Today, conditions are prime for cybercriminals, social hacktivists, or malicious insiders to take advantage of vulnerabilities in your customers’ systems and access their sensitive information. In fact, 37% of businesses and organizations faced ransomware, the number one cybersecurity threat, in 2021.
This may have many of your customers wondering if their data is truly secure. As a managed service provider (MSP), you have a unique opportunity to help your customers protect themselves and their data. By following ransomware and security best practices, you can help your customers become less attractive targets for an attack and force threat actors to look elsewhere for weaker target.
The below list of practical tips will help you not only decrease the likelihood of your customer being targeted with ransomware, but also to potentially mitigate the damages if and when they are infected.
1. Implement Identity Management and Least Privileged Access
Encourage your customers to implement policies for strong passwords. A 2-factor authentication or multi-factor authentication is a must to decrease the possibility of compromised credentials.
In case credentials are compromised, limit user access to what is necessary for their employees to do their job; review and reaffirm this access with your customers regularly. For example, if an employee is working on a time limited project that requires access or permissions, those permissions should be tied to the length of the project only and should be revoked as soon as appropriate. Products like AvePoint Online Services can help you to appropriately provision sites and users with limited permissions, access, and control.
Learn about AvePoint’s Ransomware Recovery Warranty
2. Offer Training for Your Customers
Attackers don’t usually infiltrate systems by cracking some impenetrable control; they look for weak points like trusting employees. Every company has at least one person who will click on anything. Offer to host security awareness trainings for your customers’ employees to help them identify signs of an attack.
Phishing is a primary starting point for ransomware infection. With more people working from home, threat actors increased their use of phishing. Email is inexpensive and easy to use, so it makes a convenient way for attackers to spread ransomware.
At the enterprise level, phishing scams are often designed to appear as though they’re coming from a trusted source. For example, DocuSign issued an alert in late 2021 regarding an aggressive phishing attempt, stating, “Malicious URLs are being hidden in legitimate DocuSign envelopes. The emails are being sent from a variety of senders and associated email addresses.”
The phishing email targets employees, both low-privileged users and high-privileged users. Documents are normally passed in email, so users think nothing of opening a file in an email attachment.
The malicious macro runs, downloads ransomware to the local device, and then delivers its payload. The ease of spreading ransomware in email is why it’s a common malware attack. Be sure that your customers are proactive with training and education. You could also consider offering to run internal phishing campaigns and educate their employees to stop, think and then click!
3. Back Up Your Customers’ Data Early and Often
Even with the best security training, you need to be prepared for the “one person who clicked.” You don’t need to force your customers to choose between paying a ransom or losing the data forever. Give your customers peace of mind by backing up their data early and often. Consider primary and secondary backup locations, and ensure you are incrementally testing your backups from restore.
Products like AvePoint Cloud Backup can provide early warning signals through detection of anomaly and encryption. Cloud Backup also provides reporting that allows administrators to determine impacted scopes, which could greatly help to shorten investigation and restore time.
After an investigation has been performed, you can move into a remediation phase to restore your customers’ data from the last good backup. Cloud Backup provides easy-to-follow guidance with suggestions about the best time range from which to restore, which helps with faster and precise recovery from backup data.
Build Your Customers’ Resiliency Plan: Get the Ransomware Protection Kit
4. Run Up-To-Date End-Point Security and Anti-virus Software for All Your Customers’ Emails
Email phishing and spam are the main way that ransomware attacks are distributed. Secure email gateways with targeted attack protection are crucial for detecting and blocking malicious emails that deliver ransomware. These solutions protect against malicious attachments, documents, and URLs in emails delivered to user computers.
It’s also essential to secure your customers’ inboxes. Regularly patch their systems, conduct vulnerability assessments, and leverage intrusion detection, real-time anti-virus, and end-point protection. Make sure you are not only filtering and blocking malicious emails, but also encouraging your customers to train their end users to “think before they click.”
The Bottom Line: Security Is About Mitigating Risk
While you cannot prevent all ransomware attacks, you can quell your customers’ fears and enhance their data management strategy by offering data protection solutions that mitigate the risks and consequences involved with data loss, such as a good backup and recovery tool.
When it comes to data recovery, AvePoint offers powerful data recovery options that are superior to other backup solutions; offering best-in-breed solutions and expertise of security best practices can make you stand out amongst your competitors.
Ready for more practical tips? Download the free Ransomware Readiness Checklist to help your customers achieve a more secure and protected workspace.