What happens when the managed IT services provider you trust to keep your IT infrastructure safe and secure gets hacked? What do you do when your network and servers are compromised in a secondary attack? Unfortunately, attacks on MSPs by local and foreign bad actors are becoming quite common, but there are certain steps only the most experienced and elite MSPs take that separate them from the rest.
Last week, Continuum, a renowned professional services automation (PSA) firm used by many MSPs nationwide, reported via email that one of its clients – an MSP – was breached by cybercriminals who stole its credentials, which were then used to disable antivirus on their clients’ machines and “run scripts to deploy ransomware at several end clients.” Continuum added that they believe this incident occurred most likely because of phishing, whereas an employee of the MSP unknowingly gave out their Continuum credentials to hackers.
What can you do as a company?
You can either say “should have, could have, would have” when it’s already too late OR take your MSP to account NOW. As a company, you must inquire about what your technology partner is doing to keep their business – and in turn, your business – safe. Never shy away from asking the tough questions.
- Does your MSP have an internal security expert and/or team to make sure industry best practices are being followed and that their infrastructure – as well as yours – is well protected against cyber-attack?
- Has your IT partner ever discussed multi-factor authentication with you? If not, do you know if they are using it themselves to help prevent disasters like the one above?
- Does your MSP have a disaster and incident response plan and procedure in place for themselves and your business? What happens during outages or emergencies – or cyberattacks?
If your technology partner can’t answer these questions with authority – contact us and we will. Having a plan to mitigate, and, if needed, address issues like the Continuum MSP partner hack is a necessity. If you can’t trust their responses – can you have a peace of mind knowing your most critical technology assets are managed and maintained by them?
Managed IT service providers need to persistently cultivate a culture of caution and vigilance amongst their employees. This itself massively reduces the risk of credential compromise. In addition to that, technology partners MUST enable multifactor authentication (MFA), which is now considered an industry-standard in all the latest IT domains. An MSP also needs to know the ins and outs of every platform, software, and service they support so they can ensure that their clients are covered from risks and exposures.
Here at 123PCSolutions, we practice what we preach. Our team follows best practices internally just as we recommend for our clients. We have a security department with experts on-site who meticulously scrutinize every single detail of our operations to make sure the entire organization is in line with the National Institute of Standards and Technology’s (NIST) cybersecurity and risk management framework. This experience and work culture – along with all the controls and safeguards we have put in place – have allowed us to fortify our own IT infrastructure, as well as our clients’ IT foundation – thereby mitigating risks and exposures to today’s most complex cyber threats.
What in the world is Multi-Factor Authentication (MFA), and why do I need it?
Don’t be intimidated by the sounds of this. In laymen’s terms, MFA is an additional layer of security to access critical IT resources. Historically, users would get logged into their IT resources by using a username (or email) and password. Access by this method alone is becoming obsolete in today’s dangerous and threatening cyber landscape – weak passwords are one of the main reasons by which a data breach takes place. Multi-factor authentication is a powerful way to combat this threat by having end-users enter a password AND a pin code generated via text message OR authenticator app from Google or Microsoft – a code tethered to their own personal device. It’s virtually impossible for hackers to break into your network and servers via stolen credentials if you have MFA enabled because it is highly unlikely that they will have access to your phone and credentials at the same time.
Most MSPs desist from implementing MFAs for their clients because of the complexity and overhead involved. The daunting task to enable MFA into their critical IT infrastructure and then to train the clients to take advantage of it is an unsettling task for many technicians in the industry. From an inexperienced MSP’s point of view, training equates to time invested, which in turn seems like money “lost.” These MSPs also want to avoid the subsequent support tickets associated with any new implementations. They will cut corners to save on these costs, which dangerously expose your business to cybercriminals. Hence, they’re not a big fan of this arduous process, but this is where a healthy forward-thinking company culture kicks in and separates elite MSPs like 123PCSolutions from the rest.
What’s next for you?
123PCSolutions has always deployed industry-leading solutions to ensure our clients’ safety in the cyberworld. We follow best-practices, and our stellar record speaks for itself – zero client hacks from day one till today. We encourage you to have a chat with your existing IT support partner today – and if for any reason, you’re not happy with their capabilities; we are here for you. Contact us today at 786.422.0705 or [email protected] for more information.