How MSPs Can Protect Their Clients By Protecting Themselves

Managed service providers (MSPs) offer IT solutions for their clients’ businesses. MSPs act as an internal IT department that would set up and maintain your technology solutions and ensure that your information is secure. To do so, MSPs need to establish connections to all their client’s networks, and because of this, they increasingly find themselves a prime target for ransomware. With a single attack, the hacker can capture the critical data of not just the MSP but all their clients’—and then hold that data for ransom at a very high price.

Ransomware attacks are gaining popularity. Global cyber insurance provider Beazley reported a 37% increase in ransomware attacks in the third quarter of 2019 compared to the previous quarter. Particularly worrying is that a staggering 25% of all incidents were against MSPs. 

MSPs need to take extra preventive and curative measures to protect themselves against the massive threat posed by ransomware. If they don’t, they are not only putting themselves and their reputation at risk, but their clients’ business as well. Here at N-Tech, we understand the gravity of what it means to be managing your business and take every precaution to ensure we not only keep your system secure but ours as well. 

Before you enter into an agreement with an MSP, we would encourage you to ask what measures they take to protect themselves. If your current MSP isn’t taking these precautions, or if you are looking for one that does, schedule a consultation call with us today. 

Here are a few of the security precautions we currently take: 

1. Firewalls & Security Software
   We practice what we preach and then some. Just like how we outfit our clients with top-notch security solutions, we have fortified ourselves as well.
2. Network Segmentation;
   To prevent a hacker from gaining access to all our clients’ networks by merely accessing our own, we utilize network segmentation. We divide our system into smaller sub-networks and implement policies to control traffic flow and access to them.
3. IP Filtering
   We use IP filtering like a firewall to protect our clients’ sub-networks from intruders. With IP filtering, we control the IP traffic in and out of the network and have set rules to restrict unwanted users from entering.
4. Reauthentication Protocols
   Utilizing Microsoft 365 filter down policies, we frequently force the reauthentication of a user via multifactor authentication. If a password becomes compromised, the tools will quickly block access until the multifactor authentication is completed.
5. Regular Security Penetration Tests
   We work with an outside security firm to regularly run penetration tests on our internal systems. We understand the importance of having our work checked by another professional and identifying our gaps before a cybercriminal can.