What happens when your IT service firm, the one who is supposed to be keeping you safe from hackers, is themselves the target of a cybercrime? Businesses across the country are struggling to answer this question after discovering that not only had their IT partner been hacked, but that their data had been violated or stolen as a result.
Many of these attacks have followed a similar pattern. State-sponsored attackers from Russia or China compromise the weak cybersecurity at a vulnerable managed IT services (MSP) firm, then moved laterally through that network to attack the networks of their clients. Some of these attacks lasted for months or years without being discovered.
In just 2019, there were notable cases.
And just recently the SolarWinds hack, which was perpetrated through IT service providers, shook the foundation of the nation’s cybersecurity community.
So, a new frontier in the war on cybercrime has opened. How can you help ensure that your security partner is up to the challenge of protecting their own network? As with many matters related to IT, it pays to be proactive.
This new threat demands that businesses see their IT service providers as a potential cybersecurity vulnerability, learn about the security protocols they have in place, and take a more active role in picking a partner whose cybersecurity vigilance meets their requirements.
It’s important to clarify that no technology system — no matter how protected or well-funded — is 100% resistant to cyberattack. But there are important steps that an MSP can take to mitigate the risk of cyberattack to their systems.
What questions should you ask an IT service provider to make sure they’re taking their security seriously? Here are some good places to start:
Start with a general inquiry into the firm’s cybersecurity. While most service providers will talk openly about the many ways that they can help you achieve greater security, see if they’re willing to talk about their procedures for internal security with the same degree of openness.
Confident answers that touch on the following topics is a good indicator they take security seriously.
Two-factor authentication (2FA) is the process by which a user is required to use something they know (like a password) along with something they have (like a cell phone) in order to verify their identity and gain access to an account.
While not a silver bullet to security, it’s one of the single greatest tools companies can use to secure their systems. Most of the recent incidents have involved stolen credentials. That means rigorous 2FA implementation, especially on sensitive systems, could have greatly reduced or eliminated the damage done from those attacks.
Having backed-up data is the last line of defense against a successful attack. But hackers know that these systems are one of the most important ways that both companies and MSPs defend themselves, and have started disabling them in advance of an attack. This ensures that when they ask for a ransom later, the victim lacks easy access to an escape route and must pay.
In order to minimize such risks, ask your MSPs how they maintain their back-up systems. Are they changing important passwords to ensure that the service hasn’t been tampered with after employees leave the company? That’s a security best practice. They should also run regular audits to make sure the back-up systems are running properly, which many providers won’t do.
You can also help secure your business by demanding a high standard of service for yourself. Any provider who tries to sell you cut-rate security services is certainly not taking their own security very seriously and should be replaced. This often applies to providers who offer tiered “silver,” “gold” or “platinum,” security plans. In the worlds of IT veteran Paul Dippell, there is no “low-tier” security, there is either the best security or no security at all.
To that end, if you want to inquire deeply into your IT partner’s level of internal security, here are some more questions you can ask them:
Our team has helped countless businesses in both Albany, NY and Charlotte, NC take control of their network technology and mitigate cybersecurity risk, while also maintaining the highest standard of security on our own systems.
If you’d like to ask us questions about how we help organizations discover greater cybersecurity confidence — or how we mitigate risk in our own networks — we’d be happy to tell you more. Contact us any time at 877.877.1840 or by email at [email protected]. We look forward to speaking with you!
We’re passionate about helping business in Albany, New York and Charlotte, North Carolina attain maximum security. If you would like to bolster your disaster protections, train your staff for better awareness, or test your existing disaster recovery systems, contact us now.