Preventing Data Breaches
Most—if not all—cybersecurity professionals believe it is only a matter of time before your system is hacked. Once a system is compromised, it can be an absolute nightmare to resolve! The malware needs to be destroyed, files need to be wiped clean and new policies need to be implemented to ensure that the event does not happen again.
The positive news, however, is that these breaches can be prevented! By following these simple guidelines, an MSP can improve upon his or her security posture and prevent a data breach.
Risk Management Framework (RMF) Through Selecting Controls
MSPs can use guidance from multiple private and public sources. Most commonly used controls are from the National Institute of Standards (NIST) Special Publications 800-53 Rev. 4.
According to these controls, MSPs must do the following:
- Establish a structured assessment to identify risks and mitigation strategies critical for meeting task objectives.
- Perform a quantitative and qualitative analysis of each risk, then prioritize and mitigate each one according to its potential impact. Risk priority will be determined by using a standard, user-friendly, color-coded risk matrix.
- Continue to compile risks and issues in a risk matrix.
- Maintain a risk log as part of a risk-management approach.
- Continue ongoing assessments of the controls of each system to ensure that they met the proper secure posture.
Choosing the Right Product to Prevent Data Breaches
MSPs must understand that a successful product architecture requires an adaptable and reliable analysis product. MSP Risk Intelligence from SolarWinds MSP (formerly LOGICnow) is that product.
MSP Risk Intelligence conducts vulnerability scanning and shows any risks in one, easy-to-use dashboard. It scans an entire network and finds sensitive data (PPI, PII, financial data) that is practically invisible in most organizations, or is hard to find because it lives in non-managed folders.
This sensitive data may even be innocent in nature, but because of where it lives, it can open companies up to risk, especially if a data breach were to occur.
MSP Risk Intelligence also provides vulnerability analysis on all points on your network, and then produces cost-benefit reports that show the value of reducing risk within a specific area of your enterprise.
With MSP Risk Intelligence, MSPs have a conversation on a quarterly basis about real dollars and real results. This shows business leaders exactly how it is impacting the risk level and saving money by preventing breaches.
In short, MSP Risk Intelligence allows MSPs to do the following:
- Build a case for investing business dollars in more effective security investments
- Find all sensitive data, regardless of where it is located
- Mitigate the risk of multiple sources of attacks
The following MSP Risk Intelligence features protect your business, employees and clients:
- Permissions discovery
- Personally identifiable information discovery
- Risk intelligence reports
- Vulnerability scanning
- Payment data discovery
Enterprise Architecture
MSPs need to understand that a strong network defense and prevention capabilities are vital to securing enterprise assets and serve as a complementary function to threat discovery and response measures.
A strong approach to network defense includes a layered architecture with strategically placed firewalls, IDS/IPS, anti-virus and DLP. Through intelligent placement and optimization, these capabilities will enable your organization to deny, disrupt and degrade cyber adversaries, increasing the time to penetration and increasing your team’s window of opportunity to detect exploitation measures before they become successful.
Next Generation Firewalls
Appropriate firewall selection, placement and optimization is critical to your organization’s ability to deny, disrupt and degrade a cyber adversary’s advancements. MSPs must integrate the most effective firewall capabilities, such as next-generation, to add packet filtering, network address translation, URL blocking, intrusion prevention, SSL inspection, deep-packet and application level inspection.
Data Loss Prevention (DLP)
A DLP solution can add significant visibility to the organizational data usage across the enterprise and ultimately prevent critical data loss through leaks or theft. It's essential that organizations mature their DLP solutions and realize the full benefits by focusing on three primary capabilities: Data Discovery, Data Monitoring and Data Protection.
Data Discovery
As with most integration efforts, the best approach to DLP integration starts with discovery. CISOs must work through the enterprise change management process to position the DLP agents on each of the defined target assets, which could include data stored in the cloud, on mobile devices, workstations and servers.
Data Monitoring
Next, MSPs will enable the cyber security analysts to monitor how data is being used, whether your employees are on or off the network and create trend analysis, security infraction reports and critical alerts in line with the incident response plan.
Data Protection
Once MSPs have a full understanding of acceptable data use across the enterprise, they can create protection rules that proactively prohibit and/or prevent critical data from leaving the protection of the enterprise environment.
SolarWinds MSP Layered Security Prevents Data Breaches
In addition to MSP Risk Intelligence, SolarWinds MSP offers the following layers to ensure the utmost in security:
- Managed antivirus
- Web protection
- Patch management
- Email security archiving
- Prescriptive analytics via LOGICcards
With these five layers, all of which are cloud-based, SolarWinds MSP provides customers with the ability to connect data breach risk to business results, execute a comprehensive layered security model and use real data to uncover insights and strengthen security.
Patch Management Process
MSPs must develop and tailor patch management methodology that decreases the time between vulnerability discovery and mitigation, while adhering to sound configuration management principles to ensure the impact of the patch will itself not pose a risk to the operating environment.
MSPs must also develop an interactive approach to support their organization’s patch management, which will include secure baseline standards definition, developing a test environment, developing a back out plan, patch collection and evaluation and finally patch rollout.
Why is patching so critical? It's estimated that 5,000 or 6,000 new vulnerabilities emerge every single year — that's 15 a day.
SolarWinds MSP makes patch management easier. Reap the benefits of more than 40 patches for Microsoft applications and more than 80 for third-party applications. Shut down exploits before they cause problems.
Connect Data Breach Risk to Business Results
Putting risk in terms of dollars is the most effective way to get results. This is where MSP Risk Intelligence is able to truly shine and show proven ROI.
Execute a Comprehensive Layered Security Model
This involves a proactive, detective and reactive security approach. Ideally, you can proactively prevent all data breaches, and SolarWinds MSP helps you do that with web protection, patch management and mail security. However, relying on preventing all breaches is an unsafe and unrealistic approach. Thus, detective and reactive strategies are also needed.
During the detective security stage, SolarWinds MSP helps you catch threats as soon as they occur with the following:
- Managed antivirus and malware protection
- Failed login checks and rules to prevent hackers from gaining access
- Active device discovery to identify potentially malicious devices
Finally, a reactive strategy must be in place to cover all your bases. SolarWinds MSP backup and disaster recovery features allow you to:
- Quickly recover from a disaster in just minutes
- Utilize virtual server recovery to restore after an attack
- Utilize local backup to restore when the internet is down
- Reduce data loss with a local speed vault
- Utilize hybrid cloud recovery with on- and off-site data storage so you have comprehensive protection
Real Data to Strengthen Security
Even with all your security layers in place, MSPs and IT professionals must stay hyper aware and guard against breaches. SolarWinds MSP offers a unique tool, LOGICcards, to help identify and prevent issues before they arise. Among many other things, LOGICcards will notify you about security issues, such as missing security patches or antivirus that could lead to larger issues, including breaches.
Additionally, they offer businesses insight about their own practices compared to companies within the same industries, providing businesses with a true benchmark and tangible areas where they can improve. Best of all, it's all backed by hard data and analytics to support all decisions and actions.
LOGICcards are built to make businesses better, and here's how it works:
- Multiple layers of analytics — Descriptive analytics alert you to existing problems, predictive analytics help you foresee issues and prescriptive analytics provide a guide as to how you can prevent issues.
- Actionable insights — Security, efficiency, how-to and collective intelligence insights provide you with the tools and know-how to made educated, data-backed decisions.
- Adaptability — LOGICcards are smart and can adapt to providing you with recommendations and suggestions that you prefer, and the SolarWinds MSP team is always developing new cards to keep you on the cutting edge.
About SolarWinds MSP
SolarWinds MSP delivers the only 100% SaaS, fully cloud-based IT service management (ITSM) platform, backed by collective intelligence and the highest levels of layered security. SolarWinds MSP products including Risk Intelligence, Remote Management, Backup & Disaster Recovery, Mail and Service Desk – comprise the market’s most widely-trusted integrated solution.
Deployed on millions of endpoints across hundreds of thousands of networks, the platform has the industry vision to define and deliver the future of the market. SolarWinds MSP provides the most comprehensive IT security available as well as LOGICcards, the first ever IT notification feature powered by prescriptive analytics and machine learning.
SolarWinds MSP's passion is helping IT professionals secure and manage their systems and data through actionable insights, rewriting the rules of IT.
----------
Sources:
RMF: http://csrc.nist.gov/publications/nistpubs/800-37-rev1/sp800-37-rev1-final.pdf
National Institute of Standards (NIST) Special Publications 800-53 Rev. 4: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf
InfoWorld: http://www.infoworld.com/article/3025807/security/why-patching-is-still-a-problem-and-how-to-fix-it.html