Top Tips for MSPs: Protecting Customers from Phishing and Ransomware

August 12, 2021

Top Tips for MSPs: Protecting Customers from Phishing and Ransomware

By Rotem Shemesh

As small and medium businesses (SMBs) move to remote work environments, their tools for collaboration, such as Microsoft 365, OneDrive, Teams, and Zoom, create openings in their networks for increased cyberthreats. This switch has Cybercriminals seeing SMBs as valid targets that are much easier to infiltrate than larger organizations.

In this year alone, 43% of cyber attacks target small businesses. And, with rising ransomware and phishing attacks becoming significant threats for SMBs, ransomware becoming the number one malware threat, as reported by 70% of MSPs, the thoughts around cybersecurity risk grow with 66% of SMBs reporting that they are concerned or extremely concerned.

How do MSPs help SMBs stay protected from threats?

While cybersecurity is a broad term and requires particular expertise, MSPs can help their customers protect their assets with a few simple steps. First, when it comes to security, we recommend starting from where it hurts the most - email. With 94% of malware delivered by email, MSPs should ensure their customers have an advanced email protection layer to protect against phishing and ransomware threats.

How to do that? As a first step, MSPs can check their customers’ current email vulnerabilities and allow visibility to critical security gaps. Then the next step would be to help bridge these gaps.

Assess the current security posture

Cyberthreats are constantly evolving (on a daily or even hourly basis) in order to bypass security solutions. With email being the primary attack vector for such threats, it’s important to test your customers’ email security and better understand their current gaps. It’s recommended to do this regularly to accurately assess what’s going on. And even more crucial to do it before making any decision related to securing the customer.

While pentesting was the common practice in the past, there are now continuous Breach and Attack Simulations (BAS) tools that allow assessing vulnerabilities in the background. Some of them are provided free of charge or offer a free trial, and many of them are quite easy to use. With minimal investment, you can know your customer’s real exposure to cyberthreats. Here is a list of BAS tools to start from.

Protect all collaboration platforms

The most burning need for most SMBs is protecting their email. We believe all organizations should use an Advanced Threat Protection solution for email (as, unfortunately, Microsoft Defender/Office ATP is insufficient when it comes to advanced threats). In addition to email, the risk of cyberthreats being delivered and spread via other collaboration tools is constantly growing. Ideally, you want to use a security solution that protects different channels but is managed from one place. This will ensure your SMB is protected while reducing overhead and costs on your end.

Considering that many SMBs use Microsoft 365 or G-Suite for all their collaboration needs or might be using additional tools such as Zoom, Slack, or Dropbox, it’s relatively easy to find ONE security solution that covers ALL these tools. This will allow your team to manage the security of all customers and all their collaboration channels from one dashboard in a frictionless manner.

Minimise your team’s overhead

Providing your customers with effective cybersecurity doesn’t have to involve additional overhead. Just like you should select a security solution that helps you secure various collaboration tools at once, you should also choose a solution that makes it easier to manage many customers from one place. Selecting the right product allows you to quickly gather insights and easily take action across the different customers you manage, can save your team many hours, increase productivity, and make your business more competitive.

Being cautious of your team’s time, you should also check the ease of deployment and required maintenance before committing to a specific solution. Assuming that you’re planning to deploy the same security solution among many of your customers, you want to make sure the process is quick and doesn’t require any configuration or changes. It’s best to avoid products that require periodic maintenance or updates. There is just no reason to waste your team’s time on such activities.

Try before you buy

Effective protection does not necessarily mean heavy commitment. In the world of cloud solutions, you can try several products before you engage with one. There are plenty of security tools that offer free trials, so you can explore all options to ensure a good fit and only then make a commitment. For Microsoft 365 clients, the Azure Marketplace is an excellent place to start from. You can search for Advanced Email Protection, OneDrive Protection, Teams Security, and various other solutions ready to install. 

For more cybersecurity resources from Datto, please visit here.

Relevant Articles

Subscribe to the Blog