MSP Community Blog

The ASCII Blog highlights articles featuring MSP members from our community as well as ASCII staff

ASCII Insight: MSPs Share Their Thoughts On Surviving A Pandemic
ASCII Community   May 28, 2020

ASCII Insight: MSPs Share Their Thoughts On Surviving A Pandemic

In our ongoing quest to provide you with the best business advice possible, we’ve partnered with The ASCII Group and their members who are going to share their thoughts on timely topics or best business practices. In this article, the following ASCII member answered our questions about surviving a pandemic:

Q: Why are there so many Coronavirus-related scams?

Liberman: Because, to quote Willie Horton, that’s where the money is. Scammers are by their very nature, opportunistic and as such, keep their fingers to the pulse of current events. Whether its botched celebrity surgeries, political scandal, or the current pandemic that threatens the health of livelihood of the entire world, if it scares, titillates, or shocks, it is scammer gold.

Bloomfield: As of April 30th, there are 30 million American’s signed for unemployment. Now imagine the unemployment rate on a global scale, especially in countries where most hacking and online scams originate from. Everyone is hurting and scam artists will do what they do best, SCAM. This is why we are seeing so many coronavirus-related scams and they know their targets are on edge and they take advantage of them while they are down. It’s despicable but unfortunately expected and that’s why we need to protect our clients.

Hassel: This is just typical of unscrupulous types taking advantage of the vulnerability of people during the crisis. Particularly small businesspeople that are anxiously awaiting financial support through the PPP, they may not be looking carefully at emails being received. In haste, they may open that phishing email. This isn’t the only catastrophe that has brought out the absolute worst in people. Take a look back at other disasters and you will see the scam alert warnings.

Barber: Folks are sitting ducks when they get emails about their stimulus payment of PPP funding, for example. Oftentimes it’s a little unclear where a legit email would come from, which just adds to the confusion.

Singleton: Hackers are opportunistic. If people are expecting a government stimulus check that hasn’t shown up yet and suddenly get a legitimate-looking email saying there was a problem with it and to log in here to fix it, that will fool a lot of people. Just like marketers, hackers use whatever is in the news to get people to engage with their content. Coronavirus is the only thing in the news these days, so it’s the thing that hackers are focusing on as well.

Stinger: The coronavirus has everyone in a panic. Many people cannot do the things that they are used to doing. Scammers have been using this to their advantage. Scammers have been using things like test kits and vaccinations to lure people into a potential scam.

Q: What steps should you take to help your clients protect themselves?

Bloomfield: The most important tool that we have in our box to help with this would be EDUCATION. It is important that you provide PII training, simulated phishing attacks, and use true email filtering solutions to help minimize your client’s risk. We can never completely keep the bad guys away, which is why by educating you can help your clients to recognize when they are being scammed.

Hassel: It is always a good thing to maintain the education of customers and their employees. You can protect only so much with systems and equipment—one wrong keystroke or click of the mouse by an employee can be the cause of a data breach—that in some cases will be the downfall of the company.

Barber: Multi-factor authentication should be implemented everywhere possible. Simulated Phishing emails help enforce vigilance, and regular security training is very important. We also recommend strong endpoint security with DNS protection as well.

Singleton: Over 90 percent of breaches start with email, so make sure you have all client email run through a professional email security system. If you have a security awareness training program, most of them have new COVID campaigns. Add that to your current training schedule to help users notice hacking attempts. Everyone is working from home and most home networks are poorly protected. At a minimum, deploy a strong NGAV or AV+EDR solution to the machines of all employees working from home.

Stinger: The biggest thing we can all do is help our clients work from home. Whether this means buying new equipment or getting on the phone to help them set up in their home offices. These sorts of changes are what clients need right now to help protect themselves.

Q: What do recent breaches during COVID-19 say about the cybersecurity skills gap?

Bloomfield: It shows that we have a lot more to do and that no matter the state of the world, hackers will be waiting to take advantage. Whoever believed that hackers would sit idle and allow for the pandemic to pass are truly naïve. Hackers will always be waiting to attack when businesses are at their weakest, ready to drain the last blood. It shows that as MSPs we must do everything in our power to educate our clients to understand the importance of Business continuity plans, security policies, and the importance of properly being set up for a distributed workforce.

Hassel: I think the recent breaches during COVID-19 personify the ever-present need to train, train, train. And to make sure firewall and email protection are in place. It’s a sad state but we must constantly assume someone/something is lurking around the corner and is out to cause harm.

Barber: Far too many folks think their small business is too small to be a target. But they are. The only clients I have met that take cybersecurity serious right out of the gate are folks that have previously be victimized. Don’t think it cannot happen to you, it absolutely can.

Ussery: The recent breaches during COVID-19 confirms companies are still not investing where they should in IT. Technology has to be thought of as a security branch of the company just the same way companies invest in locks on the doors, or security, tornado, and fire alarm systems that monitor and signal for help. Prioritizing a company’s security practice is a crucial first step toward reducing the skills gap by becoming proactive instead of reactive.

Singleton: The cybersecurity skills gap doesn’t just apply to a shortage of high-level security specialists. All IT professionals should have a strong foundation in cybersecurity and that is just not happening, as evidenced by so many MSPs getting ransomed. All IT professionals should be going through continuing education for cybersecurity, no matter their job title or level.

Stinger: Recent breaches during this pandemic have brought the cybersecurity skills gap into the limelight. They have shown that the cybersecurity skills gap is a much bigger deal than it has been made out to be. With people working from home and accessing their sensitive files on a home network, this data is exposed and easy pickings for those who want to steal it.

Q: How can companies prepare their cybersecurity teams at home and protect their critical infrastructure?

Bloomfield: Utilize the tools that help to make things easy. STOP exposing RDP ports to the world, stop having employees connect with VPNs from unprotected workstations and networks. There are many tools to make things much more secure and solve all of these problems. Finally, no RDP session, whether it be behind a firewall or open to the world should be opened without 2FA, burn that into your client’s minds.

Hassel: Firewalls are certainly one measure of protection. Another is to protect email via encryption and to use a spam protection service. It is also critically important to keep staff current on how cybercriminals can be very tricky in the email … is the domain similar but not quite accurate? Rather than clicking on the link, how about checking the URL?

Barber: Strong endpoint security, along with network protection will go a long way to keeping teleworks safe and company data secure.

Singleton: Treat your employees’ home offices as you would with your clients. Install RMM tools on their home machines to keep them up to date and maintained. Install NGAV or AV+EDR on them. Make sure they are being backed up. Configure home routers with at least two segregated networks, one for your business computers that connect to the critical infrastructure and the other for family, guests, and IoT devices, if you can’t do that with the existing equipment, buy a second router. Don’t let any machine that is not maintained and secured access to the network that has corporate access, and don’t let the protected computers join the unprotected networks. If you haven’t already, turn on 2FA for everything, including RRM, PSA, secondary remote access tools, and email.

Stinger: By ensuring that remote users have access to a VPN, companies can much better protect themselves. This makes a huge difference in the effort to protect sensitive data and is perhaps the easiest way to protect it from home. Another simple solution is to enable remote backup and wipe for computers that have been compromised or stolen.

Q: How can MSPs get back into a normal cadence during COVID-19?

Bloomfield: Just keep doing what you are doing, keep protecting your clients, and do everything in your power to be one step ahead of the hackers. By showing value, you will be just fine and make it to the other side of this.

Hassel: I think that if MSPs continue to be in touch with their clients and conduct themselves with a heightened sense of awareness (and pass that on to their clients), then we will weather this storm. We must, however, know that the continued sense of normalcy is that zero trust philosophy.

Barber: Work from home! We as an industry have been preaching it for years; it’s time to lead by example!

Singleton: At this point, most of the work of getting end users set up to work from home should be finished and things should be slowing down to a point where a normal cadence can happen. Have at least one daily team meeting with all staff to keep everyone informed and connected. If things are slow, start working on the backlog of projects that are always on the back burner. Restart your sales and marketing efforts—just adjust it all to be considerate of the current situation. Have regular meetings with your clients to discuss their plans for re-opening and how you can support them.

Stinger: A big benefit that MSPs have is that most important work can be done remotely. This puts MSPs at a huge advantage when it comes to having a normal workflow. Most of the work that cannot be done from home will likely be in an empty or nearly empty office. This means that most MSPs can work with some normalcy.

Reprinted with permission, courtesy