Recommendations for Enterprise Organizations

The report continues “Cyber criminals are leveraging compromised MSPs to conduct a variety of attacks including point-of-sale intrusions, business email compromise (BEC), and specifically ransomware attacks.” The Secret Service alert adds substance to the reality of 2020 cybercrime reports like 540M data breaches in the first half of 2020 and HHS reporting that, by August 2020, there were 298 healthcare data breaches totaling over 8.5M records. The Secret Service alert and the high levels of opportunistic cybercrime in this pandemic year suggest a need for MSPs to reexamine the security and compliance of services they provide and their customers to assure the services they purchase are backed by industry best security practices and, if required, a certified compliant Cloud environment.

Recommendations for the MSP

The Secret Service Global Investigative Operations Center (GIOC) provides excellent guidance for a review of best practices to help avert potential MSP based Cybercrime including:

Have a well-defined service level agreement
Ensure remote administration tools are patched and up to date
Enforce least privilege for access to resources
Have well defined security controls that comply with end user’s regulatory compliance
Perform annual data audits
Take into consideration local, state, and federal data compliance standards
Proactively conduct cyber training and education programs for employees

Adding to this list provided by the Secret Service, it is important for the MSP to reassure their security and data protection capabilities are well aligned to prevent attacks and recover systems, processes and data should an attack still occur.

Recommendations for the MSP Customer

The GIOC also provides MSP customer recommendations:

Audit Service Level Agreements
Audit remote administration tools being utilized in your environment
Enforce two-factor authentication for all remote logins
Restrict administrative access during remote logins
Enforce least privilege for access to resources
Utilize a secure network and system infrastructure, capable of meeting current security requirements
Proactively conduct cyber training and education programs for employees

Many of these recommendations are explained in-depth in an earlier Otava article related to Tackling the Rising Costs of Cybercrime. There is also a pertinent discussion of security and technical considerations provided in the recent Otava blog: Best Practices for the Remote Worker.

A Final Word For the MSP

Assure that all of your Cloud Solutions are backed by services from a certified compliant CSP that also offers “industry best” design, security, service, business continuity/backup and operational assurance. As Brad Cheedle, CEO of Otava is quoted in a recent interview about partnering to provide new compliant cloud services with an important MSP partner “By joining forces, we are making it easier and faster for companies to obtain fully managed digital applications that are secure and compliant end to end — starting at the application layer and all the way through our hosted infrastructure.

Additional Information

Tools to Assist Security, Compliance and Improved Cloud Economics

The speed of change and adaptation in today’s IT arena is highly exacerbated by the buildout of hybrid and multi-cloud networks. The adoption of SaaS as a supplemental or even primary source of application and information management adds even more layers of complexity and security concerns.

What is ransomware and how do you protect against it?

Video: Ransomware preparedness with Otava, Veeam and MSPs: Our panel covered many topics in a roundtable-style discussion, starting first by reviewing the main strains of ransomware prevalent in the industry today, and what they’re seeing in terms of risk mitigation.