An uncertain world can become a hotbed of cybercriminal activity. In situations like our current climate, users let their guards down and technicians have less control over customer environments as people work from home. The guardrails normally reducing companies\u2019 cyber-risks start to disappear.<\/p>\n
In a previous post, we spoke about the challenges of the current environment and emphasized that practicing sound cyberhygiene has to remain paramount to keep your customers safe. We also gave five tips for helping prevent and deal with cyberthreats through sound foundational security practices. If you want to catch up, you can\u00a0read the post here<\/a>.<\/p>\n Today, we\u2019ll cover another five tips for reducing your cyber-risk. If you want to keep your customers safe, make sure to continue practicing these tactics (or start implementing them if you don\u2019t already).<\/p>\n You can take a lot of steps to prevent cyberattacks, from patching to firewalls to email protection. These preventive steps still need to be put in place, but prevention isn\u2019t enough to protect your customers. You can\u2019t just \u201cset and forget\u201d security\u2014you need to actively monitor for threats and remain vigilant. This could mean monitoring network traffic for potential intrusions, using endpoint detection and response (EDR) tools to monitor for anomalous endpoint behavior, or watching for failed login attempts to prevent account takeovers. Ultimately, if you want to improve your customers\u2019 security postures you need to put active monitoring in place.<\/p>\n It\u2019s impossible to predict everything that can happen in an IT environment. Problems can occur at any time\u2014from someone deleting critical data to natural disasters affecting either business continuity or affecting a data center. That\u2019s why it\u2019s absolutely critical to back up data so you\u2019re prepared for the unpreparable.<\/p>\n With ransomware threats in particular, backup is one of the main lines of defense. Yet, many ransomware attacks will first seek to delete local backups. So it\u2019s important to have a good\u00a0cloud-based backup<\/a>\u00a0in the event you have to restore critical data on someone\u2019s machine. This is even more important as more workers continue operating out of home offices. Make sure to set up your backup solution to automate backups to run on a set schedule. Beyond this, make sure to periodically test your backups\u2019 recoverability\u2014the last thing you want is to be in a recovery scenario and find out your backups have an issue.<\/p>\n Another important point to remember is that many of today\u2019s attacks grow worse due to the increasing interconnectedness of modern IT environments. If ransomware lands on one machine, your goal should be to prevent it from spreading across a corporate network. This can keep a small problem from snowballing into a catastrophic one.<\/p>\n To tackle this issue, make sure to reduce any unnecessary connections. Try to isolate the most sensitive devices or resources from the rest of the network. And make sure team members and end users know not to share credentials. This is particularly critical as cybercriminals target MSPs in their attacks. One account compromise could give the criminals access to multiple businesses\u2019 sensitive data. Try getting a good password manager to help enforce strong password hygiene among your own team.<\/p>\n Cybercriminals shift their tactics regularly. Ransomware victims now have to worry both about getting their data encrypted and potentially having that\u00a0data exposed on public websites<\/a>. Criminals have also changed their targets for ransomware attacks toward smaller governments, often taking those victims offline for days. More recently, criminals have sought to launch attacks by using\u00a0fear around COVID-19 as a hook in phishing campaigns and scams<\/a>. And malicious actors have increasingly come to rely on methods to circumvent antivirus by using malware obfuscation techniques or fileless attacks, making endpoint detection and response tools more important.<\/p>\n The point here is that you want to continue educating yourself and your customers on the latest threats. Knowing the trends in cybersecurity can help you best focus your resources on threats and stay ahead of the cybercriminals. Make sure to educate your users during this time via security training and reminders as well. This gives you the opportunity to not only help them prevent attacks, but also gives you a chance to remind customers of the value you provide.<\/p>\n The previous section mentioned cybercriminals using news around COVID-19 to try to scam users. This simply underscores the importance of email security. Since many attacks begin via email, it makes sense to put in place safeguards against email-borne threats.<\/p>\n For starters, it helps to add an email security gateway to bolster the native security in customers\u2019 native email solutions. For example, SolarWinds\u00ae<\/sup>\u00a0Mail Assure uses collective intelligence from its user base combined with threat intelligence to help take\u00a0email security<\/a>\u00a0to a new level. Additionally, use your user training opportunities to teach customers how to recognize and avoid spam and email phishing. With so many employees working remotely, email security should be thought of as the first line of defense against common threats.<\/p>\n Unfortunately, during times of confusion and uncertainty cybercrime can often increase. Despite this, there are still plenty of steps you can take to help keep your customers secure. So stay strong\u2014your customers need you now more than ever.<\/p>\n <\/p>\n In this piece, we spoke about the importance of password security. This is particularly important for MSPs. If criminals can get the password to a technician\u2019s account, they can often breach multiple customers. SolarWinds Passportal + Documentation Manager is a\u00a0cloud-based password management\u00a0<\/a>system designed to help you maintain password best practices across your MSP team.\u00a0<\/b>Learn more<\/b><\/a>\u00a0about how it can help you today.\u00a0<\/b><\/p>\n","protected":false},"excerpt":{"rendered":" Find out how WFH has thrown the security landscape for many organizations up in the air and get 5 tips to reduce your cyber risk.<\/p>\n","protected":false},"author":24,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-5787","post","type-post","status-publish","format-standard","hentry","topic-security"],"acf":[],"yoast_head":"\n1. Monitor for suspicious activity<\/h3>\n
2. Have a backup<\/h3>\n
3. Prevent attacks from spreading<\/h3>\n
4. Educate<\/h3>\n
5. Stay vigilant against spam<\/h3>\n
Stay vigilant<\/h3>\n