Organizations are desperately looking to MSPs to help them transition to a hybrid environment. According to a McKinsey survey, 9 in 10 organizations plan on combining remote and on-site work going forward. This means IT pros and their clients will need to collaborate to support productivity and security within a hybrid workforce.
Tackling the shift to a hybrid workforce can be a challenge, but one that can be navigated successfully with proper planning. Here are 9 ways to help your clients transition to a hybrid work environment while also maintaining cyber hygiene.
1. Define the Hybrid Structure
Different clients may have different expectations of what a hybrid work model looks like. That’s why it is important you consult with each client to develop a common understanding and regularly assess any changes.
2. Implement a Complete Security Makeover
Update client security to reflect the new reality of hybrid work environments. MSPs should revisit unified threat management (UTM), firewalls and VPNs to ensure client IT infrastructure can support remote workloads safely. Enable multifactor authentication (MFA) across the board to add a layer of security to the client system.
3. Bring Awareness
A staggering 17% of all sensitive files are accessible to all employees. Even though MSPs invest time and money on a good business continuity and disaster recovery (BCDR) solution, an accidental deletion on the client’s end can lay waste to all that effort. One of the best and easiest ways to mitigate data loss in a hybrid structure is by making clients and their employees aware of what exactly needs to be done in case a disaster strikes. Sharing training material with your clients and consulting with them on data security best practices is vital to keep data loss at bay.
4. Investigate Remote Devices
With an increasing number of employees around the world working remotely and using public Wi-Fi networks, client data is at greater risk than ever before. This gives hackers multiple windows of opportunity to strike. Bad actors set up access points that are designed to trick employees to log in to a fake router that allows hackers to read any unencrypted communication. Once they have access to one remote device, gaining access to the mainframe of the client network won’t be hard. Make sure employee devices are periodically scanned and monitored, and send red alerts to remote employees looking to connect to public Wi-Fi networks.
5. Create a Separate Network
Remote and on-site employees work best together when they work on separate networks. Create a separate network in the client IT infrastructure for remote employees. VPNs can be used to access this separate network. Add more security by limiting access to only the data they need. Create additional segmentation within the separate network with automated security checks, after which remote employees (when they are in the office) can switch to the main corporate network.
6. Enforce Mandatory Password Changes
Secure client devices by enforcing password changes periodically. This is an integral part of cyber hygiene that thwarts account takeover (ATO) attacks. ATO involves cybercriminals stealing or buying credentials during third-party breaches and then reusing them to gain easy access to corporate systems to steal IPs, perpetrate business email compromise, gain access to financial accounts and commit other types of cyberfraud. A whopping 80% of all businesses experience at least one compromised account threat per month. Shuffling passwords is an efficient way to keep your clients in the other 20% bracket.
7. Run Disaster Recovery Testing
Use the sandbox method to test disaster recovery (DR): partition client virtual machines and perform tests without affecting production servers. This assures clients that their hybrid workforce can access systems (either on-prem or the cloud) and everyone including remote employees can access data in case an actual disaster occurs. A lack of initiative can cost clients anywhere between $10,000 per hour to $5 million per hour depending on the size of their business.
8. Scan Vulnerabilities
Perform vulnerability testing targeted at the client’s internal network to identify compromised devices that live on the corporate network. Get an overview of where a potential internal attack can occur and where a threat vector could move after compromising a client’s machine. Document the results to keep an account of high-risk vulnerabilities that an attacker may leverage and present them to clients, thus empowering them to make smart decisions.
9. Maintain BCDR Runbooks
Update client business continuity and disaster recovery (BCDR) strategy based on all the considerations above. Maintain a document or a “runbook” that clearly outlines procedures that should be taken by clients when a data loss incident occurs. Share user-friendly runbooks with clients that include procedures and protocols for departments, teams and individuals that need to be followed during a disaster.
Select the Right BCDR Partner
Unitrends MSP Business Continuity and Disaster Recovery is the one-stop solution that provides uptime and security, giving clients peace of mind when switching to a hybrid model and ultimately helping MSPs grow their business and create stable revenue streams.