If you work in an MSP, you're probably tired of hearing about potential cybersecurity threats from pundits on the internet.
Wondering all day about what vendors and clients claim to be the next issue in cybersecurity must be hard. We get it. Which is why we've made a list of the top 5 common cybersecurity threats that MSPs face on the ground to help you prepare and defend against them. Read on!
(Psssst.....Joshua Liberman, President of Net Sciences (New Mexico's most security-focused MSP) shares a few cybersecurity tips at The Bugle. Check it out!)
Email phishing and BEC
Hackers use fraudulent messaging (emails, ads, sites) in an attempt to obtain sensitive user information and break into accounts. Phishing is by far the most common threat MSPs encounter on a regular basis.
BEC (Business Email Compromise) is when hackers send spoofing emails to impersonate your company's senior executive. The goal here is to request seemingly legit business payments to an offshore third-party account. Companies that deal with vendors and suppliers across countries are more susceptible to BEC threats. Having strict policies and multiple checks for wire transfers can greatly help with defending your company against these threats.
Absence of MFA
Multi Factor Authentication (MFA) is an added layer of security that requires the user to go through a two (or more) step verification process to access applications. Login credentials can easily be stolen if it's written down in a post-it note. Besides, usernames and passwords are vulnerable to brute-force attacks from hackers. MFA ensures that the users are actually who they say they are by using secondary verification factors like mobile/email approvals, fingerprints and physical hardware keys.
Here are some best practices to adopt after implementing MFA:
- No work is to be done on personal devices
- All devices are monitored using RMM/MDM
- Technicians must use unique passwords for each tool they use
- Avoid sharing passwords over emails or collaboration tools. Credentials should be shared only through password managers.
- Review all logins on a weekly basis
Macros-Microsoft office & Exchange servers
Macros are small programs that are used to automate repetitive tasks in Microsoft Office applications. While they are mostly used to increase efficiency, attackers can use macros to gain access or harm your system. Macros can be used creatively to emulate ransomware and steal data. As a rule of thumb, most security service providers either recommend the disabling of macros or do it by force and make sure users cannot re-enable it.
Microsoft Exchange Server is an email server that is used to schedule meetings, access calendars and contacts. While Microsoft constantly releases security patches, companies often find it difficult to keep the servers updated. Hackers can exploit the security vulnerabilities in the non-updated systems to gain access. Using Microsoft Exchange security utilities and having a system in place to monitor patches and updates can go a long way in preventing the hacks.
Ransomware
Ransomware is a type of malware that encrypts the user's files and restricts access until a ransom is paid. In some cases, attackers threaten to release the company's confidential documents online if the ransom isn't paid. Phishing emails, spam attachments masquerading as official documents are the common vectors attackers use to deploy malware into the user's system.
Here are some best practices to prevent ransomware attacks:
- Keep the system up to date with security patches
- Restrict users from installing third-party software without permission
- Having a strong antivirus software
- Regular backups of files
End-user mistakes
Well, it really doesn't matter how many advanced security practices you put in place if the end-user or the technician is not educated properly on the best practices of security management. Make it a priority to have regular seminars, and drills to ensure the end-user is aware of the threats.
That's not all; we've got plenty more cybersecurity content for you at the SuperPod — The no-filter MSP show. Oh and if you're an MSP looking to buy a secure PSA-RMM tool, do try out SuperOps.ai for free.