3 Cybersecurity Pitfalls MSPs Must Avoid
Recently, we talked about how the biggest security threat facing SMBs is employees who commit security transgressions ranging from storing passwords on sticky notes to clicking links or attachments associated with phishing schemes. If you haven’t read it yet, be sure to check out, “Don’t Neglect Your Customers’ Biggest Security Threat — Their Employees.”
Although untrained (or uncaring) employees may be the biggest security threat, there are a few other sizeable ones that can wreak havoc on your customers’ digital assets. In part two of our series, we’re going to focus on three common cybersecurity pitfalls MSPs must avoid.
Pitfall 1: Treating File-Sync-and-Share Apps Like Backup
Apple iCloud, Box, Dropbox, Google Drive, and Microsoft OneDrive have become household names, allowing users to sync their documents, spreadsheets, and media among a myriad of computing devices. Despite sharing a few similarities with BCDR solutions, though, these two solutions were created for fundamentally different purposes.
Enterprise endpoint backup solutions create a secondary copy of data stored on endpoint devices (e.g. laptops, desktops, mobile devices), making it recoverable should the primary data become lost or corrupted. A good backup solution also stores multiple revisions, allowing data and systems to be restored to a specific point in time (see pitfall #2 below for more info about this important feature). In the case of ransomware, it allows users to restore their data to a pre-corrupted state.
Sync-and-share solutions, on the other hand, are designed to make all the data in one environment exactly the same in another environment. For example, if you update a Word document on your tablet, the change is “synced” within a few moments on every Internet-connected computer that contains that same document, as well as in the sync-and-share vendor’s cloud. This is a nice benefit when collaborating on presentations or other documents or starting a project on one device and finishing it on another. But, it’s a major problem when ransomware takes over a computer and encrypts files in a file-sync-and-share app. By the time someone figures out what’s going on, the problem is already widely spread to other devices and to the cloud.
Backup images, on the other hand, are less likely to be targeted by ransomware programs. For those who want 100 percent assurance, an additional backup copy can be added to the process and removed from the network.
Pitfall 2: Failing to Address RTO and RPO Ahead of Time
Although the first pitfall makes the case for backup as a defense against ransomware and other malware, backup isn’t worth much without a good recovery strategy. Specifically, RTO (recovery time objective) and RPO (recovery point objective) must be addressed ahead of time.
For example, let’s say your customer gets hit by CryptoLocker at 4 p.m. If the last backup was performed at 5 p.m. the previous day, that means approximately eight hours of data will be lost in the recovery process. If it costs your customer $3,000 an hour to recreate the lost data, then the total loss comes to $24,000. In such scenarios, paying the “ransom” may seem more attractive than using the backup solution.
MSPs can avoid this scenario by having business continuity discussions with their customers and determining acceptable recovery points and times. This discussion will likely lead to a service level agreement (SLA) that outlines the MSP’s data recovery responsibilities. The upside of the SLA discussion is that it moves the conversation away from questions like, “What’s the cheapest cost we can pay you to back up our data?” The challenge, however, is that it puts the onus on the MSP to meet the SLA requirements, which brings us to the final pitfall.
Pitfall 3: Waiting for a Disaster Before Testing Your Recovery
There are lots of choices when it comes to backup software, and Microsoft and Apple even include backup software with their computer operating systems at no extra cost. Some MSPs use these built-in tools to provide customers with “good enough” data protection on the cheap. There are several reasons this is not a good idea.
First, free and low-cost consumer backup apps offer limited features and functionality. For example, if a customer accidentally deletes a file, you don’t want to perform an entire system image restore to get the file back. In addition to putting the computer out of commission for hours, chances are you’ll be losing other files created or updated since the last image backup.
Next, consumer backup applications are not managed, which is another big problem. Even if the backups work properly at first, there are lots of events that can cause them to stop working, such as software updates and system patches. Do you or your customer really want to validate each computer after every software update to confirm that the backup is still working? This strategy is not sustainable, and it’s definitely not scalable. With a managed BCDR solution, on the other hand, each customer’s computers and servers can be viewed from a web-based portal. If a backup fails, an automated alert lets the MSP know right away. And, in many cases the problem can be fixed remotely.
Additionally, some BCDR solutions allow MSPs to run tests on customers’ backups and verify that everything works without waiting for an actual emergency. To those that have never suffered through a server failure or ransomware attack, it may seem like overkill. But, for those who have, it’s a not just a good idea; it’s a must-have.