In talking to customers, you probably find that their biggest concern is how they can protect themselves from external malicious activity. However, many times the biggest threat to their business is the behaviour of their own employees.
The troubling behaviour most often comes from either a malicious employee, or an accidental error.
We can classify employees into two broad categories: the general worker and the IT worker. Luckily, MSPs can offer services to help organisations defend themselves against problems that often come from either category.
The general non-IT worker
With general malicious employees (such as a disgruntled one, or one leaving to join a competitor), MSPs can make access to stored information more secure through the provision of access control list (ACL) controls, along with data leak prevention (DLP and digital rights management (DRM) services. This provides the capability to control access while also controlling and tracking usage of the information, including to the ability to destroy the information from an employee’s device should they leave the organisation.
For accidental ”bad behaviour”, DLP is also an excellent tool. For example, if you apply DLP controls around emails, when an employee accidentally sends a message to the wrong email address, DLP can pick up that the information and then it can either block it or inform the sender of a possible issue. Again, DRM can make it such that recipients can only carry out specified acts against information that they do have access to – for example, not being allowed to forward it on or to cut and paste content.
Both DLP and DRM work best where there is a central management system – something that plays straight into an MSP’s strengths. Not only is it expensive for an organisation to host its own DLP and DRM servers, but they also need to be available 24×7. If nothing else, surely that is an ace in the hole for MSPs.
The wayward IT worker
This leaves us with the curse of any organisation: the wayward IT worker. Here, the majority of end-user organisations are pretty lax in how they operate things. Access to the data centre may be poorly tracked. System administrators are often allowed full access to systems and are pretty much encouraged to act as the ‘rock gods’ they see themselves as and to use one-off scripts for many jobs.
This can be catastrophic. A poorly written script run with elevated privileges can bring down an application, a whole server, or even a whole platform. If the organisation does not have suitable roll-back, business continuity or disaster recovery plans in place, their business can be massively impacted.
A poorly written script run with elevated privileges can bring down an application, a whole server, or even a whole platform.
As an MSP, you should be able to do better. System administrators should have to be trouble ticketed for each action they take. Only named people should have physical access to any hardware. Any changes to systems should be orchestrated through suitable software systems, with full pre-checks and roll-back capabilities.
Indeed, with the right orchestration and systems management software in place, systems administrators should be writing very few scripts themselves. Instead, they should be using automated systems to check and fix systems as they go along.
Robust platform capabilities are worth their weight in gold
As an MSP with such capabilities in place, you may overlook the importance of this. However, it can be a major selling point to your prospects. They may be struggling with errors introduced through manual activities – and see the costs of trying to manage this through the acquisition of suitable software as being beyond their capabilities.
For you, it should be table stakes: avoidance of the possibilities of user error are included in the cost of whatever services you provide.
Sing it loud and sing it clear: such platform capabilities are worth their weight in gold. Build other services on top, such as DLP and DRM, so you can offer a set of services that make the processes your customers depend on for their business easier to understand, manage, and see the value in. By building these services into your offering to customers, you’re taking one important step in minimising the risk of end-user errors.
Photo: jijomathaidesigners/ Shutterstock.