How MSP Networks, More than Ever, Can Defend Against Hackers
Adopt restrictive access policies, strict user permissions and granular network segmentations as standard.
April 28, 2023
By Rich Farbman
Richard Farbman
The need for reliable internet has never been greater, and the rise of fiber and 5G is helping: 61% of U.S. consumers utilized 5G in 2022 alone. The pandemic fueled the need for employees to work from anywhere, and new technologies have broadened the availability of the internet and enabled it to act as the new corporate network.
According to the Pew Research Center, 76% of U.S. employees work from home at least some of the time and economists predict we’ll never return to full-time office work. In the hybrid world, it’s harder to properly secure devices when resources are moved to the cloud and employees are working from everywhere. A shortage of cybersecurity expertise has made this scenario even more complicated: The workforce gap grew by 26% last year alone.
This leaves managed service providers (MSPs) in a more valuable position than ever, as more organizations lean on them for the latest security services and most reliable IT support. Approximately 81% of small- and medium-sized enterprises already utilize, or plan to utilize, an MSP for its knowledge, cost-savings and ability to create a better user experience.
MSPs are in the same boat as their clients — more susceptible to hackers than ever. Their networks are only as secure as the third parties they’re associated with. Let’s dive into the major risks associated with MSP networks and necessary security strategies that should be in play to ensure sensitive data and information remains secure.
Current Risks
MSPs faced an average of 1,372 attacks per week in 2022, up 28% from 2021. This shouldn’t be a surprise, because MSPs make for a more attractive target. Hackers can gain access to dozens of networks through MSPs through supply chain attacks, versus just one network when they hack a single organization. Supply chain attacks are becoming one of the fastest-growing methods: In 2022, they surpassed the number of malware-based attacks by 40%. This widened attack surface greatly increases hackers’ opportunity to find personal data and information to leverage for ransom — $456 million was extorted in 2022.
That leaves MSPs with the immense challenge of properly securing multiple networks. Hackers have an effective playbook to work with, including greatest hits such as ransomware, malware attacks, phishing and identity theft. MSPs need to have a plan in place that best secures themselves and their clients from every kind of attack.
The risks have captured the attention of numerous government entities. Last year, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), NSA and FBI joined their counterparts from the UK, Australia, Canada, and New Zealand to issue a warning specifically to MSPs. Now, the risks have gotten so high that CISA officials have created a new program to help warn American companies when they are vulnerable to a ransomware attack — before hackers strike.
6 Key Security Practices
MSPs face the challenge of keeping everyone’s network secure when the stakes and attack surfaces are higher and wider than ever. There are six key steps MSPs should take to …
… secure their network and their clients from any sort of attack.
Zero Trust Network Access (ZTNA): This solution creates clearly defined access policies and is the foundational piece to ensuring human error doesn’t compromise security. However, the data shows not enough organizations are using it: Even though 68% of IT professionals say it has grown in importance, just 44% say their employer is planning to implement it. Even fewer (26%) express high confidence that they understand the framework. MSPs are in a perfect position to explain and implement ZTNA for their clients, allowing workforces to stay secure from wherever they might be.
Network segmentation: MSPs should isolate their clients’ networks, each with its own set of security controls and restrictions. This limits access in a very granular manner and greatly reduces the damage an attacker could do in the case of a breach. If a hacker does gain access, network segmentation reduces the risk of their lateral movement between accounts because of extremely limited visibility. It also makes their movement and activity more noticeable to security teams. MSPs can segment internal networks for customers, too. By limiting employee access to only the accounts they work with, the scope of a potential breach is isolated and won’t affect the larger network.
Multifactor Authentication (MFA): Better user permissions give MSPs an additional layer of protection. By requiring authentication with two or more factors before accessing sensitive systems and data, breaches caused by weak passwords or compromised credentials can be reduced. Microsoft found that implementing MFA can lower the risk of a breach by 99%. It’s become so important that cyber insurers often require MFA before providing coverage.
Regular security training and audits: MSPs should provide regular security training and education for their clients’ employees. This can help reduce the risk of human error, which drives 82% of breaches. MSPs should also conduct regular security audits on their own networks to identify vulnerabilities and potential threats before they are exploited by cybercriminals.
Secure Web Gateway (SWG): This solution prevents unauthorized internet traffic from entering an organization’s network. MSPs can utilize it to filter out websites from day-to-day operations by creating user- or group-specific rules that determine which sites are allowed, and which are blocked or warned against using. Administrators gain total control over internet access to ensure employees have a much safer remote web browsing experience.
Device posture check: This is another way to reinforce secure remote access. With a device posture check, access is only given to devices that meet an organization’s defined security requirements — and blocks those that may expose the network. It can also verify that certain files, registry keys or certificates are in place and that certain processes are running.
MSPs are needed more than ever. Their unique ability to assess what is creating risk and how to mitigate it makes them a trusted adviser as the cybersecurity skills gap widens and the tech sector suffers more layoffs. But as attack surfaces grow, hackers sharpen their skills and new technologies inevitably hit the market, MSPs need to ensure their solutions can thwart these risks.
To do that, they need to realize that they are only as strong as their weakest link. Restrictive access policies, strict user permissions and granular network segmentations ensure heightened defense and greatly eliminate human error. MSPs need to practice what they preach and adopt the best security practices.
Richard Farbman is vice president of channel sales at Perimeter 81. You may follow him on LinkedIn or @Perimeter_81 on Twitter.
You May Also Like