Article inspiration from CISO Mag.
2020 was a banner year for cyberattacks worldwide, and Australia saw more attacks during the first half of 2020 than it did in all of 2019. This increase in online threats has driven many organisations to seek out help with their IT management and cybersecurity from an IT professional.
But how do you know that a company you’re trusting with your network and data security is fully secure themselves?
One of the challenges when choosing a managed services provider (MSP) to help your company ensure your business technology stays secure and runs efficiently is knowing whether they are following good cybersecurity practices.
Unfortunately, MSPs are a major target for hackers, who can take advantage of a “one-to-many” approach by going through a managed services company. Just one breach can allow them entry into the digital files and infrastructure of many of that company’s clients.
In 2019, it was reported that at least 13 or more MSPs were attacked with ransomware. And through them, hundreds of their clients suffered the same kind of attack.
MSPs use special applications called remote monitoring and management (RMM) tools. These are used to connect to and remotely manage their clients’ computers, servers, and networks.
If that remote connection isn’t fully secured and the IT provider isn’t using world-class security practices, their clients can be breached if their own RMM or other tools are breached.
How can you tell if your IT provider is taking proper security steps and your data will be safe with them?
Questions to Ask Your MSP About Their Security
#1 Is the MSP using a standard and vetted security framework?
Security frameworks are how “best practices” are defined for cybersecurity. These act as a roadmap to help ensure all potential breach pathways are sealed against attack.
One way to know your IT provider is following best practices is if the company is using a framework, such as the NIST Cybersecurity Framework or CIS Controls® for cybersecurity.
If the MSP is using one of these standard frameworks, it’s a positive sign that it’s putting security first and understands the necessity of using best practices, over an ad hoc approach.
2. Is the MSP doing IT work in-house or is some subcontracted?
One of the dangers of working with a company you don’t know very well is that they may be working with subcontractors without you realizing it.
It’s important to know who you are working with and understand how an IT provider is going to handle your account. Do they use any sub-contractors to deliver your technology services? If so, how do they ensure those sub-contractors are compliant with standard security policies and frameworks?
This is especially important to know if you have data privacy compliance requirements to follow that include ensuring all those handling your data are also compliant.
3. What security systems and technology is your MSP using?
When your MSP recommends that you use a new advanced threat protection application to keep out advanced threats, ask them if they are also using this same technology for their business.
If they say, no, then that is a red flag that the firm’s own network security might not be as strong as that of its customers.
It’s important that MSPs are using tools that meet high security standards, and as good or better than the firm’s technicians are recommending to clients.
You want to ensure that all the MSP's internal systems for things like remote access control, network security, and data security are properly secured and that they’re using standard best practices with those tools, such as multi-factor authentication.
4. How is the MSP protecting against account takeover and compromise?
Insider threats are becoming increasingly dangerous. 77% of all cloud account breaches are due to compromised login credentials.
One way you can know that an IT provider is putting security first is if they have good access and privilege controls to help prevent account takeover.
Ask if your MSP uses the Rule of Least Privilege when users are only given the minimum access needed for a position. Also, ask how the provider’s RMM tool is being protected from remote access takeover.
Access identity is becoming more critical for all types of businesses, and your MSP should have a good program in place to address account security, including things like private keys, encryption, and timed-out login controls.
5. What backup and recovery strategies are used for client data?
Part of any good data security and business continuity strategy is a reliable data backup and recovery plan. Ask your MSP the tactics being taken to protect all of its systems with client data from data loss.
This should include regular offsite backups of data, a secure storage mechanism, and fast recovery.
Work With an MSP That Puts Security First!
NetCare follows all cybersecurity best practices to protect our systems and client data.
Contact us today to learn more. Call (02) 9114 9920 or reach out online.