Wouldn’t it be nice to make a list of new year’s resolutions you could actually stick to? Although we can’t help you with any personal fitness goals (I’m not the only one who has trouble with those, right?), we’ve got a list of three simple steps that will help make sure your managed services clients are safe and happy throughout the New Year and beyond.
1: I will educate my clientele
It only takes one bad decision by a user to unleash a costly ransomware attack. Because a lot of ransomware attacks are delivered as Trojans through malvertising or phishing emails, you can help prevent them by teaching users what to look for.
End users are often the weakest security link, but if they know not to open email attachments or click URLs from unknown senders, and how to spot suspicious emails that appear to be from legit senders, you’ve already won half the battle. Instruct them on spotting expressions or greetings the sender wouldn't normally use as clues to something “phishy.” If all else fails, real-time anti-phishing protection can often block even zero-day phishing attacks.
You can also take advantage of self-paced online courses to get users up to speed on the risks of using the internet at work and at home. Additionally, we recommend admins implement two-factor authentication whenever possible, enforce secure passwords, and beef up spam filtering policies.
2: I will implement/maintain layered anti-ransomware defenses
Reliable, cloud-based antimalware can prevent a lot of ransomware attacks, but it's important to remember that new delivery vectors are being released constantly, so no endpoint security solution alone will offer you 100% protection. You need additional security layers like firewalls and Windows OS policy restrictions to help secure your environment.
In addition to a next-generation endpoint security solution, you should ensure that your clients all have the latest Windows updates and plugins. Use a newer browser with an ad-blocker, show hidden file extensions, and disable autorun and the Windows Scripting Host engine. You can also filter executable files in email servers and disable Remote Desktop Protocol (RDP) to help thwart ransomware attackers. For tips on using Windows policies as a further protection method, be sure to download our MSP Guide: Stopping Crypto Ransomware Infections in SMBs.
3: I will not neglect my backup
Nothing is more effective at mitigating an attack, even one by crypto ransomware, than being able to instantly restore data from secure business continuity backups. As an MSP, you cannot overemphasize the importance of backups to your customers, who can sometimes fail to see the value. Remind your clients that without a backup they might lose data on every mapped and even unmapped drive. Some ransomware variants can even encrypt networked drives. Having offline air gap or cloud backups with multiple copies of each file makes it virtually impossible for extortionists to infect backup data while offering benefits to clients.
We recommend you back up data and systems in at least three different places: a main file server, a local disk backup, and mirrors in a cloud business continuity service.
Those aren’t so bad, right? They were probably already in your plans for the new year anyway, and they will absolutely help maintain your customers’ security and satisfaction levels.
In the meantime, you’re probably also making plans for increasing your profitability throughout 2017. Join this webinar, or view a recording, on how MSPs can make more money in the new year. The panel discussion will feature the channel’s fastest growing MSPs and IT vendors, including Webroot, Datto, IT Glue, and TekTegrity, as they discuss IT service trends and effective tips for service providers looking to drive more profits in 2017 and beyond.