In business today, data security is one of the most important functions that any IT department is responsible for, and the weight of that responsibility is only growing over time. However, your end-users might not know if an element of their IT services operation needs an overhaul until something goes wrong.
If you want to maintain trust with your customers, you can’t afford to let it get to that point. To make sure they’re prepared, here is a simple guide on the biggest issues to look out for, and what you can offer your customers if you spot a problem.
1. Weak passwords
One of the most glaring sore spots, if not the most glaring, in an end-user’s information security strategy are strong passwords. Sadly, despite how much havoc weak passwords can wreak on any network’s resilience against attack, by and large, good password hygiene has not gotten noticeably better in the last ten years. Password management is not take advantage of.
Regardless of how you choose to deliver your customers a refreshed password strategy, password security essentially comes down to end-users setting complex passwords and implementing multi-factor authentication. We probably don’t have to tell you how many high-profile breaches and identity theft cases boiled down to an easily guessed password being the only safeguard standing between attackers and the keys to the kingdom.
A common frustration when it comes to passwords is the fact that end-users have to create new ones frequently and some people just aren’t that creative. This is where password generators come in. They provide you with strong passwords for your accounts. That way your sensitive information stays protected.
Additionally, a password manager is a great way to store and remember all your passwords. Many end-users have a number of accounts to keep track of. With a password manager you only need to remember one master password to gain access to the credentials of all your accounts.
Depending on the industry your end-users operate in, regulations might make passwords at some level or another unavoidable.If an end-user’s operations can do without passwords, and they can’t fully migrate to high-entropy passwords, you can step in and offer an alternative. This will not only solidify their operations and save you an unnecessary headache from an easily preventable breach, but it shores up their trust in you by showing that you are proactive and responsive to their individual needs.
2. Ignoring "update now" messages
The old adage, “don't put off until tomorrow what you can do today” applies when it comes to applying software updates and patches. The tangle of software and APIs that go into a modern enterprise operation is so convoluted that end-users can no longer afford to wait for IT staff to notice out-of-date software, get approval from higher-ups to execute an update and go forward with update deployment on their own.
Rather than relying on end-users to always launch updates for everything running on their (or cloud) hardware, wouldn’t it be better if you could present end-users with a unified dashboard of all their software patch levels and instant alerts if a new update drops? Fortunately, as a managed service provider (msp) we can help you with updates.
We also offer periodic vulnerability assessments as well as endpoint security. You, as a channel partner, can effortlessly recommend and pass on these features to, and customize them specifically for, your customers as needed.
3. Not having a tested disaster recovery plan
Although most businesses have a backup and disaster recovery plan (BDR) not all of them have a restoration plan in case a breach is severe enough that remediation is insufficient for full operational recovery. Even if an end-user does have a restoration plan in place, it can be functionally useless in actual practice if it is not tested on a regular basis and updated as their business needs evolve.
If your end-users are doing anything less than regularly testing (and updating) a ready-to-deploy BDR, it’s time for you to intervene and get them back on track. Formulating a restoration plan where one does not exist or updating an outdated one, is a significant undertaking, and you and your customers should work closely to figure out what kind of response is best for their needs.
However, we can help reduce the burden of architecting a restoration plan by building and maintaining a complete and organically adapting picture of your end-user’s network.
4. Phishing
Phishing may be unsophisticated, but what makes it dangerous is that it is a low-cost, high-volume attack technique. With phishing, attackers pretend to be an individual from a seemingly legitimate entity in order to trick an end-user’s employee into interacting with malware-delivering content, leading to a network compromise with that employee as patient zero.
As the model implies, it only takes one employee making one misstep to cause a breach that can cost your customers money in remediation, legal compliance, and downtime. Overwatch empowers you to offer your customers an array of mutually reinforcing, concrete preventative measures against phishing.
In addition to pre-built security awareness training programs with phishing recognition exercises ready for you to roll out to your clients’ staff, we let you deploy web-content filtering, letting you keep tabs on what your end-users are receiving and how they are interacting with it.
Phishing is not likely to stop anytime soon, but by watching your end-users from multiple angles, you can dramatically cut down the time to diagnosis and response, and make your customers a less lucrative target for future phishing campaigns.
5. 24x7 availability
Information security threats are no longer small, isolated or national criminal operations, but sprawling enterprises with global reach. This makes monitoring 24 hours a day, 7 days a week imperative for a sound security strategy--threats don’t take a break while your end-users are off the clock.
With our vigilant team of highly trained professionals, TNS saves you the trouble of having to put together a 24x7 monitoring operation for your customers. This lets you deliver network protection to your customers with the assurance that you won’t miss a beat when their staff goes home for the night.
We also put your constant monitoring a cut above competitor solutions that can only offer the former. This dramatically reduces the response time for breaches by cutting down on the noise and giving our (and your) analysts more attention to devote to true threats. Low response time translates directly into breach prevention, and prevention beats remediation every time.
Making TNS work for your customers
Managed security services are an important component of any enterprise IT department, especially for those of SMBs. The solutions offered here, while central to the TNS platform, are only the tip of the iceberg for what it can do for your product line.
If the issues your customers are facing don’t fall into any of these categories, or another solution is required in order to fit their unique needs, contact us to find out what upgrades you can make to your information security products.
Categories: Managed Service Provider, MSP Blogs
