This week’s blog features an article from our partners at Datto “9 Cybersecurity Tips for MSPs to Bring to their Clients” by Chris Henderson.
With ransomware attacks up 800% during the pandemic, cybersecurity measures have never been more important and more needed.
The move to remote working environments as well as the vulnerability of global economies in crisis has created an open-season for cybercriminals. No business—big or small—is safe. Small and medium businesses (SMBs) seemingly have a target on their backs, so strengthening your clients’ security posture is essential right now.
The good news: There are ways to protect business data against ransomware attacks.
Here are nine tips you can share with clients to help them boost resilience to cyber attacks:
- Conduct a security risk assessment. Understand potential security threats (e.g., downtime from ransomware) and the impact they may have on your business (lost revenue). Use this information to shape a security strategy that meets your specific needs.
- Train your employees. Because cybersecurity threats are constantly evolving, an ongoing training plan should be implemented for all employees. This should include examples of threats, as well as instruction on security best practices (e.g., lock laptops when away from your desk).
- Protect your network and devices. Implement a password policy that requires strong passwords and monitor your employee accounts for breach intel through dark web monitoring. Deploy firewall, VPN, and antivirus technologies to ensure your network and endpoints are not vulnerable to attacks. Implement mandatory multi-factor authentication. Ongoing network monitoring should also be considered essential. It’s also critical to encrypt hard drives.
- Keep software up to date. Be vigilant about patch management. Cyber criminals exploit software vulnerabilities using a variety of tactics to gain access to computers and data. Managed service providers can automate this for businesses with a remote monitoring and management tool. Do not forget to keep your mobile phones up to date as well.
- Create straightforward cybersecurity policies. Write and distribute a clear set of rules and instructions on cybersecurity practices for employees. This will vary from business to business but may include policies on social media use, bring your own device, authentication requirements, etc.
- Back up your data. Daily (or more frequent) backups are a requirement to recover from data corruption or loss resulting from security breaches. Consider using a data protection tool that takes incremental backups of data periodically throughout the day to prevent data loss.
- Enable uptime. Choose a powerful data protection solution that enables “instant recovery” of data and applications. In fact, 92% of MSPs report that clients with business continuity disaster recovery (BCDR) products in place are less likely to experience significant downtime from ransomware and are back up and running quickly. Application downtime can significantly impact a business’ ability to generate revenue. Can your business afford downtime costs that are 23X greater (up by 200% year-over-year) than the average ransom requested in 2019?
- Know where your data resides. The more places data exists, the more likely it is that unauthorized individuals will be able to access it. Use data discovery tools to find and appropriately secure data along with business-class Software-as-a-Service (SaaS) applications that allow for corporate control of data.
- Control access to computers. Use key cards or similar security measures to control access to facilities, ensure that employees use strong passwords for laptops and desktops. Administrative privileges should only be given to trusted staff.
The best defense is a good offense and that’s why developing a robust, multi-layered cybersecurity strategy can save a business.