Managing your Managed Service Provider (MSP); How to stay secure while outsourcing your IT!
Managing your IT can be a daunting task at the best of times, especially now more than ever with the global shift to remote working. Employees often have more than one device that they use for work, and the number of systems and applications used daily will only continue to grow. Increasingly, companies are turning to external managed service providers to help them maintain and administer their IT resources, especially where having in-house management would be uneconomical. This may be in the form of managed IT support, managed services for AWS or any managed services support model. Of course, in order to do their job, managed service providers will need to be given privileged access to systems and data - which is necessary from a technical standpoint, but does mean that companies need to consider the increase in risk to their systems that comes with that extra access.
While we went over the types of insider threats in a previous article, read on for some more specific tips about maintaining the confidentiality, integrity and availability of your data while employing an external managed service provider!
Be careful of how you grant access to any external party, even more so for one who by nature will require high level access such as their own dedicated administrator account. Accidental or intentional misuse of this access could lead to that big file marked
CONFIDENTIAL being leaked, or your social media accounts suddenly promoting your IT managed service provider.
The higher the number of people with privileged access to your systems and data, the higher the chance that one of them will slip up and create a cybersecurity event. You should make sure that only the people that need access are granted it, and that your MSP service manages access on their end as well.
In the event that the relationship with your managed service provider goes bad or your contract simply ends, their access to your systems and data doesn’t self-terminate. You should make sure that in the event that you want to remove access, you’re able to and that you hold the keys to your kingdom.
Managed IT support services will usually be carried out over the internet, by remotely logging in to your systems. This means that by definition, there will be a digital gap in your perimeter, which should be configured to only allow access to those who require that access as well as monitored for any suspicious activity.
Recording and reviewing details like credentials, login and logout times, documents accessed and resources used is crucial to making sure that whoever you’ve given access to your system to execute IT managed services is doing what they’re supposed to, and not making changes that you didn’t authorise or know about.
Along with tracking users, you should also be keeping an eye on your infrastructure and data. Having a record of what changes were made to your IP is crucial to ensuring that the integrity of your data is not inadvertently compromised by managed IT support and to investigating any potential cybersecurity events.
If you’ve enlisted an external managed service provider to handle your IT infrastructure, they will also be your first point of contact when it comes to resolving any cybersecurity concerns. As such, you should check what their response would be to situations like ransomware or account takeovers, as well as what their Business Continuity and Disaster Recovery plans are.
Similarly, in any situation, how will you be able to reach your point of contact? What is their response time? This may depend on your managed services support model and should be outlined in the base service level agreement with your MSP.
As mentioned before, you should always be the one with the keys to the kingdom. In the event of any issues, there is always the chance that an over privileged user could lock you out of your own systems and demand a higher fee for example. Managed service providers for IT may also not deactivate their accounts upon the end of the contract.
Managed Service Providers can be an immense help, but without a proper framework or guidelines in place they can also become a liability. Ensuring that your IT is administered in a safe and secure manner is vital to keeping your business going no matter the situation. In addition, you can also bring on the services of a Managed Security Service Provider to help you with creating a secure environment and maintaining the confidentiality, integrity and availability of your data. We at Meta Defence Labs can help you with this process, as well as with a wide array of cybersecurity services to suit your needs. Get in touch today!
Author: Kavan Ranaraja