Cyber Security Awareness Month

Cybersecurity Tip #21: Establish a Security Policy

#CybersecurityTip: Offering a security policy in an MSP adds value and can be another service offering for your clients. Policies help set guidelines for SMBs to take in order to stay secure while getting the threat education they need. Recently featured in the Passportal blog, Chris Crellin, VP of Product Management for Barracuda MSP, shares his top five best practices for establishing a security policy. See them listed below.

Topics: Cybersecurity Tips

Cybersecurity Tip #20: Effectively Erase and Dispose of Old Data

#CybersecurityTip: Does your MSP have policies or procedures in place to dispose of or destroy old data? Or is the procedure simply clicking, 'Delete'? With the growth of data in your networks, as well as, new data security policies being implemented (ex. HIPAA), what are MSPs to do data removal? The fact is, data deletions are not enough. Deleting a file only marks the space it occupies. Until these invisible 'spaces' are overwritten several times with new data, the old data can still be retrieved. Continue reading to learn how your MSP can effectively dispose of old data.

Topics: Cybersecurity Tips

Cybersecurity Tip #19: Patch Management

#CybersecurityTip: Outdated technology, especially an operating system (OS), are vulnerable to  cyber attacks and are commonly exploited. Without updates, browsers and other software are open to ransomware or exploit kits. Staying on top of OS updates can prevent costly cyber attacks, saving your clients money. For example in 2017, Windows 10 saw only 15% of total files deemed to be vulnerable to malware, while the older version Windows 7 saw 63% susceptibility. Patching and updating your software programs is crucial for MSP security. Keep updates up-to-date regularly. 

Topics: Cybersecurity Tips

Cybersecurity Tip #18: Utilize Multiple Layers of Backups

#CybersecurityTip: Best practice in data backup is using a tiered approach. This will ensure that your backups are more reliable and can be accessed securely. Offering clients various layers of backup that are automated and scheduled will help ensure safety to your MSP network. Automated backup validation and error notification should be leveraged. It is recommended that data should be backed up hourly, daily, or weekly based on your MSP's needs. Data should also be stored on and off site, via cloud-based backup that provides additional benefits. Do not use a single backup source. Some examples of using a tired approach is using binary snapshot, SQL dump, and point & time recovery.

Topics: Cybersecurity Tips

Cybersecurity Tip #17: Schedule Regular Backups and Test Them

#CybersecurityTip: Protecting against destructive cyber attacks, technology failure, user error, or even natural disasters, backing up your data and testing it regularly is key to successful backup maintenance. MSPs should offer backup solutions that are consistent and predictive, using a multi-layered approach. If a backup is not set up correctly, ransomware could have the ability to infiltrate network data, and ultimately, be uploaded to backup servers that destroy or compromises the data at hand. Subsequently, this puts your clients in an unfortunate position where in some cases, they may have to pay the ransomware in order to get their data back. Alternatively, your clients data could be lost or erased, rendering their business inoperable. These threat scenarios can be intrusive and costly, and it can be avoided.

Topics: Cybersecurity Tips

Cybersecurity Tip #16: Keep Your WiFi Hotspot Secure

#CybersecurityTip: Everyone and everything now has the capacity to connect to unsecured WiFi hotspots, increasing the threat risk for any organization. Risks such as vulnerable devices, corporate or personally owned, can pose as a major threat. Endpoint security alone is not enough to keep users safe. Some ways to protect your WiFi hotspot is to implement DNS protection that includes filtering and bandwidth monitoring integrated with endpoint security. 

Topics: Cybersecurity Tips

Cybersecurity Tip #15: Use Encryption Properly

#CybersecurityTip: Encryption is great, but it isn't everything. There are a number of things to be aware of. The Advanced Encryption Standard (AES) is to ensure data is encrypted in transit and at rest at 256-bit AESThis offers availability for a 48-character string to be converted into a 256-bit private encryption key that only you has access to. The catch: if the encryption keys are stored in the same location as the encrypted files, consider this security technique obsolete.

Topics: Cybersecurity Tips

Cybersecurity Tip #14: Use Multi-Factor Authentication

#CybersecurityTip: MSPs, double-up on your security. Use multi-factor authentication (MFA) in order to prevent unauthorized access to your network system accounts. Strong authentication is no longer a nice to have, it’s a must have - especially for MSPs who build their businesses on reducing risk for their clients. An MFA solution is critical to a complete managed services offering. Click here to discover 4 key benefits MSPs get when they leverage a powerful multi-factor authentication solution.

Topics: Cybersecurity Tips

Cybersecurity Tip #13: Avoid Storing Visible Credentials

#CybersecurityTip: Literally. As tempting as it is, avoid writing down your credentials and posting them on a sticky note on your computer for the world to see. Alternatively, avoid storing your credentials in a visible document to all staff. Avoid the password spreadsheet like the plague! Without appropriate access management tools will lead to a haphazard style of credential management. All users will then have access to sensitive passwords, granting unlimited access to IT assets that is not controlled. Maintaining password spreadsheets, printouts, text documents, or paper poses a serious security risk to your business and can be shared our insecurely amongst your technicians.

Topics: Cybersecurity Tips

Cybersecurity Tip #12: Change Passwords Regularly

#CybersecurityTip: For managed service providers (MSPs), a growing network infrastructure means a myriad of privileged credentials for a multitude of users. That is why having an active access management solution will help organize those credentials, offering capabilities to audit or rotate expired or soon to be expired passwords. It is best practice to rotate sensitive passwords every 90 days. An MSP should always keep in mind good password hygiene for their clients, for security is the utmost importance.

Topics: Cybersecurity Tips