https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

Best Practices


Shutterstock

Best practices

Important Security Best Practices for Spring and Beyond

  • Written by Jeffrey Crystal and Ben Nowacky
  • March 2, 2020
Here are some key security practices to add to your company's SOP.
Axcient's Jeffrey Crystal

Jeffrey Crystal

Axcient's Ben Nowacky

Ben Nowacky

It’s reported that hackers attack every 39 seconds, which averages 2,244 times a day. Based on this, you have either already been attacked, are being attacked right now or you’re about to be attacked.

If that’s not enough to get your attention, consider these statistics:

  • Forty-three percent of breach victims are small businesses; about 30% of phishing emails are opened by users, and 12% of those users click on the infected link or attachment. (Verizon)
  • Smaller organizations (1–250 employees) have the highest targeted malicious email rate at 1 in 323. (Symantec)
  • Every day, around 230,000 malware samples are created by hackers. (Panda Security)
  • Cyberattacks are the primary reason that around 60% of small companies to go out of business. (Small Business Trends)
  • Around 94% of targeted emails use malicious file attachments as the payload or infection source, while 91% of cyberattacks begin with a “spear phishing” email. (KnowBe4)
  • Only 5% of company folders are properly protected, on average. (Varonis)
  • Financial and manufacturing services have the highest percent of exposed sensitive files at 21%. (Varonis)
  • The average cost of a ransomware attack on businesses is $133,000. (SafeAtLast)

Clearly, the frequency and severity of cyberattacks are on the rise. Of particular concern is the increasing number of attacks directly targeted at managed service providers (MSPs) and their customers. What’s worse, the attackers often leverage MSPs’ own automation and remote-control tools to directly access and compromise their customers.

Security is a shared responsibility between vendors and partners, and it is imperative that partners also exercise best practices in securing their platforms, tools and devices to minimize risk to themselves and their customers.

Critical Security Practices

In this article, we highlight some critical security practices that should be incorporated into your standard operating procedure (SOP) checklists. This list shouldn’t be considered comprehensive, but instead suggest mitigations for the risks and threat vectors we see most often.

Ensuring password security: Increasingly bad actors are leveraging network monitoring and key-logging software to observe their intended victims for some time, capturing critical administrative passwords and familiarizing themselves with the target environment ahead of their attacks. Due to the skilled and patient nature of these attacks, it’s no longer enough to rely simply on strong passwords. Reusing a single password across multiple customers or environments is particularly dangerous, as once compromised, you’re potentially exposing multiple customers.

A common vulnerability in all too many environments is the presence of default passwords left in place on firewalls, IPMI interfaces and other areas. Default passwords allow attackers to gain dangerous access and privileges within the network. Always make sure default passwords have been replaced to deny this avenue of attack against your systems.

Mitigating ransomware and data destruction: By far the most common attacks involve the use of ransomware (e.g., CryptoLocker) software against your servers and workstations. Once encrypted, your data and systems are held hostage by a ransom demand, and paying the attackers provides no guarantee of recovery. In fact, even if payment results in the release of your systems, it’s almost certain the attackers have left root kits, back doors, and even time bombs, so they can strike again in the future. Only a …

  • Page 1
  • Page 2
Tags: MSPs VARs/SIs Best Practices Networking Security Strategy

Related


  • CP-Expo-Logo-1050x618 web
    Channel Partners Virtual 2021 Is Here — Take Advantage of the Amazing Content
    Some of the industry's most compelling speakers are poised to take the virtual stage at this week's event.
  • Billing
    Massive SolarWinds Hack Prompts Up to $25 Million in New Security Costs for Company
    SolarWinds expects to incur the additional expenses throughout 2021.
  • Communications satellite in space
    IBM Leans on Partners to Bring Cloud Satellite Services to Life
    Big Blue took the much-anticipated hybrid cloud platform out of beta on March 1.
  • Channel Futures MSP 501 logo
    Welcome to the 2021 MSP 501 — Apply Now!
    It's go time! The 2021 MSP 501 survey and rankings are officially open for applications.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Datto Partners with ThreatLocker for Secure MSP Business Operations
  • Now That a Brexit Deal is Done, What's Next for the UK Channel?
  • Palo Alto Networks Rolls Out Latest NextWave Partner Program
  • Juniper Networks Integrates Mist, 128 Offerings Following Acquisitions

Galleries

View all

From The Second City: How to Use Improv as a Business Tool

March 3, 2021

Industry Perspectives

View all

5 Ways XDR Can Improve Operational Efficiency for MSPs

March 4, 2021

Multi-Cloud: Strategy or Inevitable Outcome? (or both?)

March 3, 2021

Backup Vulnerability: 4 Targets Hackers Might Utilize to Infiltrate Your Backup Solution

March 2, 2021

Webinars

View all

A Partner’s Perspective on Channel Success in 2021

March 23, 2021

XDR and Why it Matters to MSPs

March 24, 2021

Top Security Trends Impacting Technology Security Providers In 2021

March 25, 2021

White Papers

View all

Why Fortinet for my MSSP?

March 2, 2021

Small and Mid-Size Business Security: 4 Steps to Success

March 2, 2021

How SMBs Can Secure Endpoints and Remote Workers for the Long Haul

March 2, 2021

Upcoming Events

View all

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

Our latest #Cybersecurity Roundup highlights #CPVirtual, @Huntresslabs, @Entrust_Corp and @InsightEnt.… twitter.com/i/web/status/1…

March 5, 2021
ChannelFutures

RT @Channel_Expo: A HUGE thank you to our amazing #CPVirtual sponsors and exhibitors! 👏 @ATTBusiness @DellTech @8x8 @lumentechco @telarus @…

March 5, 2021
ChannelFutures

.@okta acquiring rival @auth0 in $6.5 billion all-stock transaction. #security dlvr.it/Rtzwdp https://t.co/4LvHCJuwsR

March 4, 2021
ChannelFutures

.@MicrosoftTeams features are coming to @MSFTDynamics365, the company announced at @MS_Ignite. #MicrosoftIgnite… twitter.com/i/web/status/1…

March 4, 2021
ChannelFutures

.@PreciselyData acquired by Clearlake Capital, @TAAssociates. #digitaltransformation dlvr.it/RtzbKg https://t.co/1rNYnTScxq

March 4, 2021
ChannelFutures

Thanks for attending #CPVirtual. Here's a Day 3 wrap and a look ahead to #CPExpo Homecoming in November!… twitter.com/i/web/status/1…

March 4, 2021
ChannelFutures

.@Veeam announces six annual Impact Partner Awards, with @SHI_Intl, @LogicalisUS, more. #cloud… twitter.com/i/web/status/1…

March 4, 2021
ChannelFutures

#XDR can improve operational efficiency for #MSPs. @TrendMicro #security #endpoint #AI #threatintelligence… twitter.com/i/web/status/1…

March 4, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X