CybersecurityManaged Services

Internal Policies That Prevents MSP Hacking

By July 7, 2020 July 25th, 2020 No Comments

In an ever evolving online world where information and data is as valuable as tangible currency, many businesses rely on Managed Service Providers (MSPs) to manage their day to day IT platforms and other business assets.

Hiring a MSP organization, like Resilient IT, helps companies perform more efficiently without having to bring on outside employees to handle such tasks allowing more resources to be focused on a company’s specific business practices. Because they’ve become so popular and usually manage multiple clients at one time, they’ve also become a breeding ground for calculated attacks with the ability to compromise and expose sensitive data for multiple business in a single invasion as reported on by the US Secret Service in June, 2020.

What are some of the consequences of an MSP attack?

An attack by a hacker on an MSP can include some or all of the following exposures:

  • Ransomware attacks
    • Malware used by cyber criminals to demand payment for the return of sensitive data.
  • Business Email Compromise (BEC) campaigns
    • The impersonation of individuals within an organization
  • Point-of-sale intrusions
    • Accessing credit card information from purchases at entertainment and hospitality retailers. 

At Resilient IT, the security if your systems and data is our highest priority which is why we adhere to a number of internal policies that significantly decrease the possibility of a security breach including:

  • Having a well defined service level agreement
  • Ensuring remote administration tools are patched and up to date
  • Enforcing least privilege for access to resources
  • Having well defined security controls that comply with end users regulatory compliance
  • Performing annual data audits
  • Taking into consideration local, state, and federal data compliance standards
  • Proactively conducting cyber training and education programs for employees.

As an MSP customer, we recommend our clients to adhere to the following policies to aid in the prevention of hacks against their sensitive data:

  • Audit Service Level Agreements
  • Audit remote administration tools being utilized in your environment
  • Enforce two-factor authentication for all remote logins
  • Restrict administrative access during remote logins
  • Enforce least privilege for access to resources
  • Utilize a secure network and system infrastructure capable of meeting current security requirements.
  • Proactively conduct cyber training and education programs for employees. 

Resilient IT will work alongside you and your company’s needs to ensure data breaches of this magnitude are of no concern, and you can go about running your business carefree.

Ryan Hartzell

About Ryan Hartzell

Partner/President & CEO Resilient IT. One part of a talented team of IT professionals committed to serve our customers by providing superior technical knowledge combined with business acumen and customer service that exceeds expectations. We leverage the strength of our team, partnering to deliver best in class solutions that are cost effective and enable our clients to focus on the growth of their business. I lead Resilient from a sales and operation perspective.

Leave a Reply