Focus on 2015: Preventing your customers from feeling Sony’s pain

Marc Thaler

What will be the chief challenges for MSPs in 2015? Part three of a four-part series examines remote management. MAXfocus RM Marketing Manager German Cancino tells Marc Thaler that, without the proper platform, companies are increasingly susceptible to insider attacks.

In the final days of 2014, US cybersecurity experts said they had strong evidence that the network hack of Sony Pictures Entertainment was not the work of North Korean cybercriminals, as the FBI confirmed. The attack instead may have been carried out by someone whose proximity to the studio was much closer. So close, in fact, that the individual once worked for Sony.

Ex-employeeYes, we’re talking about at least one ex-employee with an axe to grind. Whether this conflicting report proves true hardly diminishes its legitimacy as a serious concern – and threat – to companies of all sizes and industries.

German Cancino, the marketing manager for MAXfocus Remote Management (RM), heard firsthand from a customer who saved his own client from feeling Sony’s pain.

“We have a managed service provider (MSP) that uses our RM multi-layer security system for all its customers,” Cancino says. “Because of that service, the company was able to prevent a major cyber-attack on one of its customer’s networks. The attack, it turned out, was engineered by an ex-employee.”

Sony and the customer whose story Cancino shared are far from isolated incidents. Consider this: PwC’s 'The Global State of Information Security Survey 2015' found that “insider incidents” are a growing issue. Nearly one-third (30%) of former employees were responsible for such issues in 2014, a 3% increase from the previous year. Former service providers, consultants and contractors accounted for a 15% slice of the pie, compared to 13% in 2013.

The report stresses the importance of guarding against inside attacks, which often pose bigger problems than those from the outside. As the report states:

“When organizations overlook the threats residing inside their ecosystems, the effects can be devastating. Yet many companies do not have an insider-threat program in place, and are therefore not prepared to prevent, detect and respond to internal threats.”

Aside from the hazard of insider attacks, the rise of Internet-borne threats, both in volume and sophistication, will pose challenges to MSPs this year. Mobile devices, specifically how their customers use them, will surely do the same. Therefore, integrating an RM solution with a multi-layer security system and robust device monitoring is essential. It improves efficiency, provides greater visibility into customer needs, and helps build consistent revenue streams.

“If you are an MSP, you are no longer a software reseller or just the ‘IT guy,’” Cancino says. “You are now part of your customer’s value chain. You are involved with your customer. In some cases, it could be said that you are an outsourced CIO.”

On a scale of 1-10, with 10 being tops, how much of a disadvantage do MSPs face if they don’t use an integrated RM platform? Cancino answers this question with one of his own.

“What MSP wants to be in the position of constantly struggling to ensure consistent cash flow, or effectively managing their time?” he says. “It’s a matter of common sense.”

It’s also a matter of necessity for providing efficient and effective service in 2015.

And preventing insider attacks is just one reason why.

MAXfocus enables you to offer your customers a robust security service, to find out more why not sign up for our free, fully-functioning 30-day trial?