If a business gets hit by ransomware and loses its critical financial data or customer information, who gets blamed?
With businesses facing more cyberattacks than ever, managed service providers (MSPs) are expected to deliver a basic level of security protection to their customers. While “basic” at one time may have meant antivirus software, today that is not enough.
Let’s take ransomware for example. There are many ways ransomware can hit an organization network. A few stats from Solarwinds follow.
73% through emails carrying attachments with malicious payload.
54% of Ransomware go through a phishing email
and 28% of infections come in through malicious or compromised websites.
But data loss does not mean ransomware only. In every modern and web connected business a multi-layer approach to security is required.
One way or another we should somehow address the following basic security essentials on our quest fighting the risk of data loss.
Many breaches are the result of a hacker exploiting unpatched systems or software. We need to make sure every device we manage is up to date with the latest software patches.
The best antivirus solutions protect against both known and new malware but can easily fail if the antivirus is not monitored. Integrated (or managed) antiviruses provide a single dashboard where we can simplify bulk deployments across sites and servers, schedule automated scans during times that will not disrupt end users, examine logs and more.
More often than not, phishing attacks, drive-by downloads and other web-based attacks happen because an unwary user inadvertently stumbles upon a malicious site. MSPs need a way to block malicious URL requests to prevent connections to domains known to be used by attackers. Web protection software does this while also allowing MSPs to set their own content-filtering policies, website blacklists, browsing policies, and more.
The majority of security threats arrive via email. By analyzing incoming and outgoing messages for potentially malicious attachments, scripts, domains, URLs and text strings, mail filtering software makes it easy to protect our customers from spam, phishing attempts, and malware. In addition, we monitor and manage blacklisting, whitelisting, and apply quarantine policies.
Backup is a lot like insurance: it is not always needed, but when it is, it is a lifesaver. A cloud-based backup and a disaster recovery solution is the best defense against most ransomware attacks, making it possible for businesses to get back to work by quickly and easily restoring corrupt or encrypted files.
In Creative People we embrace a layered, defense-in-depth approach to security and make essential security capabilities part of our managed IT service offering. Our customers get peace of mind knowing they face less risk of business disruption due to common, opportunistic threats. We use early warning techniques and inhouse developed tools, while working 24×7 to defend our customers’ infrastructures.