MSP’s……Helpful or Dangerous

Are Managed Service Providers getting sloppy?   Are we more danger to our clients than helpful……. ?

Over the past few months you may have heard of Managed Service Providers (MSP), being targeted for Ransomware. Theses attacks use a MSP’s system to mass infect several of their clients, and in some cases all of the clients, they monitor and protect.

Network Advisor Q is sad to say this is very true and is an ongoing battle to protect ourselves and our clients we serve.   Because we will never say this cannot happen to us or our clients, Network Advisor Q is and has taken several precautions to prevent and prepare for such incidents.

Some prevention measures:

  • Start enabling 2 factor authentications where possible
  • Change up your passwords so no 2 sites use the same password
  • Lock out and remove any past employee access
  • Remove old software that is no longer used
  • Have a good firewall
  • Do not answer or even click links on suspicious emails
  • Check with your insurance company regarding “Cyber Security Coverage”
  • Backup, offsite and encrypted, if not already doing so. And spot test restoring data
  • Check with you provider to see if they are covered and what security procedures they have in place.
  • Create a plan for system outages and or data loss.
  • Find out how long it would take to get back up if data needed to be restored

These new ransomware deployments systematically attack.  Destroying backups, turning off alerting and disabling the Antivirus.  Then it encrypts your data for hostage.

Now not even saying you have a backup could be good enough.  MSP’s and clients need to test the protections we have in place.  Make sure we are getting good backups.  Make sure those are protected and can not be easily compromised.

All businesses need to take up measures to not only protect themselves against ransomware and attacks.  Prevent the fallout caused to your clients and their clients because you may have been targeted and your data has been compromised and you can no longer service your clients.

These attacks are not just a possible loss in data and money but are against the law and in such a manor, all attacks should be reported to the proper authorities for investigation.

At NAQ. we have been getting targeted processes in place for such scenarios….

  • Notifications to clients
  • Updates regarding the situations
  • How ransomware infiltrated a system
  • How to re-mediate it properly

We not only have process in place, but data recovery and system repair companies, we now can work with to re-mediate and repair our clients if such a large-scale attach would happen.

NAQ has been implementing procedures and spot tests for our systems and our client’s systems.

 

Can you say your backup systems work properly?

 

Have you tested for an actual event?

 

 

The ability to keep you notified and informed of incidents that are happening are key to a smooth recovery from a disaster if ever hit.

 

Please feel free to ask and see what we can do for you to help you become better protected and covered with today’s technology.

 

Below an in-depth article regarding this new threat.

https://www.houstonchronicle.com/techburger/article/Managed-service-providers-are-ransomware-hackers-14441149.php