Last year started off with a new strain of Ransomware, that was rapidly spreading across the internet called WannaCry. This was a ransomware that was different from ones in the past, because it could spread rapidly though unpatched systems and encrypt them. This risk was mitigated if you had proper use of system-wide updates and patches which are utilized in tandem effective antivirus and backup systems.
This wasn’t the only major threat, we had hackers for hire known as the Shadow Brokers, NotPetya, CIA Hack tools leak, Equifax user information breach and a file was discovered on the dark web for sale with 1.4 Billion hacked and leaked accounts.
Towards the end of the year we learned about Specter and Meltdown; that nearly every computer processor manufactured in over a decade is vulnerable and this could be used to compromise any security effort, what’s worse is the fixes have proven to be difficult, unstable and there is a lot of confused and misleading information on what is fixed and still at risk.
For years, we have told you about the value of a MSP (Managed Service Provider) over the traditional break fix model, and that has proven to be a great improvement for security, reliability and helped to align business and technology needs, things are changing.
The MSP tends to focus on the technology, and usability which is a critical and important aspect of keeping you safe, but with the ever-increasing threats this posture falls short. The MSSP changes the conversation to security and threat detection and mitigation.
Ask your MSP if they can...
- Detect unauthorized logins or attempts to restricted computers;
- Identify a new user profile suddenly added to a dedicated system;
- Detect, and alert whenever a new application is installed;
- Get alerted to unauthorized wireless connections to the network;
- Notice that a new user was just granted administrative rights or granted access to new security groups;
- Detect an unusual midnight log-in for the first time by a day-time worker;
- Continuously scan for and rate security risk based on CVVS (common Vulnerability Scoring System) standards and help you make informed decisions about those risks;
- Have end user security training solutions.
An MSSP is focused on providing a security solution based on what is happening in your environment and how data flows in and out of the client’s network. This information is then used to generate actionable intelligence that can be remediated by the MSSP or a MSP. The key piece here is the ability to provide the insight needed to proactively make changes to policies and procedures to prevent security incidents that might result in breach, data loss, or any other incident that could negatively impact a business.
It’s important to continuously challenge your IT partner and your security posture. If you are not comfortable with the answers, then it’s time for a review of your infrastructure.