Connectivity everywhere, ever more powerful devices, everything moving to cloud—businesses are enthusiastically embracing the flexibility and work-from-anywhere possibilities. And yet significant risks lurk under the surface, including scary, not-so-secure home networks, and bad actors looking for new ways to exploit security gaps.
As an MSP, how can you help your customers embrace the work from anywhere economy while minimizing the risks? In this webinar, Todyl Marketing Chief Brett Schklar joins Todyl CEO John Nellen, Todyl Channel Chief Darrin Swan, and Galactic Advisors Chief Security Officer Bruce McCully to discuss five critical problems in the MSP security stack and what MSPs can do about them.
- 1. Gaps that bad actors exploit
The current threat landscape reflects our new remote work reality, and MSPs must be on their game. Across the board, we see an increase in exploitation of public services like SaaS applications and remote desktop protocols (RDPs), ransomware attacks, and social engineering efforts to exploit poor processes and workflows. To counter these threats, John advises that MSPs should pay attention to:
- Visibility—understand your customer’s risk factors, user risk profiles, and traffic types, and make sure you can see, understand, analyze, and act on traffic patterns
- Connectivity—monitor the much larger attack surface created by the increase in connectivity
- Segmentation—implement and manage very granular WAN and LAN segmentation to reduce the attack surface area and minimize lateral movement
Bruce noted that having tools like a perimeter router might not be enough. If the tools aren’t set up and configured properly, or there’s not enough staff or time to review the outputs like alerts and logs, then the risks remain. MSPs should work on protecting their own business first> If needed, they should seek expert advice on how to build a comprehensive, scalable security stack. Then, they can help their customers with the lessons they’ve learned protecting their own business.
- 2. No Office
When we all can work from anywhere, there’s no longer an office, so you have to redefine how you control networking and connectivity. To do this, MSPs can focus on things like mandatory encryption and isolation. John suggests that MSPs also monitor and manage quality of service and delivery, to make sure that users get the experience they need to be productive (and are less likely to seek out risky workarounds). Taking a comprehensive approach to security that extends beyond a standard VPN and firewall to address the full threat landscape means MSPs can be of greater help to their customers.
- 3. No perimeter
With work from anywhere and devices everywhere out in the wild, perimeters as we have known them disappear. MSPs must be able to identify and prevent problems before they occur, as well as counter bad decisions by end users. Bruce says that for MSPs, it must start with the ability to see when someone is trying to move laterally inside the environment. For Darrin, tools to create isolation are critical. And John noted that, in a distributed environment, MSPs need solutions that let them see what’s happening and collect and correlate information at both the network and endpoint level.
- 4. Lack of balance between productivity, connectivity, security, and compliance
MSPs have a big opportunity now, according to Darrin, to become advisors to their customers’ businesses. Embracing all the benefits of cloud-enabled digital transformation comes with risks like ransomware and other security breaches that can lead to significant impacts on a company’s reputation and bottom line. MSPs are well positioned to help their customers proactively assess and address those risks. The work can start with building a simplified approach that balances the competing demands of productivity, connectivity, security, and compliance, all while protecting a business’s revenue stream.
- 5. Lack of a security-first program
Pivoting to a security-first program for clients may be one of the most strategic moves an MSP can make. Bruce advises that MSPs start with their own business. For example, you could move your own systems to cloud. Learn what the issues are and the pros and cons of different approaches. Once you’ve figured out what that transition is like and how to secure your own business in the cloud, then you can apply that to your customers. Darrin agrees that, above all else, you will need a unified, consistent approach that can scale as you and your customers grow.
Bonus topic: what’s the future like for MSPs?
Wrapping up the discussion, Bruce, John, and Darrin shared their thoughts on the future for MSPs, including the impact of 5G, the growing area of third-party risk, industry consolidation, and how MSPs can continue to bring down the cost of labor while still growing their client base.
Watch the webinar now to learn more about what our experts see in the future for MSPs.