Managed services for email security: Protect your customers and grow ...

Download PDF
1 downloads 232 Views 287KB Size Report
Comment
setup are optimal, attacks will be minimized and recovery needs will be rare. .... Intermedia's backup solution enables
Managed services for email security: Protect your customers and grow your revenue An exploration of the managed services that can be successfully paired with Intermedia’s secure email solutions.

As the desire for heightened email security continues to be a primary focus for businesses in the face of ever-increasing cyberattacks, MSPs have an opportunity to enhance the secure email solutions they provide with managed services designed to help their clients foster security-conscious workplaces. This guide presents a series of approaches that can be used by MSPs to provide customers with stronger security while also generating greater revenue and increased customer loyalty around managed security services.

Start reselling today! 888.299.2522 | [email protected] | intermedia.net/resellers

Cyberattacks are on the rise, and MSPs can’t be complacent. After all, when your client falls victim to a phishing email or a ransomware attack, their first action is to call you. And in all likelihood, your client is going to demand that you solve the issue quickly and at no charge if you want to keep their business. They may even blame you for the security breach, even if you aren’t really at fault. Working with your clients up front to properly train their employees and set up customizable Intermedia security services helps you in a number of ways. This includes reducing the likelihood that your clients will fall victim to an attack, offering you the ability to generate greater revenue by bundling managed services into the IT solution package you are providing your clients, and increasing customer loyalty by demonstrating your expertise and commitment to their success. We’ve segmented these managed services into three groups: employee training, account setup, and attack recovery. While account setup services are likely to happen only at the beginning for a client relationship, or when clients first contract for secure email services, employee training services can be performed on a recurring basis. Recovery services, of course, would only be required when a client has experienced an attack. Ideally, if employee training and account setup are optimal, attacks will be minimized and recovery needs will be rare.

Employee training Phishing attacks via email are still one of the primary ways hackers are getting into your clients’ systems, so the best way to help them is by assisting with their email hygiene. Offering your clients training courses around how to recognize and act during phishing attacks is a great way to raise security awareness.

“HACKTOBER” One type of employee education program we find particularly successful is “Hacktober.” Originally held in the month of October during National Cyber Security Awareness Month, “Hacktober” is an effort to build awareness around potential security threats that average workers might experience. The goal is to help employees learn about the ways cyber threats target them, showing how to spot threats with the proper responses in a consequence-free environment, all while making learning fun and engaging. The project incorporates integral lessons employees can use to prevent future breaches. You can set up Hacktober yourself or work with 3rd party services like PhishMe. You’ll want to create a program that you can easily replicate and “package” as part of your service offering. It doesn’t have to be a full month; even a week-long test can be valuable to your clients. Decide with your client whether they want to inform their employees ahead of time that Hacktober is coming and that they will see a range of simulated security threats using disguises that criminals deploy to trick users. If the decision is made to alert employees in advance, make it clear that this is not a shame game, but rather a “spot the hack” game designed to be fun, interesting, and educational. 2

Provide employees with several rules they must follow: •

Employees are not allowed to hack their colleagues



Employees should report spotted hacks to you (or a designated member of your client’s staff) as soon as possible



If an employee identifies a hack, they receive a prize

You’ll want to set up the program to target employees through email phishing, rogue wireless access points, social engineering on individual users, mystery USB keys, and tailgating for physical security penetration testing. While executing the attacks, it’s important to gather data on who clicks fake links and who enters in credentials to fake fields to get a good understanding of who is vulnerable to what kinds of attacks. After the testing period is over, notify users and explain that the testing wasn’t simply to protect the company, but to arm them with the knowledge they need to stay safe online, both at the office and at home. Hacktober shouldn’t be restricted to one month per year. You’ll want to create a regular cadence of testing as part of your service offering to your clients. We recommend that this method of training happen at least twice a year, but quarterly would be even better.

GENERAL SECURITY TRAINING Ab

Another key area where your expertise can benefit your clients is in more generalized employee security training. Work with your client to create a comprehensive security policy that follows the latest trends. This includes policies on strong password practices, application usage, and a list of approved websites, services, software, and applications that employees can use. Also, you’ll want to recommend that your client require employees to use company-provided logins for these applications instead of personal logins. Train employees on the security risks of using USB sticks, personal cloud storage, and other consumer-grade tools in the workplace. Help them understand the security policies established by their employer, the importance of choosing strong passwords, and not engaging in risky behaviors like reusing passwords for multiple applications. Encourage your clients to provide a single sign-on (SSO) solution to users for added login security, like Intermedia AppID®.

Account setup There are many services that you can add on to account setup – both at the account level and the individual user level. These can be one-off services that happen at the beginning of the client relationship as well as recurring services that you perform at regular intervals as part of “account help” or “maintenance” visits.

USER ACCESS LEVELS Help your client set up their systems with the appropriate access levels for their employees. When provisioning users for access and services, help your client determine each user’s role and only give that person the access they need to perform their job function. The goal, of course, is to protect data and systems, and therefore it’s best to err on the side of less access, rather than more. 3

You’ll likely find that many of your clients have taken a lax attitude toward access levels and IT record keeping. You’ll want to help educate them on the importance of recording who has access to what applications and services, as well as who has the capability to perform high-risk activities, such as financial transactions, money transfers, changes to payroll, etc. Those individuals will be the ones most likely to experience targeted phishing attacks and may need extra training in that area.

EMAIL WHITE LISTS http://link.com

Many businesses have a tendency to create overly permissive white lists. These lists bypass spam checks, which puts the business at a greater risk for phishing and spoofing. We recommend that businesses only have IP addresses in their white list, never domains. White list review and creation is a relatively simple yet valuable service to offer your clients when setting up their email or reviewing their existing email practices.

DATA LOSS PREVENTION (DLP) POLICIES A common exfiltration point occurs when users send email attachments. This can be an especially big concern for businesses in regulated industries, such as healthcare or financial services. With the Intermedia Email Protection solution, you have the opportunity to offer assistance in setting up Data Loss Prevention (DLP) policies for these clients. A robust tool, Intermedia Email Protection addresses DLP on many fronts, including the ability to set certain indicators that flag whether an outbound message contains sensitive information, such as patient health information or credit card numbers.

ENCRYPTION POLICIES For those clients who are especially concerned with email security or are required to protect email contents by governmental regulations like HIPAA or FINRA, you have an opportunity to assist with setting up email encryption policies. Email Encryption from Intermedia and other similar services provide companies with the ability to create custom policies to fit their unique business needs. For example, you can provide managed services around initial policy setup, and then build a review task for these policies into your scheduled account maintenance plans.

EMAIL AUTHENTICATION Email authentication solutions, such as SPF, DKIM, and DMARC, are designed to make it difficult for fraudsters to spoof business email domains and provide assurance that a person sending an email owns that domain. The benefits are twofold: authentication improves the likelihood of legitimate mail reaching the intended recipient rather than getting caught in spam filters, and it reduces the chances of your clients’ domain being spoofed and used to deliver spam or in phishing attacks. Email authentication protects your clients’ email domain reputation and improves deliverability of their mail. That’s why we believe that helping clients set up email authentication will quickly become more than just a ‘best practice’ but a necessary process to clear the gatekeeping practices of most email services providers.

4

While email authentication plays an important role in terms of outbound email, as we just explained, it also plays a crucial role in protecting your clients’ inboxes from phishing emails. You’ll want to help clients set up any anti-phishing checks within their email authentication solution. Intermedia Email Protection scans incoming emails and applies flags/markers in the subject tag like “POSSIBLE PHISHING” to help alert users of potential phishing emails. Of course, the effectiveness of these checks is greatly increased when coupled with employee training on how to react when they see those flags.

TWO-FACTOR AUTHENTICATION (2FA) Another way you can help clients secure their data is by setting up two-factor authentication for them wherever it can be enabled. This goes along with our recommendation of using a single-signon tool like Intermedia AppID® to enable employees to embrace strong password security. 2FA can be set up so that users have to authenticate when they log in to their SSO service.

Recovery services When your clients do have a problem like a ransomware attack or a virus, you’ll likely be the first person they call. You’ll want to be ready with some recovery services to get them back up and running quickly. Beyond isolating infected machines, you’ll want to help clients get access to their data so they can continue with business while you make repairs.

BUSINESS CONTINUITY PLANNING One of the key ways you can assist your clients in recovering from cyber attacks and other downtime issues is to help them develop a comprehensive business continuity plan. Consider all of their services: email, files, office phones, etc. when working with them on this plan. This planning exercise can also open the door to helping your clients move their office phone service to the cloud if they haven’t done so already. Along with email, phone service is a vital communications tool for businesses, and natural disasters, power outages, and other downtime events can negatively impact landline and premises-based PBX services. You can download our business continuity planning guide for more information at www.intermedia.net/phone-continuity.

RANSOMWARE RECOVERY If your clients are using Intermedia’s backup and file sharing application, you can easily help them recovery access to their data after a ransomware attack. Unlike other backup solutions, Intermedia’s backup solution enables point-in-time data recovery in a matter of minutes. You can learn more about how this works at www.intermedia.net/ransomware.

Given the almost daily advances in cybercrime, providing your clients with a comprehensive security strategy is a must. Beyond the business applications you choose to sell, professional services like end-user training and security policy development can differentiate you from your competition, while instilling trust and loyalty in your client base and providing you with additional attractive revenue streams. The suggestions offered in this guide are just the beginning. As you analyze your place in the local market and the types of clients you prefer to serve, you’ll find other opportunities for adding value. Security applications like Intermedia Email Protection, Email Encryption, Intermedia’s backup and file sharing application and AppID, can provide a powerful foundation for a strong security services portfolio. Learn more about how Intermedia helps partners succeed through its attractive partner programs, products and services, and consultative security expertise, by contacting us at [email protected] or 888-299-2522.

Start reselling today! 888.299.2522 | [email protected] | intermedia.net/resellers