Data breaches have continued to climb in the managed services vertical year on year. Most recently a Canadian MSP revealed a data breach however it would appear the ransomware attack itself failed
The People That Protect You Might Be The Problem
In many cases, as clients review who to choose as a managed services provider, the buying criteria can be dramatically skewed towards price and not the process the managed services provider uses to protect not just your data but their own. Price often is the winner and whether you like it or not the truth is you get what you pay for. Often the managed services provider you are selecting to protect your organization has little process and due diligence around protecting their own data much less yours!
The Situation Is So Bad The Government Has Stepped In
Depending on what side of the political fence you sit on, the current situation of “proactive” security focussed MSP’s or Managed Services Provider is so bad the government has had to step in with both legal and advisory action. We have seen this recently in the State of Louisiana now requiring managed services providers who complete work for public bodies now have to register with the State.
In an industry without regulation where you can simply enter the industry with a credit card seemingly regulation is coming in the near future.
The Problem Of Cheap
With so many providers flooding the market with “proactive” managed service plans from $35 per user the difference between a true managed services provider and a pretend one can be hard for someone to uncover.
“Price is what you pay- Value is what you get.” – Warren Buffett
If you pay less you will receive less, in the sales process of talking to a managed services provider and they are cheaper then they are doing less. Saving money on your managed services can often come at the cost of a data breach for your organization.
The Wipro Breach
In 2019 the company reported a data breach due to some credentials being phished from its employees. Once inside the criminals used Wipro’s tools to launch attacks from their own client’s systems. Several of their own clients noticed unusual activity traced back to Wipro. The criminals installed a perfectly legitimate tool called Screenconnect to remotely connect to client’s systems.
But Wait There Is More
Okay, shameless Billy Mays reference but these challenges impact multiple MSP’s and the threat continues to be worse. Armor identified six managed services providers back in 2019 all involved in similar cybersecurity or ransomware style incidents.
‘There is nothing made, sold, or done that can’t be made, sold, or done cheaper.
‘If price is your only concern, please do business with my competitor.’ – unknown
Your Managed Services Provider Is Next
According to industry numbers, in 2019 Beazley an insurance carrier well known in the cyber insurance vertical reported a 25% increase in Ransomware attacks on MSP’s or managed services providers. They gave the following advice-
- Complete data security due diligence on the MSP
- Confirm that the MSP has cyber liability insurance
- Negotiate and require the MSP to sign a contract that includes, for instance, (this list is not exhaustive, but may be helpful)
- Prompt notification of any security incident that affects the confidentiality, security or integrity of your data and cooperation and coordination;
- Indemnification and reimbursement for all costs associated with a security incident or data breach, including first- and third-party claims;
- No limitation of liability for a security incident, ransomware attack or data breach;
- Encryption of sensitive data both at rest and in transit;
- Compliance with all applicable state and federal laws relating to data privacy and security; and
- Termination in the event of a security incident or data breach, with provisions for an orderly transition to a new provider.
- Confirm that the MSP has contingency operations and disaster recovery processes in place in the event of a security incident, ransomware attack, or data breach. and that it has tested them
In short, if all you are doing is just buying a price then you will be in for a serious surprise in the future. If you have used the same provider for many years without ever questioning the process they have around security aka “eat your own dog food” then once again your business is just one cybersecurity incident away from a major incident.
Do you need help preparing your technology for the future? Our vCIO team is ready to tackle your challenges. Contact us today to find out what a vCIO can do for your business.