MSP Blog Logo

Cyber Security

Business Growth

Sales and Marketing

IT Services


Empowering Your MSP Business to Grow and Prosper—One Post at a Time


Featured Post

The Ultimate Guide to Success in Managed IT Services

What are the fundamentals to building a profitable managed IT services business? Keep reading to discover the four key ingredients for success.

Read Now

Your Biggest Security Threat May Be Your Easiest Fix

Posted October 9, 2014by Hunter Smith

If you wanted to learn about and safeguard against all of the security issues facing your managed IT services business, you’d easily get sucked into a Google search results black hole. In other words, trying to digest the depth and breadth of existing security concerns is as daunting as it is impossible.

So how can you protect your customers and help them increase their own security with this ever-expanding threat landscape? Identify the main problem. I’ve got news for you. It’s sitting not two feet from your desk. Yes, the biggest threat to your clients’ security is your own employees.

Don't Believe Me?

In a recent research report, Infosecurity Europe found that:

26.2% of respondents believe that ignorance among end-users on the importance of protecting corporate data presents the principal challenge. [source] Tweet this stat!

Why? Wouldn’t employees, and especially those in IT, be the most likely to take care of your customer’s data? Ideally, yes. In reality, many people are careless, whether it’s leaving mobile devices with sensitive information unattended or passing around Post-its with login credentials. Just walk around your office, and look for sensitive materials out in the open. The state of employee security is alarming, but the answer is simple: educate.

58.9%, said they felt that information security wasn’t being incorporated into overall IT strategies to prevent future weaknesses being built into existing infrastructures. [source] Tweet this stat!

Do you have a training program in place?

Employee Security Agenda Items:

1. Password security

We covered this subject in great detail in an earlier post. Simply put, effective password management is a critical first step in protecting client data. No more Post-Its! Look into secure password managers to store these confidential credentials!

2. Update applications regularly 

Staying on top of the latest patches and fixes that the software creator has identified is another simple yet effective method to secure company information, both yours and that of customers! Create a regular cadence of checking for updates if they are not pushed out to you and your users.

3. Physical security of devices

When someone leaves his/her desk, make sure he/she either takes devices with them or at least locks them down. This lock down could take the form of physical lock down (locking devices with a desktop lock is one option)

4. Lock device screens

When leaving your desk unattended, lock your device's screen! A simple Ctrl+Alt+Delete does the trick for a PC, and Ctrl+Shift+Eject or Ctrl+Shift+Power works for a Mac. 

5. Educate customer employees on phishing scams 

Check out this blog post for the most popular ones to be aware of!  While the danger of clicking on suspicious links that ask for bank account information seems like a no-brainer, your staff and clients might not understand the difference between annoying spam and threatening scam. 

6. Provide anti-virus update services 

You might be surprised at how poorly many manage their own AV environment. Free up clients’ time and offer to perform these mundane tasks for them!

7. And while you’re at it, offer back up services! 

If you are not doing this already, your clients are at risk. Hope for the best, but plan for the worst. Do you know what to look for in your BDR vendor?

8. Firewall

Ensure Internet connection security, and maintain a secure web presence. Your customers will depend on your services to keep them safe and profitable. 


By the way, these lessons aren’t just applicable to your employees. Take them and educate your customers, themselves. You’re not just their IT techs. You’re their trusted advisors. These are just several suggestions to implement in order to better serve your clients. Can you think of any other examples of IT security bad behavior in the office? How do you correct it in your own MSP practice? Sound off below!


As Chief Information Officer (CIO), Hunter is expected to take Continuum's IT operations to the next level of performance as our company continues its rapid growth and expansion. Most recently, Hunter served as Senior Vice President and Chief Technology Officer for Acadian Asset Management. Prior to Acadian, Hunter held positions at Plymouth Rock Companies as Director of Enterprise Technology Services as well as positions at Hobbs/Madison, MFS Investment Management and CSC Consulting. Hunter has a bachelor’s degree in computer science from Dartmouth College. He is responsible for all IT resources for Continuum’s U.S. and India locations.

Topics: Cyber Security

RMM 101: Must-Haves for Your IT Management Solution
MSP Guide to Managed Services SLAs  [white paper]
comments powered by Disqus