Day 2 of MAX 2016 kicked off with SolarWinds® MSP’s global security strategist, Ian Trump providing practical insight into how MSPs can toughen up their defences… as Ian put it, “This is where the rubber hits the road.”
His focus was on not selling product, but on what MSPs can do for free and how they can provide common sense thinking around security to help make the security products they have paid for work better.
There is a massive disparity in how vulnerable IT environments are; Healthcare, for example, has been taking a particular battering as it has lots of “juicy” data combined with an under-funded IT department and a flat network. Ian pin-pointed his own experience in this sector where he had patient records on the same network as general day-to-day admin records.
So one of his first recommendations was Network Segmentation. Doing this allows you to reduce the attack surface for your company, and then detect when workstations or devices are doing something they shouldn’t.
Firewalls came up as another critical area of focus. Building firewall rules is a simple yet effective way to make products work better. Why? Because every externally accessible device needs protection, and it allows you to stop devices that don’t need to communicate outside the company network from doing so. One of the first things an infected device will try to do is connect with its command and control server, for example. By toughening up customer firewall defences, MSPs can catch the bad guys before they get embedded in a network.
This is about detection of bad guys, and Ian described it as the cyber equivalent of a mouse trap. He went on to explain how next generation firewalls can establish what’s normal network activity and highlight anything outside this.
Ian went on to provide four more key steps to exploit mitigation.
1/ Less software = less vulnerability
Some of the most common ways that malware gets into your system is through vulnerabilities in software like Flash, Java and Silverlight. Removing these from machines where possible is a crucial first step.
2/ Remove admin rights
According to stats Ian presented a huge number of vulnerability are removed if admin rights are taken away from end users.
3/ User awareness training
There are huge amounts of free resources these days to help with this and it is a key place to start with defending networks.
4/ Don’t forget Layer 1
Power is not our friend. Environments can have a huge influence on availability – we should ensure our infrastructures are on UPS.
Ian also highlighted that the combination of the basic security requirements set out in the UK Government’s cyber essentials combined with recommendations from bodies like CompTIA show we’re getting there with security. People are starting to win against cyber criminals.
Basic security from CompTIA, includes:
With GDPR and DPA on the horizon this is the time for MSPs to talk to customers about how they meet the requirements. The layered security approach is easy to achieve, and MSPs must remember that the security of their customer depends on their capabilities to deliver security.
MSP Risk Intelligence offers a great way for MSPs to clearly demonstrate the value of their security services to customers, and Scott Shields was next up to introduce this new technology.
For those not already aware, Risk Intelligence is a new technology available through the dashboard that allows MSPs to expose critical data vulnerabilities on customers’ networks and then communicate them in a way that people understand – monetary value. It then enables MSPs to present a mitigation strategy with a clear outline of how much it is saving the customer.
Risk Intelligence drops in to the layered security approach and helps MSPs along the route to becoming an MSSP. This is a massive growth area for MSPs, and Risk Intelligence opens up this market. It provides a way for you to stand apart, land new business, boost profit, demonstrate value, meet compliance and ultimately win against the bad guys.