2020 has been hard on our industry. Yes, many MSPs had an initial bump of project work moving people into a work from home or hybrid environment, but after that stretch I’ve heard outcomes ranging from the good (hustlers increasing their sales and bottom line—using new tools like penetration tests, the bad (lost revenue or stagnation) and the ugly (doors closing).
2020 did have its ups and downs and was unavoidably the year of the virus—pandemics effecting both our bodies and our networks.
While I defer Covid19 prevention, statistics and outcomes to experts in the epidemiologic and healthcare sectors, the pandemic spanning MSP networks from malicious software is something that I assuredly can say is calamitous and preventable, too.
As we put 2020 in the memory books and venture into a better 2021, here are 6 essentials to protect your business and the networks of your clients in the new year. There is no easy button, but as I have seen with our partners, prevention and preparedness is completely doable if you are willing.
Learn—having the mentality that you’re the expert with nothing to learn is not a good way to secure your network or that of your clients in 2021. Gather as much information as you can and make sure your team is learning from other’s mistakes. Learning means gaining perspective on where the industry is going, what is happening and ultimately where your team and infrastructure need to be.
Stick To A Framework—make sure you aren’t just chasing your tail or the next shiny object. If you are using a framework to evaluate your cybersecurity stack and correct for gaps using a routine procedure, you will be much better off than simply reacting to latest security incidents, viruses, or products. Frameworks typically are based on lessons learned and continual improvement (our partners use an MSP-centric framework focused on improving mindset within their organization around cybersecurity).
Adopt Cyber Hygiene Practices— I’d argue that cyber hygiene is one of the most critical components to your security. Many of us depend far too much on technology just working. In many situations we lax our cyber hygiene (aka, our how we collectively treat risks within our environment) when we think our technology is good enough to protect our systems. The securest MSPs don’t think like this. They have standards that everyone is held accountable to—standards that make them less of a target to the viruses we’ve seen this year.
Talk About Cybersecurity— one critical part to keeping your team safe is keeping a cybersecurity dialogue going. If your team isn’t talking about security, that probably means they’re not thinking about it in their day to day. Unless you change the conversation and get people to start thinking about it regularly (habitually), your team will likely not act to maintain or improve their security posture.
Be Conscious Of Consequences— along with an open dialogue, having your team understand consequences to actions or decisions in a security context will help them understand why they need to do things a certain way. If they don’t understand why you have processes, procedures, or standards in place, they will probably not think of taking short cuts or cutting corners to get their work done satisfactorily to your clients. We see holes opened in MSP environments when a client impatiently needs a ticket resolved right now, leading to poor hygiene practices that open up gaping holes on their network. If your team understood the damaging consequence quick fixes might have on the organization, they might think through their fix a little more.
Consider Getting A Second Set Of Eyes—we all know that your team is busy. IT problems or headaches are never going to go away. Clients are always impatient to get their printers fixed as soon as possible. With all the burdens your team confronts day in and day out, how are you to be expected to check and double check that security is buttoned up the way it should be? Would your clients wholly trust a report from you that security gets a 100% score? Many MSPs are augmenting their security by getting a second pair of eyes to make sure their networks are as clean as they expect them to be.
These are six basics that your MSP should consider making life easier in 2021. Keep in mind that no one is completely resistant to threats, attacks and breaches. What’s important to always be thinking about where your risks lie and whether you can stomach them.
To a healthier and happier 2021!