Skip to main content
Security Education

COVID-19: 3 Cybersecurity Essentials for MSPs and IT Providers in a Time of Remote Working

By SolarWinds Passportal

The novel coronavirus upturned many of the ways in which we live and work. And it’s important to acknowledge the hard, incredible work MSPs and IT providers have done to help their clients shift to fully remote nearly overnight. Despite this effort, businesses can’t take their eyes off the ball when it comes to security. There are at least three things every provider should put in place to fortify the security and productivity of their customers:

  1. Backup
  2. Remote control and support
  3. Password management

The current threat landscape

Before the current crisis, we had already seen an increase in the number of reported data breaches, as well as their efficacy. High-profile breaches often represented incredible numbers of consumers who had their information compromised. For example, the Marriott attack compromised records for an estimated 500 million customers. Credit card information for more than 30 million was stolen and resold during the Wawa breach. However, this wasn’t the only problem—MSPs increasingly became the focal point of cyberattacks. For example, KrebsonSecurity reported that more than 100 dentist offices were attacked by ransomware that funneled through their IT service provider. Attacks were common enough that the US Department of Homeland Security DHS issued warnings of attacks against MSPs, along with guidelines for staying safe.

All of this occurred before large portions of the globe had to change the way their businesses operated nearly overnight. In the midst of simply getting things set up, organizations likely scrambled enough that corners were cut, and errors were made in the interest of expediency. It’s natural—you have to get people up and running, so taking the time to implement proper security precautions can sometimes fall by the wayside. Even if you’ve taken all the right steps, odds are good some vulnerabilities were introduced somewhere in the process—whether it’s a problem in the software supply chain or users setting up their own accounts using weak credentials. All this is to say IT providers need to stay vigilant against security threats perhaps now more than ever. As mentioned before, they will likely need at least three technologies to help keep their networks safe:

1. Backup

Backup will be extremely important during this uncertain transition time. Backup tools offer an important insurance policy against data loss. Access to data and systems is paramount today for businesses to stay open and successful.

During times of crisis, cybercriminals can often use the ensuing confusion as an opening for an attack. We’ve already seen reports of attempts to scam people seeking information on COVID-19. This makes it even more important to have strong backups to protect against either data loss or ransomware attacks. So make sure to have strong, cloud-based backup in place and to schedule backups to run on a regular basis. Additionally, consider testing backups regularly so you know they’re ready to go in the event of an emergency.

2. Remote control and support

This probably seems like an obvious recommendation—when your customer base moves its workers completely to a remote setup, you’ll need strong remote support tools to help them. Odds are good you already have a remote support option in place. However, it’s important to make sure your remote support solution is fast and encrypted. Remote access attacks, particularly via remote desktop protocol, have become increasingly popular and effective forms of attack. Check to make sure any remote support solution you use includes safeguards and features to help encrypt data and traffic, prevent session hijacking, ensure remote support sessions come only from trusted actors, and close remote support connections automatically when done.

(For a limited time, try Take Control Plus free for 90 days in response to COVID-19.)

3. Password management

As mentioned before, MSPs were already targets for cybercriminals. IT service providers typically have access to a lot of sensitive and valuable data since they touch multiple businesses on a given day. Even extremely security conscious IT professionals can make a mistake, like reusing passwords across accounts (either personal or professional) or setting up an account with a simple password and forgetting to reset it. Unfortunately, account takeovers can be devastating both to IT providers and their customers.

This is why a strong password management solution can be incredibly helpful. Password management solutions can help you enforce best practices by automatically generating strong passwords for accounts and forcing password refreshes and resets on a periodic basis, while also enabling productivity by giving technicians one-click access to services without having to remember separate passwords. With a solid chunk of cyberattacks occurring due to poor password practices, it’s imperative to keep your team’s passwords strong. And during a time of heightened stress like the one we’re currently in, it’s common to make mistakes, so automating as much of the password management process as possible can help reduce your potential exposure.

SolarWinds Passportal

SolarWinds® Passportal can play an essential part in helping you keep your customers safe from cybercriminals as both your team and your customers continue working from home. Some of its key features include:

  • Company and Personal Vault
    Protect customers by storing privileged client data in a cloud-based, centralized company vault. You can also optionally allow users to have their own vaults for personal users.
  • Discovery and Automation
    Discover client data, passwords, and network information wherever you are. Password change automation lets you rotate expired passwords on a regular basis.
  • High Availability
    Access data almost anytime, anywhere, on nearly any device—desktop, tablet, or mobile phone. With significant uptime, you’ll be able to keep remote workers productive and safe with ease.
  • User Management
    Assign, revoke, and manage user permissions, and monitor user access for suspicious behavior with audit trails. Give access to those who need it when they are working from home without worrying about someone else attempting take advantage of the remote workforce.
  • Analytical Dashboard Interface
    Monitor password strength, rotation, expiry, and accounts on an easy-to-read dashboard.
  • Apps and Integrations
    Make it easy to access accounts via a one-click login through the personalized mobile app and cross-browser extensions. SolarWinds Passportal currently integrates with PSA, RMM, and network tools your MSP is likely already using.

Learn more about SolarWinds Passportal today.

SolarWinds® adds Passportal suite to its MSP product portfolio. MSP security, simplified. SolarWinds® Passportal + Documentation Manager is a SOC 2 certified, RAPID 7 tested, award winning platform.

 Audited Tested Awarded-01

Grow your business faster with the world's first unified platform for true password management and secure IT documentation. More than 2,000 best-in-class MSPs around the world are leveraging our security, automation, and rapid access client knowledge to out preform the competition.Passportal-SolarWinds_1200x190

Welcome to the Passportal Blog

Into cybersecurity? Read up on current trends in IT Services and ensure you’re up to speed on best practices on how to grow your business.

Want to stay up to date?

Get the latest N-able tips, tricks, and ideas sent to your inbox each week.

Loading form....

If the form does not load in a few seconds, it is probably because your browser is using Tracking Protection. This is either an Ad Blocker plug-in or your browser is in private mode. Please allow tracking on this page to request a subscription.

Note: Firefox users may see a shield icon to the left of the URL in the address bar. Click on this to disable tracking protection for this session/site

Automated password protection with documentation management integrated with the MSP tools you already use

Manage passwords with ease