Preparing your customers
As much as you can put safeguards in place, you also have to prep your customers to be on the road. Their employees must do their part. When offering security training to your customers (and to your own employees), cover tips on how to stay safe while working from outside the office.
However, one training session won’t cut it. Periodically remind customers of the key points, particularly before common travel times like early summer or right before the holiday season. Sending out periodic email reminders also helps reinforce your value as a service provide.
When you do, try to cover the following:
- Lost and stolen devices: Employees need to keep devices and company property on them or in a secure location at all times. Putting down bags and walking away leaves them wide open for thieves. Tell employees that if they lose a device or if someone steals one, they should report the incident immediately to your team. It’s important to emphasize to employees that they won’t get in trouble for losing the device—you don’t want to discourage them from reporting. The sooner you receive a notification of a lost or stolen device, the faster you can remotely wipe it and secure any data or accounts.
- Be suspicious of free Wi-Fi: While convenient, public Wi-Fi usage carries significant risks. Criminals can sit on a network, eavesdropping on traffic and data sent over the Wi-Fi. They could end up with passwords or sensitive data if the employee isn’t careful. Don’t assume that because a Wi-Fi point is password protected that it’s secure—you have no idea who’s using the hotel Wi-Fi at any given moment. Instead of using free WiFi, tell customers to either use their phone as a mobile hotspot or, at the very least, use the company’s VPN to access sensitive systems and data.
- Minimize use of public resources: Public charging stations in airports may help you if a phone is low on juice, but they’re also insecure. Criminals can swap out the USB charger to download data from a plugged-in device or install malware onto the device. Tell people to use their own chargers and wall plugs to charge their devices. Additionally, if someone needs to use a public computer, tell them to keep off sensitive systems.
- Personal devices: As an MSP, you can lock down devices under management. However, these days security has shifted from being device-centric to user- and data-centric. While you have little control over your customers’ personal mobile devices, you can warn them to take some extra precautions. At the least, have them make sure their personal devices are encrypted, use password protection (preferably using alphanumeric passwords rather than just a six-digit pin), and have automatic Wi-Fi connections disabled. Additionally, warn users to avoid checking in on social media until they get back. This is a personal tip for users, but they’ll thank you for keeping them from making it obvious to burglars they’re away from home.
Protect your customers on the go
The way people work has changed radically over the past several decades. As employees increasingly work from home or from the road, MSPs need to both support productivity and keep a tight rein on security. Make sure to follow the tips above and consistently remind your customers of their own part in cybersafety—you could prevent a major breach.
If cybercriminals do get hold of devices or user credentials, they can start launching serious attacks against your customers. To prevent this from happening, it helps having a password management solution that lets you quickly revoke access for accounts and change passwords quickly. SolarWinds® Passportal is designed to help you do just this—and shut down cybercriminals before they can do serious damage to your customers. Learn more at passportalmsp.com/ today.
Colin Knox is director of product strategy, SolarWinds Passportal