By: Alessandra Descalso on July 15th, 2021
4 Ways Managed Service Providers Identify Potential Security Risks
When looking to hire a managed IT provider, you'd want to know about the measures they have in place to ensure their clients' security. This article provides you with a general idea of how ITS identifies security risks for clients.
Security is undoubtedly a critical topic when you're looking for an IT provider to manage your technology. With companies suffering from cyber attacks left and right, network security has all the more become a top priority for companies. The most common concern among organizations, in particular, is how to keep their operations going uninterrupted by breaches.
As a business owner, you might be wondering if you have everything covered and if your data is safe. You might also be asking yourself:
- Are threats and vulnerabilities going undetected in your network?
- How many levels of risk can your organization tolerate?
- Do you have the right network security solutions in place?
- Is your organization ready for the next cyber incident?
Managed services providers deploy a variety of solutions to help you ensure that cyber threats are kept at bay. Like most MSPs, Intelligent Technical Solutions has been helping businesses minimize their liabilities by providing them better visibility into their network.
This article dives into the methods we employ to identify the potential security risks for our clients and how we prevent them. It is important to note, however, that other organizations might do it differently. But before we move on, let's take a look at what security risks are and their impact on organizations.
What Are Security Risks?
Cybersecurity risks are those that compromise your information, operations, and financial situation. They can originate from your internal (insider risks) or external environment (hackers). Risks come in many forms, such as malware, credential theft, and denial-of-service (DOS) attacks. They can also be software or hardware vulnerabilities that remain unpatched.
Risks damage your reputation and have a devastating financial impact on your company. For instance, Target had to pay $18.5 million to settle claims due to its 2013 data breach. Attackers infiltrated the company's network via a third-party vendor and stole the credit card data of 40 million shoppers.
How MSPs Keep Your Network Secure
ITS employs various procedures to determine a network's weaknesses and if it is prepared to defend against them. These procedures include:
1. Vulnerability Scans
According to ITS Director of Operations Peter Swarowski, the company has a process that looks for open holes in the firewall that could allow someone to connect to internal resources remotely from the internet. A consultant scans each IP that clients are coming from and looks into what ports are open and what's on the other end of that port.
"When we do these scans, we take it from the stance of a bad guy," he said. "We have a set of most important services that are of high value or high risk to identify. Once someone comes up on that list, we create a ticket and work to close it."
Security experts scan those IPs on a weekly basis. While brand new clients go through an onboarding process wherein the vulnerability scan is performed, subsequent scans will pick up any changes that have occurred after onboarding. If something was overlooked, the script would eventually find out the issue in the subsequent scans. If an employee changes any configuration, say, to their firewall without ITS' knowledge, ITS can discover it and close it up quickly.
2. Firewall Audits
A company's firewall is its first line of defense against cyber threats. It has to be audited to ensure its optimum performance, as well as reduce costs. A successful audit depends on good network visibility.
ITS has developed a process for auditing SonicWall firewalls, which is a big advantage for clients who have adopted the next-generation firewall. The process queries the client's firewall setup and cross-checks if it's aligned with ITS' standards. If issues arise with the firewall configuration or rules, an alert is created to address them.
"Through this process, we can make sure that any changes comply with the standard we've set up," Swarowski said.
3. Microsoft 365 Audit
Microsoft 365 has an embedded feature that allows users to manage compliance, security, and audits. In addition, ITS queries clients' Office 365 security settings. The company runs an assessment of security baselines on the client's Office 365 environment to determine how things are set up. It also checks for other features, such as if everyone has enabled multi-factor authentication (MFA). They then take action on any irregularities found in the process.
4. Use of Threat Intelligence
ITS keeps an ear out for big security risks and vulnerability updates. The company consults NIST's National Vulnerability Database and Mitre's Common Vulnerabilities and Exposures (CVE). It also uses other open-source vulnerability databases and threat intelligence sources to add context to scan output and findings.
"When a new vulnerability comes out, and we know it's going to impact our clients, our teams will get notified, and they'll go and do a bunch of work at night or over the weekend to mitigate it right away," Swarowski said.
Best Practices to Keep Your Data Secure
Swarowski said that organizations could avoid a network compromise with better cyber hygiene. He gave a few examples of how to accomplish this:
- Implementing multi-factor authentication (MFA) on any externally accessible services.
If you can access something outside of your office and from anywhere on the internet, you should have an MFA on it. MFA creates an added barrier to devices and applications as it prevents unauthorized logins when a user account is compromised.
- Cutting down permissions and restricting access to sensitive data.
A good security best practice is to enforce the principle of least privilege (PoLP). Set people up with the minimum of what they need to perform their job function and nothing more. Over-privileging people for convenience exposes your organization to untold risks.
- Having a security-focused human resource policy or process that's independent of technology.
A great example of this is asking employees to manually verify the identities of people they communicate or transact with, especially when money is involved. People should not over-rely on their email security appliance or data loss prevention (DLP) software. Pick up the phone and confirm with the person on the other end of the conversation; for all you know, the email sender might be a spoofed account. Educate employees on keeping their accounts secure or recognizing a phishing scam or social engineering tactic.
ITS helps organizations like yours bolster their security defenses by routinely scanning for vulnerabilities in your environment and mitigating them promptly. Our goal is to improve visibility in your environment, and so we find your weaknesses before the threat actors do. Contact us for a free, no-obligation consultation today by filling out this form.