MSP’s are Under Attack

Managed Service Providers are a Target for Hackers, just like our clients

Imagine – if you are a hacker who wants to make a lot of money; why target individual clients when you can target their support organizations instead. Triella, like many IT companies is a managed service provider. Like others, we look after the systems of many clients and as such are required to have a high standard of care to ensure our client’s system are not impacted.

Defining an MSP

An MSP is defined as “a company that remotely manages a customer’s IT infrastructure and/or end-user systems, typically on a proactive basis and under a subscription model”-(Tech Target). With a shrinking labour pool and changes in technology including movement to the Cloud, it makes more and more sense to have an MSP look after your environment.

How do I pick the right MSP?

Often, when companies are looking for a Managed Service Provider (MSP) to assist them with looking after their technology, price tends to be the predominant decision point. Yet there are so many factors that can go into the decision. Often, the services offered for a given price are not even the same. But to a lay person it is easy to mask any differences with vague language and things that sound equivalent. Only after making the decision to move forward will the potential client realize the true nature of the services provided.

To be a good MSP requires a lot of investment – today more than ever, investments in security and infrastructure. These investments can make the difference in price when being quoted by a single person providing service out of their basement and a company of many operating in a downtown office. But this article is not about MSP pricing, it is about the risk to you as a client if your MSP does not do everything it can to protect its own systems – the very systems that manage your environment – in addition to the systems of our clients.  This is one case where shoemaker’s son syndrome could be devastating.

Communication is key

This requires that you communicate all technology changes to your MSP, no matter how small. For example, we have seen clients add Sonos smart speakers, Google Home devices and network connected thermostats to their networks. All of these are exposure points for the network and ways in which a hacker can gain access to systems if they are not properly implemented. So having open communication between what the firm is doing and your MSP is vital. Also having an Internet policy in which people are aware that bringing network connected devices into the network could be dangerous is important.

The MSP itself needs to take steps of their own to protect their environment and by association, the environment of its clients.

7 ways to harden an MSP against attack:

Two Factor Authentication 

MSP’s need to deploy 2FA for all applications that can control or access client related systems, particularly those systems can exert control over client desktops and server systems.

Use Accounts Appropriate to Task 

Use administrative accounts only to perform administration. A normal account should be used day to day. Support personnel should have only the access needed to perform their specific work.

Limit Remote Access 

Remote access to client systems should be limited on client firewalls to the IP of the MSP provider. All other access must be blocked.

Backup Multiple Times per Day 

Backup MSP systems and client systems multiple times a day to limit data loss in the event of a breach. Check the viability of backups daily if possible and weekly at the very least. Checking the viability ensures that the backup will actually work when needed.

Patch Applications and Systems 

When we first started in 2004, we might have received one to two security warnings per quarter. Nowadays, we get at least one notification relating to security each day. Keeping up with all of the patches required to keep our client systems safe is almost a full time job in itself. The desktops, servers and applications of both the MSP and its clients’ need to remain patched as vulnerabilities are discovered.

Firewall Hardening

This involves setting up rules on the firewalls for the MSP and for clients. The rules will block traffic when it is not expected as well as web sites known to have infections. There are a variety of other changes made to the firewall and the associated Wi-Fi network to make it more difficult to access a system from anywhere in the world.

Strong Password Policy

For an MSP we recommend passwords of at least 10 characters for all software, more for critical client centric systems. Use a password management system and change passwords every 180 days. Request for password changes from clients should always be independently verified before making the change. Make sure it is not someone pretending to be the client.

Charles Bennett is the Principal Consultant at Triella.  We are a technology consulting company specializing in providing technology audits, planning advice, project management and other CIO-related services to small and medium-sized firms. Charles can be reached at 647.426.1004. For additional articles, go to our blog page. Triella is a VMware Professional Partner, Microsoft Certified Partner, Citrix Solution Advisor – Silver, Dell Preferred Partner, Authorized Worldox Reseller and a Webroot Reseller.

© 2019 by Triella Corp. All rights reserved. Reproduction with credit is permitted.

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest
Follow us
Subscribe to our newsletter