Skip to main content
SolarWinds MSP
  • Login
  • Support
  • Partnerships
    • Solution Provider Program
    • Technology Alliance Program
SolarWinds MSP
  • Products
    • Remote Monitoring & Management Protect your customers with a platform from the global leader in monitoring and management.
    • Backup & Recovery Manage backup for servers, workstations, applications, and business documents from one cloud-based dashboard.
    • Mail Protection & Archiving Protect users from email threats and downtime.
    • Password Management Easily adopt and demonstrate best practice password and documentation management workflows.
      • Passportal Demo
    • PSA & Ticketing Manage ticketing, reporting, and billing to increase helpdesk efficiency.
    • Threat Monitoring Detect, respond to, and report on threats across your managed networks.
    • Remote Support Help support customers and their devices with remote support tools designed to be fast and powerful.
  • Solutions

    I'm looking to...

    I'm looking for...

    • Drive Efficiency with Automation
    • Manage my MSP Business More Efficiently
    • Manage my IT Department More Efficiently
    • Layered Security
    • Data-Driven Insights
    • Cross-Platform Support
  • Resources

    Webcasts & Events

    Resource Center

    • Ask the N-Central Experts
    • Daily Live Demos
    • Backup Foundations Training
    • RMM Foundations Training
    • Upcoming Events
    • Upcoming Webcasts
    • Resource Library
      • Case Studies
      • Product Information
      • eBooks
      • White Papers
      • Infographics
    • SolarWinds MSP Free Tools
    • GDPR Resource Center
    • Security Resource Center
    • MSP Institute Webinar Series
    • MSP Advice Project
  • About
    • Contact
    • Worldwide sales and support
    • Careers
    • Awards and Recognition
    • Get A Quote
    • Newsroom
      • Press Releases
      • In The News
      • Media Contacts
    • Leadership Team
    • Legal
      • Cookie Policy
      • Privacy Notice
      • Software Services Agreement
      • Terms of Use
      • Backup Fair Use Policy
    • Security
      • SolarWinds Security Statement
      • Vendor Data Protection Requirements
    • Support
  • Blog
  • Contact Sales
    • Get A Quote
    • General Inquiry
  • TRY NOW
    • SolarWinds RMM
    • SolarWinds Backup
    • MSP Manager
    • SolarWinds Passportal
    • SolarWinds Mail Assure
    • SolarWinds Risk Intelligence
    • SolarWinds Take Control
Filter Blogs
  • Filter by:
  • MSP Business
    • Automation
    • Backup & Disaster Recovery
    • Security-series
    • Best Practices
    • Business
    • Business Growth
    • Business Risk
    • Cloud Computing
    • Customer Service
    • Cybersecurity
    • Cybersecurity Awareness Month
    • Data
    • GDPR
    • Internet of Things
    • IT Support
    • ITSM
    • LOGICcards
    • Machine Learning
    • Mail
    • Managed Services
    • Marketing
    • Mobile
    • Networking
    • Operations
    • Podcast
    • Product
    • PSA
    • Remote Management
    • Research & Trends
    • Risk Intelligence
    • Security
    • Security Vlog
    • Service Desk
    • Services & Support
    • Tips & Advice
    • Training
Home Blog MSP Business Security-series 7 WAYS TO AVOID SECURITY BREACHES—Part 1, Consistency
Security-series

7 WAYS TO AVOID SECURITY BREACHES—Part 1, Consistency

By Pete Roythorne
24 May, 2017

SolarWinds® MSP recently released the results of its survey into the cybersecurity preparedness and experiences of 400 SMBs and enterprises across the US and the UK—read the blog post here for the full story. 

In this post and the following ones in the series, we’ll unpack some of the most significant findings from the report. 

Companies aren’t progressing fast enough in cyber security

slowprogress.jpgThe results make for anxiety level-raising reading, particularly as the requirement for solid internet security has never been higher. It appears that companies and their IT service providers aren’t keeping up with best practices for securing networks.

The timing of these findings could not have been more appropriate—and worrying—coming hot on the heels of a weekend of cyber carnage, with WannaCry ransomware attacks crippling businesses and organizations around the globe.

One minute we think our networks are secure, then the next, a new attack breaks out and we’re caught unawares. It’s easy to think there is nothing, but else to be done the reality is there are quite a few steps we can take. 

The SMB myths fueling cybersecurity apathy

myths.jpgThe survey uncovered that businesses are frighteningly underprepared for cyber attacks. SMBs in particular don’t do well when it comes to cyber security. They are not concerned by, nor prepared for, cyber threats—and this apathy is founded on three false beliefs:   

  1. They are too small to be appealing. Not so. Many SMBs are exploited by cybercriminals to gain access to bigger organizations that the SMBs support, and by automated attacks looking for specific weaknesses.
  2. They don’t have anything worth stealing. It’s more likely that they underestimate the value of their assets (such as intellectual property or sensitive customer data like credit card or social security numbers).
  3. They have nothing to lose. Nothing, except their reputation. For SMBs, reputation is the foundation of securing new and ongoing business.

To help companies and managed service providers (MSPs) and other IT professionals get a handle on growing security threats, we’ve highlighted seven areas from our survey that businesses need to improve to boost their chances of not getting struck down or caught out. Over the next few weeks we’ll publish a look at each of these areas in detail.  

Consistency is the key with security policies

stability.jpgThe first thing we’re going to highlight is “Inconsistency.”

One key area where companies fail badly is creating security policies, and then ensuring those policies are consistently applied or enforced. A security policy is clearly worthless unless it is correctly enforced and its suitability is regularly checked. 

Surprisingly, only 32% of respondents could claim their security policies are reliably applied and regularly audited. Less than half (43%) enforce them only occasionally, 17% fail to audit their suitability, and 7% don’t even have policies.

The need to apply and audit security policies

This highlights a key problem: there are endemic issues in many businesses’ security policies. While most of the respondents to our survey said they had security policies in place, very few had any way to enforce or audit those policies. 

This is hugely disappointing as enforcing security policies could really help organizations be clear about how they approach security. For instance, a great security policy would be to prevent unauthorized USB devices from being attached to computers within the company environment. 

The problem is that unless you either lock down a system and take away the ability to connect external devices—or at the very least monitor for when one is attached to the network—then chances are that malware can be delivered that way or intellectual property can be removed. Suddenly you find yourself in a data breach situation. This is a crucial area where MSPs can help their customers: providing the technology and support to effectively monitor systems. 

Ensure clarity when setting security policies

On top of this, companies need to be clear about the types of policies they set. Businesses that need to have one or two machines exposed—such as point-of-sale (POS) machines—might need to have those machines locked down and have separate policies when it comes to vulnerability management, patching, or additional layers of security within the business. Again, this is a core area where MSPs can help their customers: using their skills and insight to set and monitor security policies effectively and consistently throughout the organization.

When organizations want to shore up the protection of their data, one powerful starting point is to improve their consistency. Strong security comes from good habits; so make enforcing your security policies priority number one.  

In the next article we will look at “Negligence.”

We've tailored the report to reflect your side of the industry:

  • If you're a managed services provider, click here to download the full report 
  • If you're an in-house IT professional, you should download this version 

Click here to find out more about how SolarWinds MSP can help you protect your customers.

You might also like...

Security-series

Recent Attacks on MSPs: What You Need to Know

Security-series

7 WAYS TO AVOID SECURITY BREACHES—Part 7, Improve Reaction Time

Security-series

7 WAYS TO AVOID SECURITY BREACHES—PART 6, MOVE WITH THE TIMES

Security-series

7 WAYS TO AVOID SECURITY BREACHES—PART 5, BE FLEXIBLE

Security-series

7 WAYS TO AVOID SECURITY BREACHES—PART 4, TIGHTEN UP ON REPORTING

Security-series

7 WAYS TO AVOID SECURITY BREACHES—Part 3, Quantifying the risk

Want to stay up to date?

Get the latest MSP tips, tricks, and ideas sent to your inbox each week.

Loading form....

If the form does not load in a few seconds, it is probably because your browser is using Tracking Protection. This is either an Ad Blocker plug-in or your browser is in private mode. Please allow tracking on this page to request a subscription.

Note: Firefox users may see a shield icon to the left of the URL in the address bar. Click on this to disable tracking protection for this session/site

Recent Posts

  • 3 Ways to Say Goodbye to a Problem Customer
  • Taking the Fear Out of Backup and Recovery
  • Find Out Which SEO Keywords Your Competitors are Using
  • Why MSPs Should Team Up with MSSPs
  • Why Properly Documenting Non-Technical Conversations and Decisions is Essential

Categories:

  • Business Growth (421)
  • Security (346)
  • Tips & Advice (334)
  • Managed Services (303)
  • Best Practices (247)
  • Business (214)
  • Cybersecurity (194)
  • Backup & Disaster Recovery (117)
  • IT Support (109)
  • ITSM (78)
  • Data (64)
  • Product (63)
  • Cloud Computing (61)
  • Marketing (57)
  • Mail (53)
  • Networking (34)
  • Risk Intelligence (31)
  • Customer Service (29)
  • Remote Management (27)
  • Automation (19)
  • GDPR (17)
  • Operations (16)
  • Services & Support (16)
  • Service Desk (15)
  • Research & Trends (14)
  • PSA (12)
  • Business Risk (12)
  • Internet of Things (11)
  • Mobile (11)
  • Training (11)
  • Security-series (8)
  • Cybersecurity Awareness Month (6)
  • LOGICcards (4)
  • Machine Learning (3)
Show moreless
SolarWinds MSP

© SolarWinds MSP Canada ULC and SolarWinds MSP UK Ltd.
All Rights Reserved.

Products

  • SolarWinds RMM
  • SolarWinds N-central
  • SolarWinds Backup
  • SolarWinds MSP Manager
  • SolarWinds Mail Assure
  • SolarWinds Risk Intelligence
  • SolarWinds Take Control
  • SolarWinds Threat Monitor
  • SolarWinds Passportal

Solutions

  • How We Help MSPs
  • Layered Security
  • Cross-Platform Support
  • Data-Driven Insights

About

  • About Us
  • Careers
  • Newsroom
  • Leadership Team
  • Upcoming Events
  • Privacy
  • Legal
  • Security
  • Subscription Preferences
  • SolarWinds

Support

  • SolarWinds RMM
  • Solarwinds N-central
  • SolarWinds Backup
  • SolarWinds Mail Assure
  • SolarWinds Take Control
  • SolarWinds MSP Manager
  • Solarwinds Risk Intelligence
  • Solarwinds Threat Monitor
  • SolarWinds Passportal
  • SolarWinds Take Control Downloads
  • Backup & Recovery Downloads
  • Sitemap
  • Service Status