Most small-to-midsize businesses and organizations utilize a local MSP for network and hardware support. The MSP's expertise is focused on IT infrastructure, and most do an excellent job. MSPs provide critical services such as help desk services, password resets, server and network updates, and more as their clients' technical environments and requirements constantly change.
It's quite easy to find out if you are getting the proper level of protection through your MSP. Start by asking them these three questions. And, depending on their answers, you may want to give us a call for a free consultation. Keep good notes and we'll provide an independent view on what you can/should do to proceed. You don't want to wait until after you're hacked to ask your MSP if you're protected.
1) How often do you run vulnerability scans on my network?
Why? Vulnerability scanning is a procedure that uses specialized software that accesses vast databases that catalog all known possible exploits and look for vulnerabilities to those exploits within your network, such as dangerous software and operating system configurations, open ports, software that has not been updated, and many other issues that could allow hackers entry to your system. Best practices dictate scans weekly so that remediations can be performed between scans. If the answer to this question is, "We do not do vulnerability scans, or any scans," you are at risk for cyber threats.
2) What safeguards are in place to protect me from well-meaning employees who accidentally expose their credentials or other protected information in a phishing or social engineering attack?
Why? Most small and mid-sized companies believe that endpoint protection software is all they need to keep malicious emails out of their system. The problem is that not all phishing emails carry malicious payloads. Many hackers send people to "look-alike" websites to collect login credentials, which circumvents any protections you may have in place. They can then use those credentials to log in as users and invade your network. Over 85% of all successful cyber-attacks happen through poor employee computer habits. If your MSP responds with one or more of the following:
We do not monitor your network for misused credentials
We do not monitor for the use of legitimate credentials from unexpected locations (China, Russia, etc.)
We do not look for unexpected employee behavior like large downloads of protected information
We have not implemented, nor do we have a cyber-training program for your employees,
Your company is at risk for cyber threats.
3) Is the SOC (Security Operations Center) that monitors my network operational 24x7?
Why? Having a group of specialists monitoring your networks for any malicious activity is vital. They are fed by software that collects network information from any hardware that can provide data. When the SOC finds issues, they immediately contact your IT department (usually through tickets – phone contact if it is a severe issue) to warn you of what is happening. If your MSP does not have a 24x7 SOC monitoring your network, your company is at risk for cyber threats.
While many other questions should be asked to ensure you're protected, we advise you start with these. If you are unsatisfied with the answers to any of these questions, we do not recommend removing your current MSP; we recommend adding a vital layer of cybersecurity to your operations with the help of an MSSP.
Integrated Cyber would be happy to schedule a no-cost consultation to discuss the cyber risks to your company and the options available to you to start lowering those risks.