https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

MSSP Insider


Shutterstock

Remote Worker, Telecommuter

Ongoing Remote Work Due to COVID-19 Propels Need for MSSP Action

  • Written by Kelly Teal
  • September 18, 2020
New findings from Gartner provide a road map for further protecting customers’ environments.

The COVID-19 pandemic continues to prove that remote work is turning into a permanent option, not just a temporary solution. As such, research firm Gartner has laid out 10 security projects, eight of which are new, that address risk management in the new era of work.

Gartner's Jonathan Care

Gartner’s Jonathan Care

“Before the pandemic, most enterprises designed their risk appetites around the assumption that remote working was the exception, rather than the norm,” said Jonathan Care, senior research director at Gartner. “When that scenario was flipped, risks such as always-on VPNs and bring-your-own-device, which were previously a lower priority for security leaders, suddenly became top of mind. This forced security teams to rapidly reassess their enterprise’s risk landscape and deploy new solutions and policies accordingly.”

To be sure, a recent ConnectWise survey shows that COVID-19 has amped up SMBs’ security concerns, in particular.

With all that in mind, managed security service providers may want to doublecheck that they have acted on, or soon will, the following recommendations for clients. The projects do not require completion in the order in which they are listed. Rather, they can be conducted independently of one another.

Gartner’s 10 Security-Project Recommendations

1. Secure the remote workforce. Focus on business requirements. Understand how users and groups access data and applications. Now that a few months have passed since COVID-19 sent employees to work from home, the time has come for a needs assessment and review of what has changed. This will determine whether access levels are correct and whether any security measures are impeding work.

2. Evaluate risk-based vulnerability management. Don’t try to patch everything, Gartner says; instead, focus on exploitable vulnerabilities. Go beyond a bulk assessment of threats and use threat intelligence, attacker activity and internal asset criticality to provide a better view of real organizational risk.

3. Use extended detection and response (XDR). XDR serves as a unified security and incident response platform that collects and correlates data from multiple proprietary components. This platform-level integration occurs at deployment. XDR consolidates multiple security products into one. It could provide better overall security outcomes, according to Gartner.

4. Implement cloud security posture management. Organizations need common controls across IaaS and PaaS. They also need automated assessment and remediation. Because cloud applications are so dynamic, they require an automated DevSecOps style of security, as Gartner noted. Ensure policy uniformity across the organization’s public clouds.

5. Simplify cloud access controls. Make sure the organization has cloud access security brokers in place for cloud access controls. This will offer real-time policy enforcement and active blocking.

6. Put DMARC in place. Domain-based message authentication, reporting and conformance, or DMARC, provides email authentication policy. Phishing emails have grown more sophisticated, making it harder for end users to determine what’s real and what’s not. DMARC does not assure total email security, but it does deliver another layer of trust and verification, such as with domain spoofing, Gartner says.

7. Deploy password-less authentication. Employees often use the same password for their work computer as for their personal email. This can cause major security headaches. Password-less authentication represents a better approach, Gartner says.

8. Classify and protect data. Because data varies, a one-size-fits-all security ethos will increase risk. Some data will have too much protection; others will have too little. Gartner supports starting with policies and definitions for each data set, then adding in the requisite security.

9. Assess workforce competencies. Put the right people with the right skills in the right roles, Gartner says. While no perfect candidate exists, one person can hold five or six must-have attributes for each project.

10. Automate security risk assessments. This will help security teams to understand risks related to security operations, new projects or programs.

MSSPs Are Crucial, Especially for Remote Work Safeguards

Overall, the breadth and depth of these recommendations underscore that organizations may well want to increase their reliance on MSSPs in the coming years.

This applies not just because of MSSPs’ expertise, but because enterprises must think about mitigating potential legal problems. That observation comes after two new findings on Gartner’s part. The first is that only 12% of chief information security officers excel in all four areas considered vital to effectiveness. The second is that, by 2024, three in four (75%) CEOs will be held personally liable for cyber-physical security incidents, Gartner predicts. Aligning with a solid MSSP that stays ahead of bad actors could stand out as the key.

For now, though, MSSPs must stay focused on enabling customers’ businesses while reducing their exposure.

“Bad actors are always looking to take advantage of worldwide events, such as the pandemic, to exploit new vulnerabilities and circumvent even the most advanced security controls,” Care said.

Tags: MSPs Business of Security Channel Research Endpoint MSSP Insider Network

Related


  • Threat protection
    Critical Threat Protection Steps MSSPs, Other Partners Must Take Now
    In this second installment in our series on threat protection, vendors discuss what partners have to do this year.
  • Brexit
    Now That a Brexit Deal is Done, What's Next for the UK Channel?
    There's an Increased need for virtual services and video conferencing, and a focus on security moving forward.
  • Zero Trust Security
    3 Strategies for Selling Zero Trust in the Channel
    Switching to a zero-trust security approach reduces exposure to potential data breaches and helps drive down fixed costs.
  • Malicious hacker group
    BlackBerry Research: MSSPs Increasingly Targeted by Hacker-for-Hire Groups
    The cybercrime industry has adapted to new digital habits.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Vendors: How Do You Measure a Partner Relationship?
  • The Top IT Challenges Executives Will Face in 2021
  • Getting Clients Ready for an 88% Increase in Cloud Adoption
  • Law Firm Cyberattack Exposes Tens of Thousands of Patient Records

Galleries

View all

International Women’s Day & Tech: Move Beyond the Conversation

March 8, 2021

Industry Perspectives

View all

What is FirstNet–and What Are the Benefits for Channel Partners?

March 8, 2021

5 Ways XDR Can Improve Operational Efficiency for MSPs

March 4, 2021

Multi-Cloud: Strategy or Inevitable Outcome? (or both?)

March 3, 2021

Webinars

View all

A Partner’s Perspective on Channel Success in 2021

March 23, 2021

XDR and Why it Matters to MSPs

March 24, 2021

Top Security Trends Impacting Technology Security Providers In 2021

March 25, 2021
  • 1

White Papers

View all

Why Fortinet for my MSSP?

March 2, 2021

Small and Mid-Size Business Security: 4 Steps to Success

March 2, 2021

How SMBs Can Secure Endpoints and Remote Workers for the Long Haul

March 2, 2021

Upcoming Events

View all

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

We celebrate #InternationalWomensDay by highlighting the important conversations and key statistics. @channelsmart… twitter.com/i/web/status/1…

March 9, 2021
ChannelFutures

A UK-based MSP got a lesson in grace when a post intended as a joke was mistaken for online bullying.… twitter.com/i/web/status/1…

March 9, 2021
ChannelFutures

Learn more about #FirstNet and partnering with @GetWirelessLLC. #LTE #firstresponders #connectivity #IoT… twitter.com/i/web/status/1…

March 8, 2021
ChannelFutures

Have you heard? @McAfee is selling its enterprise security business. And 75-year-old founder #JohnMcAfee faces deca… twitter.com/i/web/status/1…

March 8, 2021
ChannelFutures

Today we celebrate the achievements of women worldwide, and we are proud to give the rockstar women in the channel… twitter.com/i/web/status/1…

March 8, 2021
ChannelFutures

The list of #Accellion FTA breach victims keeps growing. Another bank joined the list over the weekend.… twitter.com/i/web/status/1…

March 8, 2021
ChannelFutures

Happy #InternationalWomensDay! The Channel Futures / @Channel_Online team is proud to support @AllianceofCW and… twitter.com/i/web/status/1…

March 8, 2021
ChannelFutures

#MSPs can help businesses deal with #cloudcomputing and #cybersecurity pain points, says @Dreamix_Ltd.… twitter.com/i/web/status/1…

March 8, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X