5 cybersecurity trends MSPs must address in 2021
2020 was chock full of surprises and twists that no analyst could have predicted and came with a massive shift to remote working and tools that facilitate it.
The good news is that managed service providers (MSPs) saw tremendous growth both due to the move to a remote workspace and the need to optimize IT costs. And now that COVID-19 has become a known hurdle and companies have had time to adapt to it, MSPs can make better plans for how they can service their customers in the coming year, and they can take the time to refine their strategies for this new normal.
The shift to remote work forced employees to handle many of the most basic tasks independently, and ransomware gangs took advantage of the fact that employees started using their home-network infrastructure to perform business functions.
MSPs have been at war with malware-wielding threat actors for many years, but ransomware is much more insidious and destructive than a trojan.
While malware fighters are busy fighting the ever-changing ransomware attacks on businesses, bad actors are hoping to hit enough targets for a hefty payout. Targeting businesses instead of consumers has proven to be a lucrative choice for bad actors. Instead of “earning” small sums here and there, they can get massive payouts from businesses. This money, of course, has gone into malware R&D and fueled more attacks targeted at enterprises.
To get ready for this in 2021, MSPs will have to implement solutions to counteract these attacks. While basic AV that many MSPs employ will detect most ransomware attacks based on signatures, some malware will still slip through.
The money involved has allowed criminal organizations to constantly modify the ransomware payloads. To detect them, AV needs to move beyond signatures and look for behaviors that indicate an ongoing ransomware attack and block it. In cases where this is still not enough, backing up essential data for clients ensures that no critical assets are lost for good.
Another trend MSPs must prepare for in 2021 is the permanent shift to remote work. 2020 has shown that employees and business can be productive no matter where the employees do work from. This discovery has allowed many major players such as Google and Twitter to save money on office infrastructure by switching their workforce to permanent remote status.
While this looks to be a significant win for both employees and organizations, it does not come without challenges for businesses and MSPs. When employees work from home, they can often be the proverbial weak link: criminals will exploit the situation by attempting to phish for credentials or install rootkits or other malware that can help establish footholds into the company network.
To thwart this, MSPs will need to employ the right technology solutions to protect these endpoints. This protection should include multi-capability systems solutions that provide basic AV and use advanced heuristics to look for dangerous software behavior (e.g., over-taxed CPU, disk, or network resources can indicate attackers or malware.
The solution needs to be on the lookout for programs attempting to exfiltrate data to standard file-sharing services such as Dropbox. Noticing and blocking these dangerous behaviors will help keep MSPs’ ahead of attackers, and proper policies (such as blocking certain services via URL filtering) may provide proactive protection that saves precious time and effort.
In 2020, many organizations had to face decreasing budgets due to losses incurred in dealing with the COVID-19 situation. Despite that, IT and security groups have been asked to deliver the same service level as before while facilitating remote workers through increased infrastructure. There is no room to compromise on quality, and the job still has to get done even if there are fewer bodies to make it happen. To accommodate this, teams will have to be efficient and make the most of the resources they have.
All signs are pointing to this trend continuing through 2021. MSPs need to prepare for this and streamline how service is delivered. They will need to deliver on a solution that ties in multiple streams of data and provide advanced analytics in single-pane-of-glass dashboards. These solutions allow smaller staff to monitor and manage larger IT ecosystems while ensuring timely alerting to problems. By minimizing person-hours wasted overseeing different dashboards and interfaces, providers can spend time doing what they do best, providing direct service and support.
Part of meeting the new remote workforce’s needs in 2021 is an increased use of SaaS solutions. MSPs often bring on these solutions to deliver more efficient service by providing ticketing, remote access, support communication, and system monitoring. These systems can make MSPs more efficient but also serve as targets for bad actors due to the value of the data they store or have access to in their storage.
It is vitally important for those providing SaaS solutions to their customers to ensure that best practices in coding and implementation have been undertaken. Follow hardening guides such as those offered by CIS for hosting in the cloud. Ensure that code has been appropriately vetted with DAST and SAST scanning of code repositories to catch dangerous practices such as those outlined in the OWASP Top 10. Security of the cloud ecosystem is greatly enhanced by remediating these findings while they are in development rather than after they are published.
VPNs were initially part of the adaptation to the shift to remote work. While this technology is functional, it can also be choke point when it comes to providing employees access. In many organizations, the bandwidth for these devices was limited to match the needs of the time, and the hardware and licensing limited how many users could be directly connected to the internal network. On top of these challenges, it served as a potential security hole if remote workers’ systems or accounts got compromised.
Businesses have recognized this issue and will be moving to solutions that better secure access without serving as a bottleneck. One of these solutions will utilize modified VPNs that specifically limit what resources remote users can connect to. By doing this, they are minimizing the scope of a threat if their system is compromised.
Other organizations will eliminate the use of VPNs and move to a zero-trust architecture. This architecture uses identity checks, time-limited access, improved monitoring, and approvals to manage access to privileged assets. This shift will take time but will also significantly impact how MSPs oversee the entire access model for an organization.
The MSPs’ goal is to provide optimal service to the customer while keeping costs as low as possible. 2020 made it extremely difficult to deliver on this. The shift to remote work came with an urgent need to provide hardware, software, and services to enable off-site work rapidly. These requests often overshadowed all other anticipated projects and undertakings that had been planned for the year.
By planning for the new trends of 2021, MSPs can take the initiative and optimize their resources to deliver with these changes in mind. If done well, the transition can be smooth, allowing both businesses and the MSPs that support them to return to business as usual (or, as the case may be, to the new usual).