Is your IT service provider a target for hackers?
Whenever you set out to achieve something, it’s always best to achieve maximum effect for minimum input. That’s just logical and it’s also good business.
Sadly, it’s a principle that works as well for criminals as it does for everyone else!
When someone wants to break into businesses online, whether for profit or to wreak havoc for political or competitive reasons, the more accounts they can reach in one place, the more attractive the target.
Often this means they go for one big service provider which, if they can break in, gives them access to millions of customer accounts in one place. Or if they can compromise a service that’s run on millions of computers around the world, they could get control of many aspects of those computers to use for their own ends. Think of well publicised breaches at Sony, Yahoo, even the National Security Agency in the USA.
There’s another way to get increased ‘bang for your buck’ though, if you want to reach as many victims as possible – through companies like ours!
At first glance you might think we’re a bit daft to say that, but it’s no secret and it’s certainly not something the hackers aren’t already focused on.
Managed Service Providers (MSPs) like Bespoke Computing are trusted to access and maintain systems and hardware for large numbers of clients, meaning that if we can be compromised, all of those companies, in theory, are too.
As an industry, we and our peers are wide awake to this and much research has been done into MSPs being targeted by hacking groups (including this major report by PwC and BAE Systems).
Of course this knowledge informs everything single thing we do. Security is the starting point for every action we take and it’s an ongoing top priority every minute of every day.
Among the many steps we take to keep clients and ourselves safe include:
- Applying multiple layers of security, such as email and web filtering, anti-virus and anti-spyware monitoring and detection;
- Full auditing of web and email usage, to spot where risks might occur;
- Network segregation – keeping devices and/or users on separate parts of a network when they don’t need to be together, thereby creating isolation between them in the event of a problem;
- Only opening connections to clients when they are needed – we don’t leave open links when they are not in use;
- Aggressive password management – every password we use is complex, unique, stored in an encrypted vault and refreshed on a regular basis;
- The use of multi-factor authentication (where a one-time code is generated for each login) wherever it is possible and practical;
- Ongoing monitoring of all managed clients and our own hardware to detect and alert on any potential intrusions, allowing a swift defensive response;
- Proactive network and security auditing for managed clients (finding and closing down risks before they become a problem!);
- Ongoing education of these issues and known risks with clients and their staff.
It’s not just about avoiding intrusions and attacks, they will always come, but it’s also critical that we know our approach will always limit damage, allow for any compromise to be quickly isolated and for systems and data to be quickly restored to full working order!
That’s what an MSP does for its clients. So rather than being an attractive point of entry to our clients, we become the hardest way to reach them and they, in turn, are harder to attack because we’ve got them covered.