Guest Column | November 30, 2020

How To Protect Your MSP From Cyber Attacks

By Angel R. Rojas, Jr., DataCorps Technology Solutions, Inc.

Cybersecurity Security Lock

Back in September, the Cybersecurity and Infrastructure Security Agency (CISA) issued their Ransomware Guide to help IT professionals as well as others within an organization who are involved in cyber incident response. Normally, these reports don’t catch my eye since they don’t tread on much new ground but this one stood out, and not for a good reason.

You see, on page 6 of the report, our industry is highlighted as an infection vector for ransomware. Yes, you heard that right, we are an infection vector for ransomware!

Now, before you get upset, take a moment to consider whether they’re right or wrong? Over the past 18 months, we’ve seen an increase in situations where MSPs were exploited to compromise client networks. Because what we do involves tools that have administrative access (our RMM tools, for example) to our client environments, compromising one of us is worth the effort for an attacker. So, how bad is the situation?

According to Bobby Kuzma, Practice Director, Security and Assessment and Testing at Herjavec Group, “Many MSPs are failing in their duty when actually tested.” I asked Mr. Kuzma for the three top mistakes that he finds when evaluating MSPs and their security. Here’s what he shared:

  1. Multi-Factor Authentication (MFA) is still adopted poorly. Many MSPs are failing to enable MFA on their tools when optional or, their tools simply do not allow for the use of MFA.
  2. Password re-use is still rampant.
  3. Admin credentials are attributable to a human. This is by way of the login ID or by users having admin rights on their regular accounts.

Why are we still here and how do we fix it?

Mr. Kuzma elaborated that MSPs and their clients are forgetting the, “verify”, part of “trust but verify”. We are here because we are failing to self-assess and our clients are not holding us accountable (the reason why is the topic for another series of articles I may write in the future).

So, how do you protect your MSP from cyberattacks?

  1. Adopt a cybersecurity standard (NIST, CMMC, etc.) and apply it to your MSP.
  2. Regularly assess the situation – at least annually – by performing a risk assessment (I’ve covered this in other articles).
  3. Address the three top mistakes TODAY!

About The Author

Angel R. Rojas, Jr. is President & CEO of DataCorps Technology Solutions, Inc