There are no magic bullets for data protection. In other words, there is no possible way to prevent cybercriminals from penetrating your clients’ defenses. As long as there are people involved in the process ‒ developing the systems, accessing applications, and sharing credentials with strangers ‒ no MSP should ever provide protection guarantees to their clients.
In other words, there is no possible way to keep everyone 100% secure. Determined cybercriminals will find a way into any business they target. The good news for the SMB is MSPs won’t give up the fight, not just for the income streams that cybersecurity services deliver, but to ensure their clients remain viable and productive. There’s no excuse for poor protection.
While layered security may not stop every cybercriminal or catch every mistake by a careless employee, it improves companies’ chances of spotting potential threats before they cause any serious damage. Defense in depth is meant to slow down the bad guys, though, with the right mix of security solutions and a little luck, MSPs should be able to thwart a majority of cyberattacks.
The question many ask is what constitutes layered security? Many use this term rather loosely, and the definitions vary significantly between tech communities including MSPs, vendors, and other industry experts.
Let’s start out with what it should be: all-encompassing. Every potential point of failure should be covered with at least two layers of defense. Optimally, MSPs want to receive an immediate alert when cybercriminals get through initial defenses or those systems fail. Consider it a “guard dog” approach that gets the attention of tech professionals while the second layer slows down attackers. The goal for MSPs is to create a buffer that gives them enough time to assess the problems and respond accordingly.
For example, a typical network security setup includes antivirus, anti-spyware, routers, firewalls, and intrusion detection systems to stop criminal activity. MSPs usually manage those technologies and monitor traffic for anomalies and performance issues that could signify a breach or other vulnerability concerns. A layered security approach adds a number of other protection measures on top of that stack to effectively lock down their clients’ networks and, most importantly, access to company data.
An effective “defense in depth” strategy will cover the following areas:
1. Strong encryption applications
A growing number of compliance requirements and industry standards are making this a “must have” for businesses. That included encryption of outgoing and incoming communications, especially emails that contain sensitive information, as well as stored data.
2. Email security
Many organizational leaders fail to realize the risks associated with electronic communications and rely heavily on the basic protection measures in their cloud solutions, including O365 and Gmail. Those fundamental security features are a good starting point. Unfortunately, cybercriminals usually look for “low hanging fruit,” and it makes good business sense for them to target these popular platforms first. MSPs can add a variety of security measures to slow down, if not stop hackers and other mischievous people, including inbound and outbound traffic filtering and encryption.
3. Effective patch management process
Every MSP should develop policies and procedures for downloading, testing, and push patches across all client locations (including remote offices and virtual workplaces).
4. Cybersecurity awareness training
Businesses should enroll all employees and business associates (anyone who accesses the corporate network) in these ongoing educational programs. MSPs can help implement, monitor, and report progress, and develop remediation plans for high-risk end users.
5. Access and password management
The objective here is to control both physical and online access to the IT ecosystem. The processes for assigning, monitoring, and revoking employee and visitor credentials must be properly managed to prevent an unauthorized user from accessing company data and business applications.
6. Multi-factor authentication
Reduce the risk of unauthorized users, including cybercriminals, from accessing clients’ information systems. While tokens may not be as popular as they were 20 years ago, access cards and smartphone-based options have become quick and user-friendly alternatives.
7. Physical security controls
Some would argue that surveillance systems, motion detectors, and door access controls are outside the scope of IT professionals’ responsibilities. However, thanks to digital transformation, many of these solutions are IP-based and can be managed like any other MSP service. More importantly, physical security controls create a very powerful layer of protection for deterring cybercriminals.
8. BDR/ business continuity
No business should operate today without an effective backup and disaster recovery plan in place. In the event a cybercriminal gets through the multiple layers of protection, this final piece of the puzzle becomes the failsafe for MSPs and their clients. Planning, implementation, and periodic testing should be considered a mandatory standard.
These are just a few of the key pieces of layered security. Defense in depth requires MSPs to take a substantial role in the planning and infrastructure design processes. Providers can “lock the gate” on cybercriminals with a proactive approach. This new channel standard includes dark web and network assessments to detect vulnerabilities, and monitoring services to spot anomalies and performance issues before breaches or other cyber-related incidents can take place.
Layered security, according to ethical hackers and other experts in the field, is the best cyber insurance policy business leaders can buy. MSPs have an opportunity to deliver that message to the SMB ‒ and to put these valued practices into action.