Crowdstrike and a Single Vendor Point of Failure
The Crowdstrike incident is still fresh on everyone’s mind. One of the things that has been talked about is the issue of having a single vendor point of failure. The failure is obvious, and people can see it as a problem. However, we do need to keep in mind that we need to be proactive and not reactionary. There are issues with having a single vendor having the largest market share, but at the end of the day, we do have to realize that they became that way due to people’s desires. The reason Walmart beat out all the smaller stores is not because they strong-armed the populace only to shop there but because people wanted to shop there. It’s important to remember the mindset people have.
Complacency
People are prone to desire popular things; sometimes, they are the best products on the market, and other times, they are not. It’s important to keep vigilant of it, but you also need to keep in mind people’s desire to stick with familiarity, go with what’s popular, and work with what is easiest for them. This can breed complacency, and in many cases of breaches or something going wrong, it isn’t usually because someone was able to brute force their way. It is because someone became complacent.
Create and Implement Policy
It’s easy to create a policy, but it’s much harder to implement; this is something everyone knows, but even managers get complacent about it. Use this time to try and automate as many of the security policies you have in place as possible, as well as your own work checks. Many MSPs should be using a PSA either separately or through their RMM, such as with Syncro. Check your autoflow rules to see if they are in line with your policies and take the time to dial in some of the issues you have been putting off.
