Are We Thinking about Security Services the Wrong Way?

October is National Cybersecurity Awareness Month (NCSAM), so it’s a good time to reflect on how well protected you and your customers are.

Over the past year, we’ve seen quite a bit of upheaval as IT providers around the world had to quickly shift workforces to remote working overnight. This meant needing to deal with end users connecting to corporate networks and resources from home networks with varying levels of security—and with connected devices that introduced unknowns. As quarantine restrictions eased (and in some cases, continue to ease), IT providers also had to deal with return-to-office plans and the slew of challenges that come along with them. Meanwhile, cybercriminals took advantage of the confusion via phishing schemes that used health information as a lure.

In short, this year has been marked by challenges. And in fact, while these challenges were sudden, most were simply extensions of existing trends hastened by critical circumstances. Now that it’s NCSAM, it’s worth asking—what does it take to meet these challenges?

Are you consulting? Or selling?

Before we dive into the nuts and bolts, it’s worth taking a step back and asking what role you want to play. With many MSPs inheriting their sales process from IT sales—which can allow people to buy specific configurations of software, hardware, and services without losing anything critical—many continue selling security in the same way.

However, as a trusted consultant, your job involves solving problems, not selling solutions. Businesses need security and want to reduce their risk. If you sell or deliver a piecemeal package, such as firewall protection, patching, AV, and backup only, then you may be doing your customers a disservice. They could have gaps in their email protection where threats could slip through, or lack defenses against persistent threats gained via living-off-the-land attacks.

So what’s in your security stack? What steps should now be considered bare minimum for customers?

Important elements of a security stack

The basics certainly apply. You still need firewalls (although next-generation firewalls are better), and you need to keep up with patching. In fact, the need for patch coverage has expanded, as teams now have to maintain more remote working systems—and do so on a more regular basis—in addition to the upkeep of onsite infrastructure and systems. Additionally, you’ll want to continue using a strong cloud-based backup system to protect your customers—and you’ll want to offer regular recovery testing.

However, these alone won’t cut it.

For starters, despite the fact that email has been a top attack vector for cyberthreats for years, many businesses still try to rely on the native email security in some email services. Many services have native email security that often operates on limited information from their own userbase. Plus, cybercriminals can focus on flaws within individual services to try to attack specific customers. It’s important instead to make sure your customers have email protection added on top of the native security. An independent email security gateway like SolarWinds® Mail Assure can bolster defenses, help improve protection by drawing from more data sources, and even help increase uptime by providing 24/7 email continuity—even if the primary service has an outage. This year in particular, we saw an uptick in spam and phishing schemes designed by cybercriminals to take advantage of uncertainty around the pandemic, which simply underscores the need for far more robust email protection for businesses.

Also, with the shift toward more cloud services and remote work, password security has never been more important. It’s crucial for employees to maintain strong, fresh passwords, and it’s important for IT providers and security providers to have the ability to quickly grant or cut off access as needed to deal with threats. So consider using a password manager to enforce password best practices as part of your minimum viable security stack. Account takeovers can cause serious damages, so if you’re not making sure your team uses strong passwords and that access rights are strongly policed, then you’re potentially leaving the door open to serious problems.

Additionally, now’s the time to start looking beyond antivirus solutions into endpoint detection and response (EDR) solutions. Over the past several years cybercriminals have rapidly innovated, finding ways around traditional antivirus solutions—everything from polymorphism to fileless attacks. While AV solutions may try to keep up, criminals will continue trying to find new ways to compromise devices. A good EDR solution uses AI and machine learning to root out suspicious behavior on endpoints, often helping prevent emerging threats that a traditional, signature-based AV won’t catch.

Is it time to up your game?

For National Cybersecurity Awareness Month, it may be time consider what role IT providers play in securing their customers. As experts, your job involves keeping customers safe, not selling them individual security products. And while some may not fully grasp the need for all these security layers, IT providers will have to work to convince them that a higher level of protection is now needed to meet the security risks of the moment. This benefits you—as you can sell more security services—but it also benefits customers by keeping them better prepared for the security risks of today.

Earlier in the post, we mentioned that password security plays a crucial role in keeping customers safe, particularly with distributed workforces accessing cloud resources. SolarWinds Passportal™ allows users to quickly generate strong, highly encrypted passwords and lets you enforce password best practices across your team. Find out how it can help you by requesting a free demo today.

Guest blog courtesy of SolarWinds MSP. Read more SolarWinds MSP blogs here.