Not so long ago, a bank was considered high tech if it had a Mosler safe and a Pinkerton security guard. These days, we expect a burglar should have to rappel down from the ceiling through a web of laser beams and sonic sensors. Likewise, many managed service providers (MSPs) rely on out-of-date tools to protect their clients and even their own systems.
Your MSP Might Not be Secure
Take, for example, a very recent incident when an IT provider was hacked, exposing all their clients’ data to theft and sale on the Dark Web. By cracking this single vault, the hacker gained access to 50+ clients and could deploy ransomware to thousands of endpoints.
In this case, the MSP had neglected to implement multifactor authentication for their own system, even while recommending it for their clients. Sadly, when the quarter-million-dollar breach occurred, the company also had a quote for a cyber insurance policy sitting in their inbox, just waiting to be signed.
The value of personal data has increased over the last two decades, taking with it the imperative to safeguard personal data and avoid the cost of not taking adequate measures.
While many business owners are aware of the risks, they often entrust their IT security to a managed services provider without knowing if they are a secure option. Many are neither informed nor equipped to address all the evolving landscape of security risks and threats to your network. And considering that an MSP will have admin access to your systems and copies of some of your most sensitive data, the fact that many aren’t protecting their own networks becomes your liability.
MSPs Who Don’t Protect Their Systems Are Derelict in Their Most Important Duty to Clients
Yes, that’s a bold statement. It reflects the importance we place on keeping our clients secure. We employ next generation security tools, like Dark Web ID which actively deploys intelligent search patterns to comb the recesses of the Dark Web and alerts your MSP if any emails and passwords have been compromised. This allows the MSP to change passwords and credentials on your behalf before a breach occurs. Dark Web ID is an example of just one of the many tools and techniques that your MSP should deploy for your protection and their own.
You should also check your MSP’s security certifications. We’re a Certified Information Systems Security Professional (CISSP). The CISSP accreditation has stringent requirements and is highly regarded within the technology industry. This certification and expertise is why ID Agent asked VersaTrust founder Danny Owens to speak about new techniques in security and threat detection at a recent panel discussion among MSPs.
Can You Trust Your Managed IT Provider?
You contracted a managed IT services provider so you wouldn’t have to become an IT expert. So, how can you determine if your MSP is up to snuff? Here are 4 questions you need to ask before fully entrusting an MSP to protect you:
- What tools are you using to protect your own network?
- Do your employees all use multifactor authentication?
- When was the last time you performed an inhouse security training?
- Do you actively scan the Dark Web for compromised emails and passwords?
If you’re not 100% reassured by the answers you receive to each of these questions, don’t hesitate to seek a second opinion. After all, you wouldn’t put yourself under the knife of a surgeon who seemed unfamiliar with the latest surgical techniques. Instead, call in a security expert to audit your systems and evaluate the level of protection you are receiving from your MSP.
From industry-leading tools to certifications like the CISSP, at VersaTrust we continually improve security internally and for clients. Your security is our highest priority. Contact us for an honest evaluation of your network. Even if you don’t work with us, you’ll know the status of your security posture and understand the steps you should take to better protect your business.
Call us (817 595-0111) or email us today for a consultation.