April 24, 2020
Fireside Chat: Work From Home Security
Recently, we held an interactive discussion with our partners and the larger MSP community to discuss how they can enable businesses to securely work from home.
We have seen a shift in the tactics used by cybercriminals to lure victims in relation to the global health crisis such as phishing emails impersonating WHO, CDC, and local governments preying on peoples’ desire for more information. These threats range from zoombombing to a massive increase in malware attacks.
Our conversation included practical, actionable advice on how MSPs can protect clients against these threats, including:
- Secure Home Networks: Companies should think of employees’ home network as an extension of their business network. According to a new research, home office networks are 3.5 times more likely than corporate networks to be infected by malware. Don’t wait any longer to ensure your techs and employees have the appropriate and safe assets to do their jobs effectively.
- Do Not Skip Patching!: The latest Microsoft update patched for 113 vulnerabilities across 11 products, including three zero-day bugs that were being actively exploited in the wild. In other words, now is not the time to take your foot off the patching pedal. The more you can keep workstations secure and up to date, the better off you will be.
- Work to Restore your Steady State Operating Capabilities Quickly and Safely: You have a set of controls that keep you and your SMB customers safe on a daily basis. When you quickly shifted to remote work, some of that visibility and security may have been degraded. It’s imperative that you restore these capabilities now, with RMM, VPNs, and home Internet IP assessments, for example.
- Cybersecurity Training: Datto regularly conducts mock phishing simulations to help educate our employees and ensure they understand what to watch out for and can avoid phishing tactics. This has proved successful for us, and we have seen an increase in vigilance and reporting from our employees regarding scams related to the current health crisis. MSPs can and should implement cybersecurity training among their clients.
- Enable MFA: Now is the time to enable MFA if you haven’t already. Waiting til tomorrow is too late. Be careful about MSP techs using credentials from untrusted devices or their family’s devices. IT documentation, any place you store credentials. It’s an unnecessary operating risk to proceed without MFA.
Check out the recording of our interactive discussion for more information and some great Q&A with our attendees. Be on the lookout for an upcoming podcast where we dive into more details around this timely topic! In a recent blog, I provided detailed information around cybersecurity best practices for working remotely including some common tactics, minimum standards for securely working from home, guidance, and things to avoid.
Datto is Here to Help
More than ever, SMBs will turn to their MSPs for guidance to help them navigate these uncertain times and avoid evolving threats. Throughout this time, Datto is here to help keep the MSP community informed, connected, and strong. Head to our Help Center for the latest resources and information.