Three Cybersecurity Mistakes to Avoid in 2019
On average, about two-thirds of people give up on their new year’s resolutions by February. It is easy to give up on goals like eat less sugar, work out or read more books with little to no consequence. However, when it comes to cybersecurity resolutions, MSPs do not have this luxury. Indeed, with recent reports of hackers targeting MSP networks, it is more important than ever to ensure that your business and your clients are set up for cybersecurity success in 2019. Here are three mistakes you definitely do not want to make this year.
- Assume you are not the target.
While you may preach cybersecurity readiness to your clients, many MSPs tend not to consider themselves as viable targets for hackers and other malicious actors. This could not be further from the truth. Many MSPs have unparalleled access to SMB and enterprise networks, which in turn makes any services provider the Costco of network access for cybercriminals. They can easily “buy in bulk” and get twice the haul that they would normally find with targeting just one business.
This trend is more and more of a concern. In fact, the U.S. Department of Justice recently charged two Chinese hackers with breaking into MSPs to hit end-customer networks all around the world. Every MSP and client network could be vulnerable if the proper steps to secure said networks are not taken.
- Rely solely on endpoint security for protection.
Many have heard the term “layered security,” and they know how this approach to building out a cybersecurity defense strategy can be effective in curbing hackers’ attempts. Not enough solution providers take this approach seriously, as they worry only about protecting their devices with endpoint security.
Layered security is about creating multiple levels of protection against hackers. A big part of layered security is ensuring not only that targeted machines and networks are protected, but also that the potential attack vectors that malicious actors may utilize to deliver a payload are neutralized.
The most common attack vector among MSPs and their clients has been and remains email, according to cybersecurity research conducted by VIPRE Security. While you are still protecting your endpoints from viruses and other malware using a top-notch endpoint security solution, hackers can exploit human error to ensure their payloads are delivered by sending well-crafted messages to click-happy end users. One way to begin implementing a layered security approach is to utilize an email security product that works in cooperation with your endpoint security solution. Most email security solutions will prevent malicious emails from even reaching their recipient, stopping any phishing or email-based attack dead in its tracks.
- Ignore the human aspect of cyber security.
The security of a network is only as good as the users on it. As cybercrime becomes more rampant and malicious actors become more sophisticated in their attempts to penetrate user networks and steal personal information, it becomes essential for network admins and/or MSPs to train their end users on proper protocols and what to be wary of in terms of cyberattacks. While this is extra effort and requires additional time commitment, many clients and business leaders will appreciate the thoroughness of network protection you are seeking. Additionally, for MSPs, cyber security training can mean a bonus service offering for your clients that will enable you to maximize revenue.
While we may never know what cybersecurity challenges await us each year, we know we must be prepared as the threat landscape evolves daily. VIPRE Security understands that cybersecurity professionals of all shapes and sizes must implement a layered security approach that utilizes not only effective endpoint security but neutralizes attack vectors such as email. Here is to a successful and secure 2019!
This guest blog is part of a Channel Futures sponsorship.