Risk Management Security
Managed service providers (MSPs) face a major challenge as they work to implement best practices for risk management security. It has to be watertight, with the strongest protections against malware and other cyber attacks. With any security solution, MSPs face a delicate balance. While security must be tough, it must also tread lightly on network resources.
Implementing Information Technology Security
As they work to manage risks, MSPs must also identify crucial assets on their networks. With this knowledge, they can institute the best, most-informed layered defense.
But acquiring this knowledge isn’t so easy. To identify their critical network assets, MSPs may need to sift through an endless stream of data across devices and operating systems. Finding vulnerabilities can seem like the search for a needle in a haystack.
And that can be a problem as MSPs work to implement a plan of risk management. Security, when it’s strongest, requires a certain amount of precision. The most resource-intensive security must be employed for the most vulnerable data.
With such a surfeit of network data and so little clarity about vulnerabilities, IT professionals can be prone to a heavy-handed, one-size-fits-all response. In this macro sense, IT professionals may evaluate every network asset as equally valuable — and deserving of equal treatment with security.
This clearly can be a drain on resources.
The Value of Good Information
This speaks to the benefit of third-party solutions. With software that scans a network, MSPs can locate their most vulnerable data. That may include credit card data, Social Security numbers, confidential acquisition plans or even protected trade secrets.
Such software provides for more informed decision-making. And this improves MSPs’ ability to implement risk management security.
Security Threats
Many decision-makers may say they’re in favor of network security. But when the bill arrives? Well, that’s an opportunity to balk.
A few figures can help sway minds and make a strong business case for layered security.
You can start with the astonishing prevalence of cyberattacks. In a 2015 survey, PricewaterhouseCoopers discovered that in the previous seven years, cybersecurity incidents had risen almost 70 percent annually. The global economy faced roughly 43,000,000 events in 2014 alone, the survey found. Moreover, in another study, more than 80 percent of respondents predicted that they were likely to be victims of an attack that year.
Cybersecurity incidents have become increasingly pervasive. And they've grown increasingly sophisticated. Malware, phishing, man-in-the-middle attacks — cyber threats have grown more and more sophisticated, with no indication that this trend will slow anytime soon.
But the problem isn’t just that they’re so regular. It’s that they’re expensive.
Cyberattacks can be game-changing events for organizations. When critical applications fail, organizations can lose thousands of dollars each minute as services are disrupted and business comes to a stop.
So, what are some best practices in this arena?
One expert lays out the case for a four-pronged line of defense.
Defending the Perimeter
This is the first line of defense. In this layer, MSPs protect their networks by using applications such as firewalls or proxy servers. About 80 percent of attacks target internal networks, which is why perimeter defense is crucial.
With proper router configurations, MSPs can defend networks against distributed denial of service attacks. These flood networks with data and can bring business to a grinding halt. But by blocking traffic from spoofed IPs, MSPs can defend against these attacks.
Additionally, MSPs can protect their networks by configuring data-access privileges, testing network filters regularly and logging traffic in case of an attack.
Defense for the Servers
This second layer of security focuses on operating systems, web servers, application servers and mail servers. The OS is an absolutely crucial node in layered security. If access permissions in an operating system are jeopardized, the network at large can be made vulnerable.
To improve security in this layer, MSPs can take steps that include:
- Updating operating systems.
- Developing organization-wide policies for strong passwords. More than 60 percent of data breaches result, in part, from problems with passwords.
- Stopping default services in Linux workstations, such as FTP and HTTP.
Workstation Protection
This third layer of security builds upon layer two and focuses on protection for workstations.
Attacks can originate within networks. And to defend individual workstations, MSPs may take steps that include:
- Comprehensive patch updates
- Network-wide antivirus scans
- Regular data backups in the event of a possible disaster
Protecting and Segmenting Data
For the fourth layer of protection, experts recommend the use of data encryption, which defends against data breaches and cyberattacks. Data should be encrypted when it's moving outbound and inbound to create a closed tunnel of communication among users’ computers and servers.
On top of these security layers, experts maintain that network segmentation is vital. To spread vulnerabilities, security experts say, network resources and applications should not be concentrated in a single site.
Segmentation is critical for organizations of all sizes. If spurned, organizations can face disastrous consequences.
Take Target, for instance. The company suffered from an enormous data breach in 2013, in which 40 million credit and debit card records were stolen from the company's internal networks. How hackers accessed this data, and why the data was so vulnerable, speaks to the importance of segmentation.
Initially, the hackers gained access to Target’s network by stealing login credentials from an HVAC company, which served as a subcontractor to Target. Once inside the company's network, the hackers were able to switch gears and pivoted toward Target’s network of payment systems, where they were able to install malware across pay terminals.
And so theft began.
This breach proved to be a public relations fiasco for Target. It was entirely preventable, had the company segmented its networks.
Finding the Best Security Solution
When sifting through the market for risk management, security and other IT solutions, MSPs can find themselves awash in options. It’s a crowded market.
So, what’s the best way to go?
The best solutions, for starters, should hit each of the four prongs of layered security that are listed above. Additionally, they should have a light footprint on network resources. That's especially important for MSPs, who manage multiple networks remotely.
But even if they're lightweight, any solution worth its salt needs to offer the best, bulletproof security with multiple layers of protection.
Also important: a solution that offers concrete measurement of its benefits. That can help MSPs as they make their business case to organizational decision-makers.
That’s the portfolio of solutions from SolarWinds MSP (formerly LOGICnow), which were built to serve the specific needs of MSPs.
Uncover Vulnerabilities
MSPs need to know where their vulnerabilities lie to best implement a layered security response.
That’s the unparalleled benefit of MSP Risk Intelligence.
With our industry-leading platform, you gain total visibility of your networks with the ability to locate sensitive data, no matter how deeply buried it may be. MSP Risk Intelligence offers you insights with network scans that root out:
- Sensitive personally identifiable information, including financial information, phone numbers, Social Security numbers and driver’s license numbers.
- The specific location of vulnerable data, whether it's on mobile devices, desktops or servers.
- Medical records and other protected health information.
- Inappropriate access permissions to sensitive data.
The benefits don't end when you uncover these vulnerabilities. With our intelligent reporting platform, you can put an exact dollar figure on your networks’ vulnerabilities — and make a strong business case to decision-makers for investment in security.
A Layered Security Solution
With these vulnerabilities made visible, SolarWinds MSP's IT platform gives MSPs the ability to institute bulletproof, layered security with MSP Remote Monitoring & Management.
Our layered security begins with:
- Web protection against malicious websites.
- Patch management for more than 80 third-party application families.
- Email protection to defend against incoming threats, such as phishing and malware.
- And much more.
Prevention is an important step in a layered security response. Still, threats can emerge. And when they do, MSPs need to be able to act right away.
We keep you covered with:
- The industry's strongest managed antivirus, based on a unique combination of four engines.
- Defense against brute-force attacks, using failed login checks and rules.
- Active monitoring of potentially harmful devices as they enter and exit your network.
Proactive and detective security will take care of most threats. Still, some may wiggle through the cracks. To finish off your layered security strategy, MSPs need the power to quickly recover after an attack.
With MSP Backup & Recovery from SolarWinds MSP, you get:
- Lightweight backups and disaster recovery, which get networks up and running minutes after a disaster.
- Recovery to virtual servers, so that you can restore business after an attack on physical infrastructures.
- Restores from local backups, in the case of an internet service disruption.
Try Our Platforms Today
For MSPs and their clients, few issues are as important as risk management. Security can be the difference between a healthy, functioning organization, and one that can't survive. That's not just a risk for organizations; it's a risk for MSPs too, who stand to lose business with an unsecured client network.
The stakes are high. And with such high stakes, it makes sense why 98 percent of MSPs using SolarWinds MSP retain their clients. We offer rock-solid security on a platform that's built around a single, efficient dashboard.
If this sounds like a good fit, give us a try today, and see why MSPs continue to choose intelligence with SolarWinds MSP.
About SolarWinds MSP
SolarWinds MSP delivers the only 100% SaaS, fully cloud-based IT service management (ITSM) platform, backed by collective intelligence and the highest levels of layered security. SolarWinds MSP products including Risk Intelligence, Remote Monitoring & Management, Backup & Recovery, Mail and Service Desk – comprise the market’s most widely trusted integrated solution.
Deployed on millions of endpoints across hundreds of thousands of networks, the platform has the industry vision to define and deliver the future of the market. SolarWinds MSP provides the most comprehensive IT security available as well as LOGICcards, the first ever IT notification feature powered by prescriptive analytics and machine learning.
SolarWinds MSP's passion is helping IT professionals secure and manage their systems and data through actionable insights, rewriting the rules of IT.
----------
Sources:
Sans Institute: https://www.sans.org/reading-room/whitepapers/bestprac/infrastructure-security-architecture-effective-security-monitoring-36512
Techopedia: https://www.techopedia.com/definition/16955/network-infrastructure
Sans Institute: https://www.sans.org/reading-room/whitepapers/basics/infrastructure-security-step-step-430
Verizon: http://www.verizonenterprise.com/verizon-insights-lab/dbir/2016/
TechTarget: http://searchsecurity.techtarget.com/feature/Proper-network-segments-may-prevent-the-next-breach
KrebsonSecurity: http://krebsonsecurity.com/2014/02/target-hackers-broke-in-via-hvac-company/
ISACA: http://www.isaca.org/cyber/Documents/State-of-Cybersecurity_Res_Eng_0415.pdf
Disaster Recovery Preparedness Council: http://drbenchmark.org/wp-content/uploads/2014/02/ANNUAL_REPORT-DRPBenchmark_Survey_Results_2014_report.pdf