8 Data Protection Best Practices for MSPs Serving SMBs
Every company manages sensitive data, and that data is a target for theft. While larger companies receive most of the media attention when they experience a breach, there are far more SMBs out there and they typically have less sophisticated, or even non-existent, data protection solutions at their disposal. This makes them prime targets, and they are often at higher risk than their larger counterparts without even being aware of it.
Why Data Protection Matters
Once considered mundane administrative tasks, data backups have become mission-critical to Small and Medium-Sized Businesses (SMBs). This is based on several factors:
- Increased data. The amount of global data created, consumed, and stored is anticipated to grow 1 to 97 zettabytes by the end of 2022, according to Statista.
- Costly data breaches. Research from Ponemon Institute shows that the average cost of a data breach has risen to $4.24 million.
- More remote users. Today’s more prevalent work-from-home culture has increased IT risk, since administrators can’t restore users’ devices quickly in the event of critical data loss.
- Emerging mandates. Global data privacy regulations continue to expand rapidly, resulting in companies becoming laser-focused on data breach prevention.
How to Protect Your Client’s Data
With the increased importance of data protection to organizations of all sizes, here are eight best practices you can recommend to your clients right now to maximize your data protection offering.
1. Reduce Content Sprawl
A simple—and relatively inexpensive—way to improve data protection is to reduce content sprawl. To start, reduce the amount of redundant, obsolete, and trivial (ROT) data that your organization manages. This dramatically improves user productivity, because users spend less time searching for the files that they need.
To put the magnitude of content sprawl into perspective, Egnyte’s Cybersecurity Trends for Mid-Sized Businesses found that the average mid-sized organization manages between six and 15 data repositories, and a Splunk report found that up to 55% of stored data can be considered redundant, obsolete, trivial or dark (“dark data” refers to stale or unused data). So, for every 20 files that an organization stores in its various repositories, only nine of those files can be considered current.
By reducing content sprawl, you not only improve the user experience, you also dramatically reduce your client’s potential cyber-attack surface.
2. Restrict Users’ Access to Information
With so many employees changing positions as a consequence of The Great Resignation, it has become even more important to restrict users’ access to data. As a general rule, limit access to only the files the user needs to do their job. For example, employees in the marketing department should have access to their individual payroll information, but those employees shouldn’t have access to payroll information for the company as a whole.
That example might sound far-fetched until we consider that in most data repositories, individual users can give colleagues and business partners access to sensitive folders and files. As someone with a very common name, I’ve frequently been added to repositories that I shouldn’t have been added to, simply because there was another user at the organization with the same name.
For your reference, here’s a real-world example of “need to know” access control guidelines, from the University of California, Berkeley.
3. Comprehensively Inventory Your Data Repositories
As the adage goes, you can’t protect data that you can’t see. To improve visibility, conduct a comprehensive review and inventory of your client’s current data repository infrastructure. This will help identify potential shadow IT implementations.
In this case, you’ll need to combine traditional technological approaches like audits and network scanning with in-person outreach. Rather than trying to push a one-size-fits-all approach, you’ll want to consult with your clients to understand how they are using their data repositories so you can make recommendations on how the repositories can be secured more effectively. This can also give you important insight into any shadow IT your clients may be using.
4. Restrict File Sharing in Content Collaboration Services
Content collaboration services like Microsoft Teams and Slack have revolutionized the way that we share content with colleagues and business partners. But, such solutions can lead to content sprawl and unsafe content-sharing practices if they aren’t managed effectively.
Educate users about the need to share links to files instead of file attachments when collaborating. And when you offboard a particular user, remove their access to any content collaboration solutions immediately—such solutions pose significant IT risk and provide an attractive target to potential cyber-attackers.
To put that advice into perspective, a recent study by Microsoft found that up to 10% of Active Directory users can be considered inactive, based on end users’ login timestamps. For a company with 200 end users, that means up to 20 of their Active Directory accounts could be accessed by cyber-attackers or former employees!
By restricting file sharing in those services, you’ll reduce your file storage clutter and improve your security posture.
5. Incorporate Data Backup into Your Incident Response Plan
Data backup procedures need to be memorialized in your company’s incident response plan. Although that recommendation might sound like common knowledge, a study that appeared on ContinuityCentral.com found that an unbelievable 58% of data backups fail, leaving those companies’ data unprotected.
To prevent such situations, your data backup, encryption, and business continuity/disaster recovery (BCDR) procedures need to be formally captured in writing and routinely stress-tested. This helps to confirm that data backup processes will function properly in the event of a real emergency.
6. Implement Multi-Factor Authentication
While this should be considered common knowledge, it’s still worth calling out that a good place to start is with implementation of multi-factor authentication (MFA). With MFA, users authenticate their access to systems by supplying two or more pieces of evidence—also known as factors. Microsoft research reveals that users who enable MFA on their accounts can block up to 99.99% of automated cyber-attack attempts.
7. Prevent Intrusions Before Attackers Reach Your Data
Another effective way to protect your client’s data is to prevent potential intrusions before they reach their data infrastructure. A comprehensive defense-in-depth strategy combines anti-virus solutions, intrusion detection systems (IDS), and data encryption with existing data protection processes and MFA. Implemented collectively, this will reduce the probability of cyber-attacks.
8. Explore Ransomware Detection and Recovery
Ransomware demands and ransom payouts increased significantly last year. To prevent potential ransomware attacks that can encrypt your client’s mission-critical files and stifle organizational productivity, consider a content management platform that detects potential ransomware and flags unusual behavior like high-volume encryption. Many solutions permit you to “roll back” to earlier versions of critical files in the event of a ransomware attack, which is commonly referred to as snapshot recovery.
Egnyte’s “Cybersecurity Trends for Mid-Sized Organizations” study examines several key data backup trends. You can download the complementary findings here.