There’s a target on the back of MSPs. Cybercriminals have found a good rhythm, as the ever-evolving threat landscape is continuing to make things complicated for MSPs and the software vendors that cater to them.
The need for MSPs to do more to protect customer data has been evident for several years. Even though the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) in 2018 issued a warning about the growing threat to MSPs and cloud service providers, noting that “IT service providers generally have direct and unfettered access to their customers’ networks, and may store customer data on their own internal infrastructure,” many MSPs continued to conduct business as usual.
Of course, CISA, unfortunately, turned out to be correct. The MSP space witnessed attack after attack on RMM software, including the more recent ransomware attack on Kaseya’s RMM tool, which many have said could’ve been prevented.
Attacks on the MSP community will only worsen and become more frequent as cybercriminals continue to focus more of their efforts on high-value targets. While vendors continue to work to eliminate vulnerabilities in their software, ensure their customers can easily report security vulnerabilities, and gain access to the latest patches and information on security bugs, MSPs can’t rely solely on their vendors to solve all their security woes.
Here’s how MSPs can add additional layers of security to protect themselves and their clients when cybercriminals target RMMs and other software designed for MSPs:
- Use automation to mitigate risk. Automation is powerful when used correctly. For example, automation can help MSPs identify and remediate cyber threats quickly and efficiently by ensuring specific actions are taken immediately and automatically during an attack. This drastically reduces the likelihood of human error and protects systems and networks from additional threats.
- Are backups up to date? Regularly backing up data is key to protecting your clients from malware, especially ransomware, but it must be done correctly. Keep multiple backup copies at multiple locations and ensure you’re able to quickly restore data when needed to prevent business interruption.
- Enable and enforce multi-factor authentication (MFA). The verdict isn’t out on this one. Ensure the vendor you’re using has made MFA mandatory. While MFA isn’t bulletproof, it should still be enabled and enforced.
- Educate your clients. Your clients are your first line of defense when it comes to cyberattacks. Educate them on cybersecurity best practices regularly. Everyone has a stake in protecting systems and networks from cybercriminals.
MSPs can’t rely solely on vendors to come up with the solutions. Vendors, of course, play a significant role, but your clients are turning to you when something goes wrong. Provide the solutions on your end instead of waiting around for vendors to solve all your problems.