These days, the constant connectivity and convenient access to online information make it more important than ever for organizations and individuals to take proactive precautions to stop phishing, ransomware, malware, fraud, and other attacks. But despite general understanding that cybersecurity is essential for conducting business today, 71 percent of small- and medium-sized businesses (SMBs) report they don’t feel ready to address an attack, according to a Webroot-commissioned study on SMB cybersecurity preparedness.
Part of the reason why SMBs find it difficult to protect themselves is because modern cyber threats attack businesses indiscriminately and use multiple methods and threat vectors to succeed. By combining a range of threat technologies, deployed over numerous stages, cybercriminals maximize the likelihood of infection success. Even so-called “next-generation” endpoint security tends to focus on stopping an infection only after it has reached the endpoint, not preventing it from reaching endpoints in the first place. So, what’s a modern business to do?
5 Tips to Help MSPs Achieve a Multi-Layered Cybersecurity Strategy
1. Deploy Multi-Vector Protection
Since cyber threats are now coming at businesses from all angles, the cybersecurity solution you provide needs to be up to par and protect your clients’ blind side. Single-vector protection can only stop threats at one stage of an attack, and won’t keep your clients safe. You need multi-vector protection that protects devices and users across all the stages of an attack, and prevents infections that come from email, browsing, files, URLs, ads, social media, and connected devices like USB drives, as well as other blended threats with the potential to deliver malicious payloads.
2. Stop Threats Before They Reach Clients
Uncontrolled internet access is a high-risk activity, but internet proxy solutions are expensive to maintain and manage, while cost-effective alternatives are few and far between. When MSPs leverage an intelligent remote monitoring and management (RMM) solution that’s coupled with antivirus, you can gain better insight into which endpoints require immediate attention while addressing issues faster to stop threats at the source. Additionally, a cloud-based, domain-layer protection solution can help MSPs secure clients’ users externally, rather than relying solely on endpoint protection, ensuring most internet threats are contained before they even reach clients’ networks.
3. Lean on Education
Did you know that phishing is behind 90 percent of security incidents? What’s more, over 97 percent of phishing emails deliver ransomware. If your clients are going to stay safe, they need to know how to spot suspicious emails, links, websites, etc.
For most businesses, the first line of defense starts with its employees. Therefore, cybersecurity training and education should be a key component to your strategy. When employees are properly trained on how to navigate the modern threat landscape, they will understand how to assess vulnerabilities, secure their network and endpoints and mitigate security incidents.
4. Practice Good Hygiene
Nearly 80 percent of the cybersecurity risks your clients face can be drastically reduced by basic and continuous maintenance. Maintain up-to-date antivirus and antimalware on all endpoints; always patch applications and operating systems in a timely manner; don’t forget to include a strong firewall; and consider segmenting clients’ networks to protect critical operations.
Although this may sound tedious, it is essential to providing that multi-layered security solution your clients need. The good news is that most MSPs don’t have to do this maintenance all on their own. If you leverage an RMM platform that’s integrated with a network operations center (NOC), you will have a dedicated workforce that provides 24x7x365 monitoring and maintenance for you, ensuring that no patches are missed and every box can be checked.
5. Implement Strong Backup Policies
Even clients using multi-vector endpoint protection can still fall victim to ransomware infections. However, MSPs can fight back against ransomware by recovering infected data and minimizing downtime, and the best way to do this is by using a cloud-based backup and disaster recovery (BDR) We recommend you back up data and systems in at least three different places: main storage area (file server); local disk backup; and mirrors in a cloud-based BDR service, so your clients can enjoy true peace of mind knowing that business continuity will be maintained should they get hit by ransomware.
As an MSP, your clients trust you to keep them and their business safe. With these five tips, you can provide the security they need, empower them to become more security savvy, and streamline their operations by freeing them up to focus on non-IT related tasks.
Webroot is the titanium sponsor for the upcoming Navigate 2017 conference in Las Vegas! If you’re looking to learn more about SecureAnywhere® DNS Protection and see multi-vector protection in action, stop by Webroot’s booth.
By Gretchen Hoffman
By Paula Griffin