Many organisations currently outsource their information technology services to a Managed Service Provider (MSP), with the uptake of organisations engaging an MSP increasing significantly over time.
No longer are organisations able to effectively manage their technology infrastructures in-house due to insufficient resources, increasing costs and persistent security complexities.
MSPs provide a sense of relief for organisations, as they can now exercise greater control over their IT cost spend and may reduce the risk of security incidents arising. By providing a remote service with skilled employees, MSPs can fill the void of an organisation’s insufficient security practices such as performing the necessary patches on their applications and operating systems.
Organisations may have the view that when they have successfully outsourced all their information technology services to an MSP, they no longer need to be concerned about cyber security. However, this is certainly not the case. Managed Service Providers are a major target for malicious attackers as they have access to several clients and their systems. In the last two years, there have been multiple attacks directed at MSPs by the APT10 Group and most recently, Gold Southfield with their Sodinokibi ransomware attack.
So how can you ensure your Managed Service Provider is secure?
The Australian Cyber Security Centre (ACSC) published a guide in December 2018 which recommends the steps an organisation should take to manage their security when engaging a Managed Service Provider.
These steps include:
- Including security within the contract and setting cyber security expectations upfront
- Controlling the MSP’s access to your network, clearly defining and reviewing the boundaries
- Mitigating the impact of stolen or abused credentials by implementing least privilege administration and enabling multi-factor authentication (MFA) for remote access
- Ensuring visibility of MSP activities on your network by implementing logging and monitoring
- Ensuring your own network is secure by implementing a trusted cyber security standard.
Whether you already utilise an MSP or are thinking of engaging one, it is critical to ask questions.
Understand what their approach to security is, what recognised security certifications they have and how your organisation will be protected from cyber-attacks.
It is the shared responsibility of both the organisation and the MSP to ensure that they are implementing security best practice procedures, from the training and security awareness of employees through to appropriately securing all endpoints.
Do you have a question about the security practices of your MSP, or thinking about engaging an MSP? Contact Darren Booth for further information.