PC PORTAL

Experienced. Trusted. Solutions.

Managed Service Providers

By

MSPs: Your Security Vendor Should Integrate with More Than Just Your RMM and PSA

Reading Time: ~2 min.

For many MSPs, integrating their security solution with their remote monitoring and management (RMM) and professional service automation (PSA) platforms is essential for doing business. Together, these platforms help lower the cost of keeping up with each client, ensuring profitable margins for a healthy, growing business.

For true providers of IT services—MSPs that sell services rather than licenses and take a holistic approach to client IT health—RMM and PSA integrations are critical for keeping track of hundreds or even thousands of unique endpoints and automating recurring operations for numerous clients.

Like many of the other features of our security solutions, our RMM and PSA integrations are custom-built with the needs of MSPs in mind. They’re designed to help MSPs create the most efficient, well-oiled versions of their businesses possible so that service is prompt, solutions are effective, and profit is preserved.   

Here’s what you should expect from your RMM and PSA security integrations:

  1. Faster rollouts- One of the core benefits of RMM-assisted deployments, expect rollouts to new endpoints to be fast and hassle-free with well-designed integrations. New endpoints should be easy to set up with protection turned on in just a few clicks.
  2. Simplified management- Efficiency is key to profitability. So a centralized dashboard displaying what’s running, what’s broken and how, infection statuses, endpoints requiring attention, and more helps increase the number of endpoints a single technician can manage, boosting efficiency and, ultimately, profitability. 
  3. The data you need- The best RMM and PSA integrations make it possible to get the data you need to run a successful business. Whether it’s per-client data for calculating a client’s cost to you, information on policy settings for sites and endpoints, or additional reporting delivered to clients to promote peace-of-mind, having access to allof your data empowers decision-making. 

Integrations don’t have to end there

Integrating disparate products can be a laborious, time-intensive process. For that reason, many security vendors are reluctant to coordinate too closely with customers to automate functions unique to their businesses. But it doesn’t have to be that way. 

Advanced plugins and tools allow for complete customization of dashboards, reporting, and data tracking. Each can be customized to track the metrics most useful to the organization. Critical processes, like issuing periodic reports, can be fully automated. This can be extremely beneficial when it comes to communicating with customers. Weekly or monthly reports demonstrate that, despite a lack of any major security incidents, it wasn’t for lack of trying on the part of cybercriminals. 

More than simply allowing different business platforms to talk to one another, integration plugins can be used for running commands and performing actions. This includes creating, modifying, or deleting licenses, removing duplicate endpoints, or quickly creating new console sites. 

Insist on better integrations

So when considering which cybersecurity vendor offers the most for your MSP, consider not only whether the solution allows you to communicate with your RMM and PSA platforms, but also how deeply. Does the vendor have a dedicated integrations team? Do they offer tools for the customization of business-specific reporting? Can essential, recurring business processes be automated?

The answers to the questions above will help you determine how much value RMM and PSA integrations add for your business. In a market where margins can be razor thin and built-in efficiencies can make or break the bottom line, the answers may make all the difference.

The post MSPs: Your Security Vendor Should Integrate with More Than Just Your RMM and PSA appeared first on Webroot Blog.

By

Responding to Risk in an Evolving Threat Landscape

Reading Time: ~3 min.

There’s a reason major industry players have been discussing cybersecurity more and more: the stakes are at an all-time high for virtually every business today. Cybersecurity is not a matter businesses can afford to push off or misunderstand—especially small and medium-sized businesses (SMBs), which have emerged as prime targets for cyberattacks. The risk level for this group in particular has increased exponentially, with 57% of SMBs reporting an increase in attack volume over the past 12 months, and the current reality—while serious—is actually quite straightforward for managed service providers (MSPs):

  • Your SMB clients will be attacked.
  • Basic security will not stop an attack.
  • The MSP will be held accountable.

While MSPs may have historically set up clients with “effective” security measures, the threat landscape is changing and the evolution of risk needs to be properly, and immediately, addressed. This means redefining how your clients think about risk and encouraging them to respond to the significant increase in attack volume with security measures that will actually prove effective in today’s threat environment.

Even if the security tools you’ve been leveraging are 99.99% effective, risk has evolved from minimal to material due simply to the fact that there are far more security events per year than ever before.

Again, the state of cybersecurity today is pretty straightforward: with advanced threats like rapidly evolving and hyper-targeted malware, ransomware, and user-enabled breaches, foundational security tools aren’t enough to keep SMB clients secure. Their data is valuable, and there is real risk of a breach if they remain vulnerable.Additional layers of security need to be added to the equation to provide holistic protection. Otherwise, your opportunity to fulfill the role as your clients’ managed security services providerwill be missed, and your SMB clients could be exposed to existential risk.

Steps for Responding to Heightened Risk as an MSP

Step 1: Understand Risk

Start by discussing “acceptable risk.” Your client should understand that there will always be some level of risk in today’s cyber landscape. Working together to define a businesses’ acceptable risk, and to determine what it will take to maintain an acceptable risk level, will solidify your partnership. Keep in mind that security needs to be both proactive and reactive in its capabilities for risk levels to remain in check.

Step 2: Establish Your Security Strategy

Once you’ve identified where the gaps in your client’s protection lie, map them to the type of security services that will keep those risks constantly managed. Providing regular visibility into security gaps, offering cybersecurity training,and leveraging more advanced and comprehensive security tools will ultimately get the client to their desired state of protection—and that should be clearly communicated upfront.

Step 3: Prepare for the Worst

At this point, it’s not a question of ifSMBs will experience a cyberattack, but when. That’s why it’s important to establish ongoing, communicative relationships with all clients. Assure clients that your security services will improve their risk level over time, and that you will maintain acceptable risk levels by consistently identifying, prioritizing, and mitigating gaps in coverage. This essentially justifies additional costs and opens you to upsell opportunities over the course of your relationship.

Step 4: Live up to Your Promises Through People, Processes, and Technology

Keeping your security solutions well-defined and client communication clear will help validate your offering. Through a combination of advanced software and services, you can build a framework that maps to your clients’ specific security needs so you’re providing the technologies that are now essential for securing their business from modern attacks.

Once you understand how to effectively respond to new and shifting risks, you’ll be in the best possible position to keep your clients secure and avoid potentially debilitating breaches.

The post Responding to Risk in an Evolving Threat Landscape appeared first on Webroot Blog.

By

6 Steps to Build an Incident Response Plan

Reading Time: ~4 min.

According to the Identity Theft Research Center, 2017 saw 1,579 data breaches—a record high, and an almost 45 percent increase from the previous year. Like many IT service providers, you’re probably getting desensitized to statistics like this. But you still have to face facts: organizations will experience a security incident sooner or later. What’s important is that you are prepared so that the impact doesn’t harm your customers or disrupt their business.

Although, there’s a new element that organizations—both large and small—have to worry about: the “what.” What will happen when I get hacked? What information will be stolen or exposed? What will the consequences look like?

While definitive answers to these questions are tough to pin down, the best way to survive a data breach is to preemptively build and implement an incident response plan. An incident response plan is a detailed document that helps organizations respond to and recover from potential—and, in some cases, inevitable—security incidents. As small- and medium-sized businesses turn to managed services providers (MSPs) like you for protection and guidance, use these six steps to build a solid incident response plan to ensure your clients can handle a breach quickly, efficiently, and with minimal damage.

Step 1: Prepare

The first phase of building an incident response plan is to define, analyze, identify, and prepare. How will your client define a security incident? For example, is an attempted attack an incident, or does the attacker need to be successful to warrant response? Next, analyze the company’s IT environment and determine which system components, services, and applications are the most critical to maintaining operations in the event of the incident you’ve defined. Similarly, identify what essential data will need to be protected in the event of an incident. What data exists and where is it stored? What’s its value, both to the business and to a potential intruder? When you understand the various layers and nuances of importance to your client’s IT systems, you will be better suited to prepare a templatized response plan so that data can be quickly recovered.

Treat the preparation phase as a risk assessment. Be realistic about the potential weak points within the client’s systems; any component that has the potential for failure needs to be addressed. By performing this assessment early on, you’ll ensure these systems are maintained and protected, and be able to allocate the necessary resources for response, both staff and equipment—which brings us to our next step.

Step 2: Build a Response Team

Now it’s time to assemble a response team—a group of specialists within your and/or your clients’ business. This team comprises the key people who will work to mitigate the immediate issues concerning a data breach, protecting the elements you’ve identified in step one, and responding to any consequences that spiral out of such an incident.

As an MSP, one of your key functions will sit between the technical aspects of incident resolution and communication between other partners. In an effort to be the virtual CISO (vCISO) for your clients’ businesses, you’ll likely play the role of Incident Response Manager who will oversee and coordinate the response from a technical and procedural perspective.

Pro Tip: For a list of internal and external members needed on a client’s incident response team, check out this in-depth guide.

Step 3: Outline Response Requirements and Resolution Times

From the team you assembled in step two, each member will play a role in detecting, responding, mitigating damage, and resolving the incident within a set time frame. These response and resolution times may vary depending on the type of incident and its level of severity. Regardless, you’ll want to establish these time frames up front to ensure everyone is on the same page.

Ask your clients: “What will we need to contain a breach in the short term and long term? How long can you afford to be out of commission?” The answers to these questions will help you outline the specific requirements and time frame required to respond to and resolve a security incident.

If you want to take this a step further, you can create quick response guides that outline the team’s required actions and associated response times. Document what steps need to be taken to correct the damage and to restore your clients’ systems to full operation in a timely manner. If you choose to provide these guides, we suggest printing them out for your clients in case of a complete network or systems failure.

Step 4: Establish a Disaster Recovery Strategy

When all else fails, you need a plan for disaster recovery. This is the process of restoring and returning affected systems, devices, and data back onto your client’s business environment.

A reliable backup and disaster recovery (BDR) solution can help maximize your clients’ chances of surviving a breach by enabling frequent backups and recovery processes to mitigate data loss and future damage. Planning for disaster recovery in an incident response plan can ensure a quick and optimal recovery point, while allowing you to troubleshoot issues and prevent them from occurring again. Not every security incident will lead to a disaster recovery scenario, but it’s certainly a good idea to have a BDR solution in place if it’s needed.

Step 5: Run a Fire Drill

Once you’ve completed these first four steps of building an incident response plan, it’s vital that you test it. Put your team through a practice “fire drill.” When your drill (or incident) kicks off, your communications tree should go into effect, starting with notifying the PR, legal, executive leadership, and other teams that there is an incident in play. As it progresses, the incident response manager will make periodic reports to the entire group of stakeholders to establish how you will notify your customers, regulators, partners, and law enforcement, if necessary. Remember that, depending on the client’s industry, notifying the authorities and/or forensics activities may be a legal requirement. It’s important that the response team takes this seriously, because it will help you identify what works and which areas need improvement to optimize your plan for a real scenario.

Step 6: Plan for Debriefing

Lastly, you should come full circle with a debriefing. During a real security incident, this step should focus on dealing with the aftermath and identifying areas for continuous improvement. Take is this opportunity for your team to tackle items such as filling out an incident report, completing a gap analysis with the full team,  and keeping tabs on post-incident activity.

No company wants to go through a data breach, but it’s essential to plan for one. With these six steps, you and your clients will be well-equipped to face disaster, handle it when it happens, and learn all that you can to adapt for the future.

The post 6 Steps to Build an Incident Response Plan appeared first on Webroot Blog.

By

DNS Protection Gets Major Updates

Reading Time: ~1 min.

Our most recent release of the DNS Protection agent provided customers with added features and enhancements designed to improve the overall product experience and its capabilities delivered to end users. We revamped the network detection functionality to improve accuracy and speed for roaming and off-site clients who frequently change networks.

We also addressed a variety of small bug fixes and performance improvements, such as SSL certification installation on Firefox Quantum and improvements to the agent update process.

VPN & TCP support

The Webroot DNS Protection agent now supports Juno Pulse Secure v 3.5 and Private Internet Access (client version 7.5) VPN types. This new feature enables roaming clients to access intranet assets and ensure clients benefit from DNS Protection while using a VPN.

Additionally, we added TCP Traffic support filtering. While the majority of DNS traffic is handled via UDP, certain domains and applications only use TCP. This update allows the agent to filter both UDP and TCP traffic.

Policy Configuration

We have also enhanced policy configuration with more granular policy control.  Custom policy configurations can now be applied to groups, sites, individual devices or network IP.  We’re also working to improve internet usage visibility, and are excited to make our Top Active Report available for .csv export so it can be easily integrated into other reporting tools in use.

Finally, we’re updating the GSM console to give users the availability to initiate trials and/or purchase products directly within the console.

The post DNS Protection Gets Major Updates appeared first on Webroot Blog.