When many MSPs think of security, antivirus (AV) and antimalware (AM) springs to mind first. That duo is certainly a key part of any proper cyber-security arsenal.
Unfortunately, this style of protection is not near enough to defend against today’s data breaches. More of today’s attacks are based on credential cracking. Even more troubling, both MSPs and their clients are at risk.
The 2017 Verizon Data Breach Investigations Report found that 81 percent of data breaches come from some form of credential cracking.
In a recent report Intrusions Affecting Multiple Victims Across Multiple Sectors, The National Cybersecurity and Communications Integration Center (NCCIC), which operates under Homeland Security, noted that it “has become aware of an emerging sophisticated campaign, occurring since at least May 2016, that uses multiple malware implants. According to preliminary analysis, threat actors appear to be leveraging stolen administrative credentials (local and domain) and certificates, along with placing sophisticated malware implants on critical systems.”
These campaigns are not just ongoing, they are getting worse.
The targets are troubling. “Some of the campaign victims have been IT service providers, where credential compromises could potentially be leveraged to access customer environments. Depending on the defensive mitigations in place, the threat actor could possibly gain full access to networks and data in a way that appears legitimate to existing monitoring tools.”
That is the scary part. It is a multiplier effect where an incursion into one service provider turns into compromises of hundreds or more client companies.
A key to these attacks is the use of compromised credentials. “The actors use malware implants to acquire legitimate credentials then leverage those credentials to pivot throughout the local environment. NCCIC is aware of several compromises involving the exploitation of system administrators’ credentials to access trusted domains as well as the malicious use of certificates,” the report said.
Why Security is Not Just About AV and AM Anymore
Credential compromises require special measures to prevent as AV and AM solutions offer no defense. One means of compromise is phishing, which is not generally detected through traditional security protections. Once a user name and password are in hand, the cybercriminal can access everything you can. Think about how serious that is.
Protection and MRR at the Same Time with Strong Authentication
Fortunately, there is a way to protect your MSP infrastructure, your clients’ shops, and make money at the same time. Jim Lippie, general manager, cloud computing at Kaseya explained just how this is done. Lippie, with 10 years of experience in the managed services industry, knows what he is talking about. Lippie was president and CEO of the MSP Thrive Networks for almost eight years before it was acquired by Staples in 2006.
The MSP Opportunity
Every year Kaseya conducts an MSP Global Pricing Survey. In the most recent edition, 30 percent of MSPs said that “Meeting Security Risks” was the top IT problem or service their clients needed. That has been their number one issue for the past three years.
Smart, high-growth MSPs are taking advantage. Today more than 25 percent of U.S.-based MSPs offer identity and access security – with over 20 percent of MSPs in EMEA and APAC doing the same.
Higher-growth MSPs are particularly on board. The survey listed 10 different security services MSPs often offer. High-growth providers offer eight of these security-related services on average, while lower-growth providers offer six. The biggest difference was with two- or multi-factor authentication. Here high-growth MSPs offer strong authentication 30 percent more often.
Meanwhile, the attack surface for credential hacking and cracking grows ever larger. As more apps move to the cloud, there are more times an end user has to log in to various services – including mission-critical applications that hold valuable data.
One level of security is no longer enough – the risk grows broader and greater every day.
Two-Factor Authentication: The Gold Standard for Protecting Logins
Two-factor authentication (2FA) makes passwords generally impenetrable by having users provide two (or with MFA, multiple) forms of identity. The password is something you know, and the extra level of authentication is something you have, such as fingerprint, iris, or token. In some cases, it is also something you know such as answering a security question, but this is a lower level form of protection.
This need for security, along with the efficacy of 2FA, is leading to solid growth. The market for strong authentication is projected to become a $13.59 billion dollar market over the next five years.
When implemented correctly and using a quality solution, 2FA will not only keep your clients’ digital infrastructure safe, it will also do so without inconveniencing employees.
You may want to use 2FA in conjunction with sing sign-on (SSO) to make it easier for employees to sign into your clients’ systems. SSO allows users to have direct access to all of the platforms they use, but they need only one credential to access them. It is like having a single, very secure key to access 100 different doors with 100 individual locks.
SSO is definitely something you will want to look for when considering your options for a 2FA vendor. However, remember that just offering SSO is not good enough – you need to do a deep dive to understand any 2FA vendor you are evaluating.
Check out our 2FA Buyers Guide to learn how.
Security as a Service in a Box
Think 2FA is complicated? With Security as a Service it doesn’t have to be.
Backed by AuthAnvil by Kaseya and its over 10 years of development, Security as a Service makes it easy for MSPs to launch, sell, and manage authentication services – and protect themselves and their customers at the same time.
Security as a Service comes features “Go-to-Market in a Box” training so your team can be immediately successful selling both 2FA and single sign-on (SSO) services. It also contains white-label sales and marketing materials, and weekly 2FA and SSO webinars for your customers and prospects to help close sales.
In addition, out of the box, you will have licenses to provide AuthAnvil to eight customers and the ability to add new client packs easily as demand grows.