Securing The Setup
This is by and large the most important item for MSPs to be paying attention to right now . Now that everyone is settled at home , they need to make sure the work they ’ re doing is secure . “ The surface area , or attack area , for cybercriminals to get in has now significantly grown thanks to remote work setups ,” says Kevin Lancaster , founder of ID Agent and general manager of Kaseya ’ s security solutions . “ Employees are having to log into applications they ’ ve never used in the past . Inevitably , every time you download one , set up a username and password for it , and start using it , you create another potential exploit area .”
Whereas these employees were previously contained inside their corporate network or inside their company ’ s firewall , they ’ re now accessing work platforms , cloud platforms , and networks from insecure home Wi-Fi . Employees and their families are creating new user accounts for leisurely use and data-swapping between personal and professional devices . All these activities provide ample openings for cybercriminals to slip right through a company ’ s cybersecurity defenses . That ’ s why it ’ s so critical for MSPs to be extra proactive about the security they offer .
“ There has to be a dramatic shift in priorities ,” Lancaster says . “ Acquiring customers and growing the MSP has always been the focus , but right now , it ’ s most important to maintain current customers by migrating them to secure remote work and ensuring that they are , in fact , secure by providing high-value security services .”
There are three minimum offerings every MSP should have for their customers : multifactor passwords , single-sign-on capabilities , and password management . Increasing security around account access is crucial because there ’ s been a dramatic increase in the ability to exploit an individual . “ Once an individual has been exploited , it ’ s easy to leapfrog to being able to exploit the business ,” says Lancaster .
Offerings like multifactor authentication for access to company networks and accounts are critical . “ Many MSP customers are using VPNs for the first time , and the challenge is that access to those VPNs is often just an email address and a password . There ’ s no multifactoring ,” he says . It ’ s just as easy for cybercriminals to access a VPN as it is any other account if the proper protections aren ’ t put in place .
Another way to dramatically reduce the chance for attacks is by adding single-sign-on capabilities for any accounts that MSP customers use to access cloud applications . The more email and password combinations there are to punch in , the more chances there are for cybercriminals to access them . So , take the element of the password that can be exploited and add a second layer of protection to it by offering single-sign-on services .
For those MSP customers who need multiple email-password combinations to access information , it ’ s critical to instead encourage them to use a password management system .
Close to 80 % of security compromises stem from access to a sign-in credential in some form . Phishing , password hacking , and forced attacks are all ways for criminals to get what they want , and the decreased security created by at-home setups makes it that much easier for them . The duty of MSPs is to make their job hard again , no matter what their customers ' work setups look like .
Staying Viable
Not all MSPs were providing the crucial security services their customers needed to make the shift to remote work simply because it wasn ’ t expected . Those that were offering them are now ahead of the curve , but those that weren ’ t are playing catchup . Either way , most MSPs should see this as an opportunity to embrace a changing future .
“ The MSP security market is starting to mature . COVID-19 forced people to take security much more seriously and accelerate the adoption of these tools ,” Lancaster notes . “ There are two schools of thought for how things will play out from here : Some businesses will go back to being fully on-site , where employees can be directly monitored . But others will have learned that work can be done from anywhere . They ’ ll feel liberated by eliminating costs like rent and by reducing utility bills and will become more profitable and efficient in other ways . Those businesses are going to stick with remote work and all the necessities that go with it .”
That ’ s what MSPs have to look forward to and how they can position themselves as a viable service , no matter how their customers decide to conduct their business in the future . MSPs should shift their mindset and their offerings to be more enabled for both in-office and at-home customers . It ’ s about offering the old and the new .
The New Frontier
COVID-19 is ushering in a new way of thinking when it comes to the way businesses can and want to operate . MSPs should be ready to support those ways of thinking if they want to remain viable . You can leverage the current tides as an opportunity for your customers to expand their business practices . In turn , that means you ’ re also creating new opportunities for the work and capability of your MSP . Great change enacts great change .
When it comes to business operations , a new reality is going to emerge from the crisis we ’ re working our way through . We ’ re just starting to see what that reality could potentially be , but no matter what , if your MSP doesn ’ t see the benefit of adapting , then it may not be around long enough to discover what that new reality is . n
VOLUME 1 ISSUE 8 • MSPSUCCESSMAGAZINE . COM | 7