#CybersecurityTip: Offering a security policy in an MSP adds value and can be another service offering for your clients. Policies help set guidelines for SMBs to take in order to stay secure while getting the threat education they need. Recently featured in the Passportal blog, Chris Crellin, VP of Product Management for Barracuda MSP, shares his top five best practices for establishing a security policy. See them listed below.
- 'Identify Roles And Responsibilities. One of the first things an MSP should do when setting up a security policy for a customer is to identify who has access to critical infrastructure, data, and applications — and how much access they should be allowed.
- Set Data Retention Parameters. MSPs should be diligent about helping their customers set up policies and procedures for purging unwanted data and applications from their systems once they are no longer needed.
- Create A Private Key. MSPs can provide guidance to their customers on how to set-up and manage private keys to ensure that there’s no single point of failure, which can occur if the person with access to the organization’s network, data and applications were to leave the company.
- Establish Encryption Requirements. By encoding information, organizations can protect critical data and applications from being stolen by hackers. MSPs can help their customers establish encryption requirements for critical applications and data stored on the network, in the cloud, and during transmission.
- Achieve Compliance. Customers operating in regulated industries such as healthcare, finance, and retail, must ensure that all data, network and application security complies with relevant industry regulations (e.g., HIPAA, FINRA, and PCI/DSS).' Read Chris Crellin's full article here.