offerings.
If an MSP is looking for a way to add security offerings to its current lineup of products and services, start with building relationships with friendly cyber smart companies. These cyber focused organizations can help the MSP’s provide needed specialized knowledge, support, services as well as highly sophisticated products that are designed to protect the customer, the business, and the data. From critical network monitoring to backup’s, Anti-virus and even firewalls and web proxies, MSP’s providing defense in depth solutions to their customers will lead the pack and find their business expanding.
David Nathans (@zourick) is the director of security at SOCSoter, a Managed Security Service Provider catering to IT service providers helping to secure customers nationwide with affordable cybersecurity services and dedicated security engineers.
About SOCSoter, Inc.
SOCSoter (@SOCSoter) is a Nevada corporation headquartered in the state of Maryland since 2015. It was built to help small and medium sized businesses combat the growing business risks associated with network connected systems and applications. Service offerings include dedicated cybersecurity engineers monitoring easy to install and internally developed proprietary hardware and custom software provided free as part of the service offerings negating the need for capital expenditure by SOCSoter customers.