https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

Security


What MSPs Must Have for Customer Cloud Security

  • Written by Derek Handova
  • February 8, 2017
With many MSPs responsible for a great and growing number of customer public cloud instances, it has become impossible to manually maintain security on them all.

In outsourced cloud computing services, public cloud Platform as a Service (PaaS) providers only ensure security on the outside of the cloud—not inside. For security inside the cloud, PaaS users have to take matters into their own hands. While that should concern all public cloud denizens, for managed service providers (MSPs) the issue gets magnified by the number of customers on their Software as a Service (SaaS) solutions.

“It’s the most important practice for security practitioners to do everything to minimize risk of SaaS infrastructure security gaps within their own organizations first,” says Chris Carter, CEO, Approyo, a global SAP solution provider. “Some of the most important steps can help security managers tighten cloud security and keep their organizations safe by leveraging Cloud Access Security Brokers—CASB. These tools help executives find unauthorized applications and manage risk across all their clouds.”

And with many MSPs responsible for a great and growing number of customer public cloud instances, it has become impossible to manually maintain security on them all. However, continually monitoring security and configuration vulnerabilities exists as a mission-critical item to cross off the MSP checklist. How to accomplish it has yet to receive an answer. Talkin’ Cloud reached out to industry thought leaders to ask what they think. What follows remains anecdotal and does not purport to cover all aspects of the subject. If something significant got left out, leave a comment. Let’s discuss it.

The ‘In’ Crowd Source

With large public cloud PaaS providers like Amazon Web Services (AWS) and Microsoft Azure busy battling for control of the internet business of governments and Fortune 500 companies, they may have overlooked prospects of the MSP market—and its ecosystem of startups. While inside-out-only security seems just fine for those large customers—who have their own legacy business IT departments to worry about internal security—it does not come close for MSPs and the Internet of Things (IoT) and billions of device events headed their way.

“Even the most secure cloud providers only offer security of the cloud,” says Matthew Fuller, co-founder, CloudSploit, provider of automated AWS security and configuration monitoring. “The user is responsible for security in the cloud. As groups, roles and devices change, oversights and misconfigurations open vulnerabilities that can lead to outright hacks or financial DDoS.”

To help solve this issue, continual monitoring of AWS instances can prove effective. For example, CloudSploit customers can run tests that they choose or want to create and as frequently as desired, according to Fuller. And if they find issues, CloudSploit alerts designees, keeping records of findings, detailed issue descriptions and likely resolutions, according to Fuller.

“Security experts from around the world contribute to CloudSploit,” Fuller says. “It is an open source project with goal of increasing compliance with best practices to protect MSP infrastructure and customer information.”

Benchmarks, Shared Responsibility and Control Planes

With MSPs overwhelmed by information technology (IT) applications duties and customers at best novices about cloud security in many cases, exactly how it must get done remains dubious. Agreement as to the course of action and who has onus for completion must take priority before establishing SaaS defense—and before a cloud exploit comes into existence.

“The cloud provider shared responsibility model places a security burden on enterprises consuming services,” says Dave Ginsburg, vice president, marketing, Cavirin, provider of security and compliance across physical, public and hybrid clouds. “But, in some cases, IT will not have the processes or expertise to properly mitigate risk. The result may be a breach that could have been prevented or reluctance to move critical applications to the cloud, creating competitive disadvantage.”

What MSPs and cloud customers need remain consensus benchmarks to properly share responsibility for their respective pieces of the security pie. The fact that cloud workloads now exist in constant flux—exacerbated by virtualization and containers—makes it even more critical, according to Ginsburg. But how do you gauge performance of how the parties divide the responsibility?

“Therefore, enterprises require continuous visibility into their security postures and one set of tools designed to test against benchmarks that include NIST, CIS, PCI, HIPAA and FISMA,” Ginsburg says. “Tools deployed by the enterprise should support these and have full visibility into different AWS services via APIs. The same applies for Microsoft Azure, Google Cloud Platform and others.”

Fortunately, many public PaaS providers including AWS have issued security best practices for hardening cloud instances that align with CIS. And MSPs can employ third party compliance solutions to help implement them. In addition, both AWS and Azure provide sophisticated tools to secure access to their control planes.

“A control plane compromise is generally worse than a server compromise, as control planes provide access to servers as well as direct access to the account,” says Jarret Raim, head of strategy and operations, Rackspace Managed Security. “Rackspace tools like CloudTrail from AWS will surface the changes made to the control planes and should be monitored for abuse.”

Points of Demarcation

Hand-in-hand with the cooperation that must exist between MSPs and customers when it comes to security, a boundary must delineate where each has total responsibility in cloud defense. And it cannot come as an afterthought. Security among MSPs and customers needs careful planning built in the beginning, with proper resource liaising a must, according to cyber infrastructure experts.

“Security management is a key prerequisite for driving a cloud strategy,” says Steve Hanney, chief cloud officer, Presidio, an IT solutions provider focused on digital infrastructure, cloud and security solutions. “And with vendor management from the outset paramount, there must be a demarcation of responsibility defined between MSP and customer.”

After creating customer security rules of engagement, MSPs can craft secure and compliant environments that protect services and data seamlessly, end-to-end throughout the relationship lifecycle, according to Hanney. This secure network access control—secure infrastructure—establishes appropriate predefined traffic rules using firewalls, network policy engines and secure tunnels between customer on-premises data center environments and off-premises MSPs, paraphrasing Hanney, with reference link provided by Cloudscene.

Blacklisting vs. Whitelisting

As the off-premises cloud solutions concept takes hold, the trust model of internet connection must change, in the view of some IT experts. Whereas a presumed-innocent-until-proven-guilty mindset that attempted to fingerprint black hats upfront has prevailed among many security experts until now, the explosion of links in cloud computing has made more cautious practitioners dissent and opt for a trust-but-verify stance to identify white hats in advance.

“The cloud is becoming a set of computing utilities and will be as essential as the electricity grid,” says Amir Sharif, co-founder, Aporeto, provider of comprehensive cloud-native security for deploying and operating cloud-native applications. “Like any critical service, security needs to be part of cloud infrastructure and automatic. Protecting individual data assets in the cloud requires a whitelist security model, only allowing intended connections, instead of the existing blacklist model, where all links are implicitly allowed unless explicitly prohibited.”

Implementation of this security model requires a robust policy regime where application and personal intention get captured, if possible, and described easily, according to Sharif.

Password Reuse and Brute Force Attacks

As many know, the internet has become increasingly hostile, with cyber criminals targeting poorly secured hosted services. For example, at MSPs and other hosted services, applications can come under attack from old-fashioned hacking attempts like password reuse attack and bruteforce attack. This poses particular problems for MSPs that use remote monitoring and management (RMM) solutions to administer customer accounts, according to MSP security experts.

“The most likely RMM compromise is a password reuse attack,” says Ian Trump, global security lead, SolarWinds MSP. “This scenario led to account compromise in hosted services like GitHub and others. Also, this attack is the easiest to mitigate. By simply enabling Two Factor Authentication (2FA) protection of your RMM dashboard, it easily prevents account compromise in event your password falls into hands of the bad guys from a previous data breach.”

Brute forced weak passwords guessing attacks of RMM accounts remain the next most likely MSP exploit, according to Trump. But SolarWinds always offers 2FA options to customers to mitigate successful guesses by hackers, according to Trump.

And MSPs can prevent further hacking by banning IP addresses of where brute force attacks emanate, according to Trump.

Tags: Cloud Service Providers Digital Service Providers MSPs VARs/SIs Cloud Security

Related


  • Magnifying glass focused on the word exposed
    Over 6,000 VMware vCenter Devices Exposed by Critical Vulnerabilities
    VMware said updates are available to remediate these vulnerabilities in its affected products.
  • supply chain security
    Three Ways MSPs Can Improve Supply Chain Security
    Prioritizing supply chain security defenses can also be a significant competitive advantage for service providers.
  • Unveil
    Devo Technology Unveils First Partner Program for Resellers, MSSPs, SIs
    Devo says its platform is ideal for Fortune 1000 and Global 2000 enterprises across all industry verticals.
  • A digital cloud
    Infoblox Cloud Specialization to Help Partners with SaaS Sales
    The program marks a big step in the execution of Infoblox's SaaS go-to-market (GTM) strategy.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • AppNeta Launches Global Alliances Program
  • Cybereason Hires Check Point, Fortinet Channel Leaders in North America Expansion
  • Andy Jassy of AWS Is Movin' On Up: Partners React
  • UK Channel Expects Big Growth in 2021, Cybersecurity a Big Driver

Galleries

View all

From The Second City: How to Use Improv as a Business Tool

March 3, 2021

Industry Perspectives

View all

Multi-Cloud: Strategy or Inevitable Outcome? (or both?)

March 3, 2021

Backup Vulnerability: 4 Targets Hackers Might Utilize to Infiltrate Your Backup Solution

March 2, 2021

The “Roaring 20s” Are Coming

February 25, 2021

Webinars

View all

A Partner’s Perspective on Channel Success in 2021

March 23, 2021

XDR and Why it Matters to MSPs

March 24, 2021

Top Security Trends Impacting Technology Security Providers In 2021

March 25, 2021

White Papers

View all

Why Fortinet for my MSSP?

March 2, 2021

Small and Mid-Size Business Security: 4 Steps to Success

March 2, 2021

How SMBs Can Secure Endpoints and Remote Workers for the Long Haul

March 2, 2021

Upcoming Events

View all

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

Kelly Leonard of @SecondCity talks to us about how improv can be used as a business tool to improve the company cul… twitter.com/i/web/status/1…

March 4, 2021
ChannelFutures

Another amazing day at #CPVirtual. Here's what you missed and what's on tap for Day 3. @Channel_Expo… twitter.com/i/web/status/1…

March 4, 2021
ChannelFutures

Learn how @VMWare can help you build and deliver a #multicloud strategy. #hybridcloud #cloud #AWS… twitter.com/i/web/status/1…

March 3, 2021
ChannelFutures

Learn about the merging of our media websites; plus, a new #MSP Summit this fall. @Channel_Expo… twitter.com/i/web/status/1…

March 3, 2021
ChannelFutures

.@KnowBe4 acquires @MediaPROInc to beef up #cybersecurity training. dlvr.it/RtvdpB https://t.co/FzseCn4K6A

March 3, 2021
ChannelFutures

#COVID19 is ramping up #socialengineering – time for MSSPs to step in. @Electric_AI dlvr.it/RtvRQc https://t.co/ebTJNJcOxz

March 3, 2021
ChannelFutures

.@pluribusnet launches expanded, simplified partner program. #SDN dlvr.it/RtvGtQ https://t.co/bRDqYLEhXJ

March 3, 2021
ChannelFutures

#SupplyChain agility is changing global distribution patterns and #ictservices, says @NeecoICT.… twitter.com/i/web/status/1…

March 3, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X