MSP Blog Logo

Cyber Security

Business Growth

Sales and Marketing

IT Services


Empowering Your MSP Business to Grow and Prosper—One Post at a Time


Featured Post

The Ultimate Guide to Success in Managed IT Services

What are the fundamentals to building a profitable managed IT services business? Keep reading to discover the four key ingredients for success.

Read Now

3 Ways to Prevent Game Over When Malware & Viruses Attack

Posted July 16, 2015by Ray Vrabel

In last month’s installment of “Better Call an MSP,” I discussed how to identify the current stage of your MSP. This time, let’s focus on how to stay ahead of the game when it comes to malware and virus attacks. It used to be that simply installing an anti-virus or anti-malware program for clients would deliver complete peace of mind regarding computer security and protection. Now, there is a growing trend where hackers are making a living out of exposing and uncovering flaws and gaps within the security protection programs that you and clients have been relying on.
In addition to protecting your clients’ devices by installing reliable and effective software, you also have another layer to think about—ensuring clients are not inadvertently exposed to any unsuspecting viruses. Below are a few possible scenarios that can occur, and how you can work with clients to best remedy a tough situation.

1) Take a Multi-Tiered, Multi-Faceted Approach

Many of us may have the attitude of, “I’ve installed an anti-virus program on my client devices, and now I can just let it do the work.” However, with many new threats exposed within these anti-virus programs that we have come to rely on, that won’t cut it anymore. Take a multi-faceted approach and add on other layers of protection like Unified Threat Management (UTM), anti-malware programs and ensure all patches are up-to-date and secure. Patch management also means fixing patch issues as they occur. Ensure malware programs are regularly scanning -- and if you aren’t running a malware program on clients’ devices, it’s best to add that on NOW. By adding this second piece of software, you are using a whole different set of scanning tools. While there might be a security flaw in one product, by adding additional layers, you aren’t putting all of your eggs in one basket and you’re further mitigating risk.

2) Localize the Issue

Should this type of attack occur on a client device, it’s best to immediately disconnect the user and the device that is experiencing the issue so that it doesn’t spread across multiple devices, branch offices or worse - to the CEO’s PC at company headquarters. The speed at which you react is critical to stop the attack. Here, you are in reactive (rather than usual MSP proactive) mode. Stop the “bleeding” by addressing the problematic device and then focus on ensuring everything is safely up and running. Hopefully your client will have a BDR system in place, and if so, this would then be the time to start recovering and restoring their files if the attack is far along. If they do not have a BDR in place, after the dust settles is the time to have that conversation.

Once the “fire” has been extinguished, be proactive and figure out how the attack occurred or how the hacker got in. Educate clients and their employees on how to best alleviate these situations in the future.

3) Future Education

The best and most proactive plan is educating the user so that this doesn’t occur again. That includes ensuring all programs are up to date, fixing anything that’s not and finding out if everything is patched. If you are doing all of these things regularly, then chances of a repeat attack are very slim. Still, it’s not time to sit back and relax (it never is when it comes to the security of your clients’ system data). There really is no clear cut answer to a 100 percent prevention of any type of attack, but there are ways to lessen the risks. Here are some helpful hints:

  • Encourage employees not to open or download personal emails on company devices, especially zip files that might contain a virus.
  • Work with your Help Desk or NOC for their advice and expertise on alleviating attacks.
  • Work with your RMM vendor or vendor operations groups to ensure you have the latest patches rolled out on all client devices.
  • Remediate any patches that are currently failing.
  • Speak with clients about securing employee browsing habits and possibly installing some type of Web surf control that can lock down pages that might potentially infect devices.

Unfortunately, there are full-time hackers who are great at their jobs, always finding holes in programs that are designed to protect your clients’ devices. So, there is really no fool-proof answer to preventing attacks but, if you and your clients follow these steps, establishing a multi-faceted layers of defense, you are minimizing the risks of bringing clients’ businesses down.

Have an idea for our next Better Call an MSP blog post? Leave a comment below!

The preceding blog post was taken from Ray's guest series on SMB Nation's Blog.

Read more Better Call an MSP!


Ray Vrabel is Continuum's Director of Technical Account Management and participates in product and service growth initiatives, and also manages Continuum's Technical Account Management team, which supports over 3,500 partners worldwide. Prior to Continuum, Ray joined Zenith Infotech in 2005 and held several positions including Service Desk Manager, Sr. Technical Account Manager and Sr. Manager of Service Operations. He currently has over 15 years of experience in the IT industry, specializing in Managed Services, Disaster Recovery, and Cloud Solutions. Prior to Continuum and Zenith, Ray worked at ANH Refractories, a world-class provider of Refractories products, in their Service Desk Department supporting 53 locations and 1,500 employees. Ray also worked for a startup venture at Body Media a pioneer in wearable body monitoring systems as a technical lead in their Technical Customer Support Department. Ray holds a Bachelors of Science in Business Technology Support and Training from Indiana University of Pennsylvania.

Topics: Cyber Security

RMM 101: Must-Haves for Your IT Management Solution
MSP Guide to Managed Services SLAs  [white paper]
comments powered by Disqus