Ignore the stereotype of sophisticated cybercriminals targeting billion-dollar businesses; most attacks are opportunistic, targeting not the wealthy or famous, but the unprepared. Sure, companies like Equifax and Marriot get a lot of press. But it’s too easy for small-to-midsize-business (SMB) owners to think, “We’re a smaller company, so we’re not as likely to be attacked.”
The size of the organization doesn’t matter; cybercriminals simply want data. Organizations with confidential customer data, credit card data, or other valuable data can become prime targets for cybercriminals, regardless of the company’s size. In many cases, smaller businesses are easier targets because they aren’t as prepared for a cyberattack. In addition, it can be harder for a smaller company to recover from the financial ramifications of an attack. They’ll have to spend money on remediation, like clean-up or ransom payments, but they also face indirect costs—such as brand and trust damage.
Small businesses have much to lose from data breaches. Recovering and repairing damaged databases, hiring consultants to investigate the breach, notifying potential victims, arranging credit monitoring, and other recovery actions can cost a lot of money. SMBs typically lack the financial cushion compared to a large enterprise. Stopping an attack in progress, quickly identifying the issues that caused it, and even tracking down the individual or individuals responsible can help companies mitigate this post-breach cost.
As a managed service provider (MSP), you are expected to handle all things IT for your clients, including security. But protecting your customers doesn’t have to be challenging. Here are seven steps you can take to greatly reduce the risk of a successful cyberattack.
If you can’t afford to hire a security person, you should consider at least appointing one individual to act as your cybersecurity guru. This person may have other responsibilities, but it’s critical to have someone keeping track of the latest news and trends in cybersecurity. However, don’t put it all on one person—make sure other technicians know at least the fundamentals of strong security practices.
Use a cloud-based backup independent of any hardware that exists in your office to protect your customers’ data. While this won’t keep hackers from compromising your customers’ data, it can help ensure you still have access to the data after a security event (and it will probably help you sleep better at night).
Strong physical security at your customers’ offices is paramount to keeping them safe. You may not have full control over this, but it’s worth educating your customers on protecting their offices.
For starters, consider recommending they require employees to use a keycard—and call to a security desk to verify their identity. They may want to add a biometric scanner for additional security. The perimeter of the building should be under closed-circuit video surveillance, with special emphasis on entrances. Additionally, have them use security cameras in the office to help.
Don’t assume your customers’ wireless is protected against cybercriminals outside your building. Any hacker with a decent antenna can connect to a Wi-Fi signal from far away. For this reason, you should always use a strong password for your wireless, along with the WPA2 protocol.
Set up a guest network for people who visit your customers’ locations. This network should only provide access to the internet. This way, you can give Wi-Fi access to guests without access to your internal network.
Make sure you know who can access specific data at your customers’ locations. For example, Phil from accounting shouldn’t have access to HR data just because he can access other parts of the system. If you don’t know who can access data, address this as soon as possible for your customers.
Using endpoint security software gives you several ways of dealing with an attack across multiple operating systems (Microsoft Windows, macOS, and Linux). Endpoint security software, such as SolarWinds® Endpoint Detection and Response, powered by SentinelOne (EDR) can remove a machine from the network temporarily after it is infected to keep it from impacting other machines.
You can configure the software to alert, quarantine, or kill a malware or virus attack, and then view attack vectors to see what the malware did on the system. Most importantly, SolarWinds EDR offers the ability to roll back an infected computer to a pre-attack state, then reconnect it to the network remotely.
User education plays a critical role in keeping SMBs protected. Make sure to offer security awareness training to your customers’ employees—and ask them to make attendance mandatory.
Important topics to cover include:
You should make your customers’ cybersecurity strategy a priority today. Don’t wait until after an attack—it could cost your customers a lot of money to recover and prompt them to look for another provider. With the proper training and practices, you can help minimize your customers’ cyber-risks.
Often, the fight against cybercriminals occurs at the endpoint. Because of this, adopting next-gen endpoint protection is less a matter of choice, but more a necessity. SolarWinds EDR helps MSPs understand the story and root causes behind threats. It offers autonomous responses, pinpointing each operation in an endpoint’s operating system, in near real-time. Unlike passive EDR systems that weigh teams down in a flood of alerts, the autonomous, AI-powered agent takes a lot of the heavy lifting out of the equation.
SolarWinds EDR can detect malicious behavior, such as when a threat infiltrates the registry, changes its name, or attempts to open an unauthorized connection outside of the firewall. If this happens, SolarWinds EDR automatically takes steps to mitigate this process, notify the administrator, then display a detailed attack storyline. Additionally, this data can be presented in a simple, graphical format, clear even to those without specialized security training.
EDR is available alongside other security tools, like patch management, cloud-first backup, web protection, and email protection in both SolarWinds RMM and SolarWinds N-central®. You can begin by starting a free trial of SolarWinds RMM or N-central today.
Migo Kedem is the senior director of Products and Marketing at SentinelOne. Before joining SentinelOne, he spent a decade building cybersecurity products for Palo Alto Networks and Checkpoint.