MSPs: Stop Ignoring These Common Security Threats

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://mspmentor.net/infocenter-cloud-based-file-sharing/092315/msps-stop-ignoring-these-common-security-threats

Since important information storage started shifting from file cabinets to
computers to cloud-based file sharing, companies and businesses across
industries are staggering under the weight of managing—and protecting—more
and more data. Overwhelmed by the sheer volume of information they need to
collect and store, businesses too often don’t have a firm grasp on how to
best protect their often-sensitive data from outsiders. In fact, Verizon
estimated that 2,122 data breaches occurred in 2014, with 80,000 incidents.
Here’s where managed service providers (MSPs) step in.

MSPs can allow their clients to focus on their business instead of their
data by helping them to assess potential chinks in their security and
either offering them advice about how to better protect their information
or increasing the security of the data stored on the cloud. Providing this
invaluable assistance will help both to build trusting relationships with
your clients and boost your brand’s reputation.

Advise your client’s IT department about what they can do to protect
themselves against common security missteps that Network World reports are
ignored far too often.

Minimize Employee Error

All employees, from vice presidents to copy room attendants, need to
understand and take security seriously. This includes carefully monitoring
everything from company laptops to personal cell phones. Malware on
personal mobile devices has been known to infect entire offices. Clients
should have the capability to quickly target and remove malware – remotely,
if necessary. They should also be sure to create a separation between the
personal and the professional with secure network connections and
encryption.

Entrust as few employees as possible with out-of-office devices containing
sensitive information. These devices can easily be stolen when left
unattended. Minimize the risk of stolen data by ensuring that all devices
are password-protected and that the most sensitive data on them is
encrypted.

Test and Repair Security Software

In this rapidly changing digital environment, even the most
state-of-the-art programs can soon become outdated or reveal fatal flaws.
It’s vital to regularly test and update security essentials such as
firewalls and web filters, as well as to have an expert on-hand to
configure software correctly. Ensure that your clients install the best,
most effective, and most modern firewalls. Assign a knowledge
security-trained staff member from the MSP to configure it correctly in
order to optimize its performance and to install and set up a web filter
that blocks online malware by analyzing URLs. Simplistic web filters won’t
protect against modern malware, which is often hosted on real websites.

Block Outsider Access to Email and Internet

Two simple fixes for many companies’ data breach problems are to encrypt
email and secure all Wi-Fi networks, allowing only restricted access to
valuable information. It’s increasingly easy to encrypt email: many email
providers have built-in encryption options, or you can download add-ons or
software that will do the job for you. A few websites also offer
encryption, but this gives a third party access to your information.

Install Protections on Macs

The increasing popularity of Apple devices, especially in many creative
industries, has led to more sophisticated attacks on these previously
untouchable devices. Macs are not immune to malware, ransomware, or
viruses. Remind your clients to protect them with the same diligence they
would a PC.

Help your clients to implement these simple yet effective strategies to
assess their vulnerabilities and protect their systems against potential
threats.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!