Q: Many of my SMB customers have adopted cloud solutions as a result of their shift to operating with a remote workforce. How can my MSP maintain strong cloud security while keeping pace with this shift?
According to a recent report by the SMB Group, organizations have become increasingly reliant on technology as the COVID-19 pandemic altered the way they did business, delivered services, and interacted with employees, clients, and vendors. Over 80 percent of respondents reported that cloud-based business applications have been valuable in sustaining their business.
SMBs were already embracing the cloud before the pandemic for its cost savings, resource allocation, and ease of use. The cloud enabled them to rapidly adjust their operations while reinforcing the overall value of working on these platforms.
To learn more on how managed service providers can secure customers with remote workforces using cloud solutions, SmarterMSP sat down with Chris Crellin, Senior Director of Product Management at Barracuda MSP. Chris emphasized that MSPs can help clients operate securely in new cloud environments by providing technology and services that enable them to follow several security strategies.
Three cloud security best practices for remote workforces
Wi-Fi and personal devices: MSPs should implement Zero Trust Network Access (ZTNA) on their clients’ workforces to verify every attempt to access data and resources on their networks, both in-office and remote.
The ZTNA approach also reduces the exposure of a business’ infrastructure via access control for SaaS applications, while removing the need for long-living connections. This multi-tenanted solution keeps their customers safe, regardless of network or device, and enables them to monetize devices they previously were unable to monetize because they weren’t technically under management.
Improve visibility with RMM: MSPs should offer regular security assessments to help identify security gaps and proactively address those vulnerabilities before an attack or breach occurs. Using a remote monitoring and management (RMM) tool allows MSPs to set alerts and automate remediation actions that can help them address security gaps promptly.
Whenever a threat is identified and neutralized, MSPs should bring it to their client’s attention. This not only highlights the need for the MSP’s security services, but also provides an example of work that the MSP is actively doing to keep the client secure. A strong RMM tool with these threat remediation and security assessment capabilities will provide many opportunities for an MSP to demonstrate its value.
Provide employee training: Modern cyberattacks are much more complex and convincing, particularly advanced phishing schemes like business email compromise (BEC) attacks. These attacks are ever-evolving to bypass existing security measures and trick unsuspecting end-users, making cybersecurity education and training even more vital to an organization’s defense.
MSPs should train clients on how to properly identify and report attacks, so that the cybersecurity team has time to respond, remediate, and mitigate the damage caused by these events when they do occur. These policies can be augmented with artificial intelligence and machine learning technologies that evaluate typical communication patterns and use it to check for anomalies that a human might miss.
With these initiatives and strategies, MSPs to help current clients implement disaster response and recovery plans and evaluate their customers’ security postures. Increased reliance on remote work has created more opportunities for MSPs centered around their IT expertise and ability to make remote workers productive and secure. To thrive, MSPs will need to offer cloud solutions that meet this increased reliance on remote work and make them security-centric service providers.
Photo: Simon Bratt / Shutterstock