What happened to Kaseya? Including 10 Security Best Practices for MSPs to Mitigate Ransomware Risk
Everyone is talking about Kaseya’s VSA product and how it fell victim to the single biggest global ransomware attack on record.
REvil ransomware has set a price for decrypting all systems locked during the Kaseya supply-chain attack. The gang wants $70 million in Bitcoin for the tool that allows all affected businesses to recover their files.
Join Frances Moore, Marketing Director at Inbay as she discusses what happened to Kaseya’s VSA product and what the potential outcomes could be. With data breaches hitting an all-time high and potential fines and negative press threatening to seriously impact your MSP business, Frances Moore also shares the top 10 security best practices for MSPs to mitigate ransomware risk.
For those of you that would rather read ‘The Top 10 Security Best Practices for MSPs to Mitigate Ransomware Risk’ please see the list below.
Despite MSPs having numerous vulnerabilities, your business doesn’t have to fall victim to a ransomware attack. Following cybersecurity best practices will help safeguard your customers and keep your MSP protected.
Here are just a few of the security steps MSPs should consider taking:
- Activate and enforce Multi-Factor Authentication (MFA). – With cybercriminals becoming more skilled at accessing credentials, it’s imperative to have MFA enabled for all users.
- Restrict network access. – Limit employee access rights, so they only have the ability to perform their jobs and regularly audit their permissions.
- Updates – When a vendor releases an update to fix a vulnerability in their software, install that patch immediately—before it’s too late.
- Secure endpoints. – Make sure to employ email authentication and web filtering tools as well as antivirus software as malicious emails still account for many ransomware attacks. You should also ensure that your virus definition libraries are up to date.
- Set alerts – Properly configure your systems so that you receive alerts when settings are changed. This will allow you to operate proactively and stay ahead of threats.
- Use off-site Backup – If an attacker has compromised an MSP’s RMM software, it probably also has access to the MSP’s backups. That’s why, in addition to two separate backups on-site, you should also have a third, off-site (and, preferably, offline) backup that only a few key people have access to for enhanced security.
- Processes – Make sure you have a system where you store your processes, whether it be data protection, cybersecurity, disaster recovery plans and other emergency guidelines. You should also review these on a regular basis and act out dummy runs or as I like to call them “What ifs”
- Educate your employees and clients – Training your team and your customers to avoid and detect cyber threats can go a long way in mitigating ransomware attacks. You should also encourage your employees to speak up if they detect any electronic cyber threats and always avoid shunning victims that fall victim as it may lead them to hide details that can help mitigate future attacks.
- You can’t do it all – You may not be able to handle all the security services necessary for your customers, and that’s ok. Partner with an experienced Vendor to provide a unified security front that you, and your customers, can trust.
- Audit your IT – Its always best to get outsiders to test your security. Otherwise, you are simply marking your own homework. Audit your RMM platform and invest in a penetration test to get a true understanding of your vulnerabilities.
If you have concerns that your RMM platform isn’t configured or optimised correctly and want to get the most out of your investment, get in touch with Inbay today.Find out more