Ask an MSP Expert

Q: Recently, one of my customers was hit with ransomware and ended up needing to pay a hefty ransom. I’ve tried to warn some of my customers about cyber threats in the past, but I can’t seem to get through. What are the most important things I need to teach my customers about ransomware?

Today, ransomware is running rampant, and it’s your job not only to protect your SMBs from falling victim to the next attack, but also educate them on how they can avoid the threat in the first place. A report from Cybersecurity Ventures projects that by the end of 2019 a ransomware attack will strike a business every 14 seconds. That means the odds are high that your SMB customers could be hit — whether they want to admit it or not!

That’s why it’s important to take proactive measures today to help your SMB customers understand how to avoid an attack, what technical safeguards they should put in place, and what they should do if they get hit an attack. That way if something happens, they know to call you right away.

To help you frame the ransomware conversation with your customers, we talked to Paul Hanley, the desktop support specialist at Barracuda MSP.  Paul shared these tips for educating your customers about ransomware.

1. Put technical safeguards in place

As an IT service provider, you need to make sure each of your customers has the right technical safeguards in place to protect them from a cyber attack and ensure that all their threat vectors are secure. Consider offering solutions—or partnering with another technology provider—to protect their web applications, network infrastructure, and inboxes, as well as their physical security. Cyber criminals are relentless, and any unsecured threat vector could leave the customer vulnerable to an attack.

Social engineering can trick even the savviest employees. For example, an employee might not think twice about opening the door for someone who appears to be making a delivery. However, left unattended, that individual could access confidential information left out in the open—such as passwords written on Post-it notes or confidential documents left on the printer.

To truly protect your customers across all threat vectors, you need to put a comprehensive security plan in place. As a best practice, have an intrusion prevention system and security software running on your customers’ computers. This should include antivirus software, next-gen firewalls, spam filters, and a robust email security solution. Then, make sure all security patches are up to date, and deploy new patches on a regular basis. If possible, schedule a recurring meeting on-site with customers to ensure these safeguards are working properly.

Another thing you should put in place is a backup and recovery solution. If one of your customers were to fall victim to an attack, having a backup can be a lifesaver. Instead of paying a hefty ransom to get their business-critical data back, you can easily restore the infected machine to an unaffected state and recover their most recent backup. This saves you both time, money, and headaches.

2. Train employees

Even when you have technical safeguards in place within your customers’ IT environments, it’s the employees who ultimately risk exposing the business to ransomware. User error is often to blame for inviting ransomware into a computer, such as an employee clicking on an infected online advertisement, pop-up window, or link in a malicious email. Mobile devices are no longer immune to ransomware either, which has caused businesses to be cautious about allowing BYOD policies in the workplace.

For these reasons, users are the most important line of defense, and that’s why you need to talk with your customers about ransomware, educating them on what it is and how they can defend themselves and their businesses. You can get all the employees together for a training session or use an online training program to educate them on best practices and what to look for in an attack.  Encourage your customers to require all their new employees to complete the training and offer it on an ongoing basis to avoid information being missed or lost.  

Subscribe to SmarterMSP.com

Some small business customers will listen to your suggestions and learn what to be on the lookout for. These customers will run whatever security software you’ve installed and will know not to open an email attachment from an unknown sender.

Other customers might believe that a ransomware attack will never happen to their business. In this case, you will need to be more hands on and monitor their systems to make sure all the technical safeguards are in place and don’t get disabled. In either situation, be proactive and figure out what type of customer you’re dealing with so you can develop an appropriate and effective security policy.

3. Provide examples to end users

While you can tell your customers that they need to be careful when surfing the web or opening an email, you can’t guarantee they’ll always respond appropriately. The most effective way to educate your customers on ransomware is to show them examples of what it looks like so they’ll know the warning signs and be able to identify a suspicious message or link.

Once ransomware has infected a computer, a message is displayed on the computer’s screen letting the user know their machine has been compromised. Examples of these messages can be found here. It’s helpful to share this type of information with your customers so that, even if it’s too late, they’ll know to alert you and ask for help.

It’s also worthwhile to require your small business customers to administer a malware education test to their employees. For example, you can share Barracuda MSP’s Ultimate Phishing Quiz with your customers, which includes examples of infected and legitimate emails and provides explanations about how to tell the difference.

Keeping Paul’s advice in mind, you should begin reaching out to your customers, offering a “health check” where you inspect their systems to uncover any security vulnerabilities. It’s important to start educating your small business customers as soon as possible because new cyber threats are emerging every day. Without the users acting as the final line of defense, even technical safeguards won’t protect a small business from a ransomware attack.

Photo:  vchal / Shutterstock.

Lauren Beliveau

Posted by Lauren Beliveau

Lauren is an Editorial Associate at Barracuda MSP. In this position, she creates and develops content that helps managed service providers grow their business. She also regularly writes The MSP’s Bookshelf and our Ask an MSP Expert column.

Leave a reply

Your email address will not be published. Required fields are marked *