Your Cyber Insurance Carrier Wants You to Hire An MSP. And you should.
Security Starts with the Basics
inside your insurance company and experienced IT professionals agree that many
of the most important things protecting your data from cyberattack are
maintenance practices that are followed with discipline. As professionals, we
often see cases where basic IT practices are not applied and customers are
subject to great risk not only from a cyberattack, but from a variety of other
threats such as human error or hardware failure.
an MSP, you have a team that has spent years perfecting the tools and processes
needed to reliably perform maintenance activities, so when a problem occurs,
your network is protected.
things your MSP will help you accomplish:
Physical security. Your servers and network equipment should be housed in a locked area
where temperature and humidity are controlled and monitored.
Access restrictions. Users should only have the system access they need. No user should be
doing daily tasks with an account that has administrative privileges. Any
access you give a user is also given to a hacker that gains access to their
Security training for users. People are the weak point in any computer system. Security
awareness training helps users spot phishing attacks and helps them avoid risky
websites. This training will reduce the number of threats your other defenses
must protect against.
Password policies. Complex passwords take longer to break with brute force attacks. Your
applications and directory service should lock user accounts after multiple
failed login attempts to defend against this type of attack.
Security audits. Vulnerability testing and penetration testing will help your firm
identify weaknesses in your security defenses. Periodic testing is highly
recommended to find weaknesses before they are exploited.
Software patching. Software patching is critical as many software patches are developed to
close security loopholes. If software patches are not applied, your environment
will have vulnerabilities that are documented by the very vendors who are
issuing the patch to resolve the problem. Threat actors are aware of these
vulnerabilities and will exploit them if you leave them open. Cyber insurance
carriers are beginning to require software patching be completed in order for
coverage to be valid.
Backup and recovery. Your firm should have multiple copies of your data with at least one of
these off-site. It is critical that access to this data be separate from
network access and that the recovery function is periodically tested. Your
organization’s data is critical to your survival, so it is imperative to know
you can restore your data in case of a disaster (natural or manmade).
layer of security is perimeter access. There are a variety of tools to provide
perimeter security. A strong MSP will recommend the tools appropriate for your
firewall controls access on a very granular level. Expert configuration is
essential to provide effective protection. It is also important to be sure that
subscriptions for software and support are current.
Email Filtering. These tools receive and scan emails before your users see them. This
helps prevent phishing and malware.
VPN Access. Remote
users often require access to resources on your network from public or home
networks. VPNs encrypt traffic between
the user and your site to keep their connection private over the Internet.
DNS Security. These
tools act as a broker when your users attempt to connect to services on the
Internet. DNS security products like Cisco Umbrella can block requests to risky
website and alert administrators. DNS security can protect your team from
recently hacked websites as well as sites set up to host malware and phishing
By far the
biggest vulnerability in your network is the endpoint. Even with user training
and email filtering in place, phishing is so prevalent that eventually one of
your users will click on a malicious link that was missed by other tools. Endpoint
protection tools are designed to catch these threats and generate alerts to
notify you of problems. Some of these tools can take action, including
disabling the endpoint until it is cleaned and determined to be safe.
Endpoint Detection and Response (EDR). EDR is an update to anti-virus software that was seen
as a requirement on corporate systems for decades. EDR products extend beyond
typical signature-based scanning to include analysis of the behavior of
suspicious code. By focusing on the behavior, new attacks that would be missed
by anti-virus tools are blocked by EDR.
Managed Detection and Response (MDR). MDR tools look for persistence mechanisms used to take
over your environment with Ransomware. By identifying the threat before the
attackers have control of your data, these mechanisms can be removed and entry
points to your network closed.
Multi-Factor Authentication (MFA). MFA is used to ensure that users authenticating to
your applications are who they claim to be. MFA is an excellent tool for preventing
unauthorized access and has been heralded by insurance carriers. In most cases,
companies are required to use MFA before cyber liability insurance coverage
will be issued.
Team with The Right Tools
benefit of hiring a Managed Service Provider (MSP) to support and protect your
team is that an MSP’s core business is managing computer networks. They invest
heavily in management tools and training. They are versed in a wide variety of
technologies and can recommend the right solution for your firm.
Give MTSi a
call and discover the difference we can make for your team.