MSPs: Securing Your Clients – Anti-Phishing

Written by Brandon White on August 30, 2020

Share This Article

A managed service provider (MSP) offers an organization a streamlined, secure, and effortless way to manage their IT infrastructure — namely, the MSP does it for them. That is, when that approach is built to deliver the total security that small- to medium-sized businesses (SMBs) need.

At JumpCloud®, we believe that MSPs are inherently responsible for their clients’ IT security — whether it’s explicitly defined in the contract or not. This is a natural extension of what most MSPs know: if their client is hacked, the nightmare is not just for their client. Not only is there a great deal of clean-up that needs to happen to clear the compromise, but there is the reputational damage to the MSP. 

SMBs — the lifeblood of most MSPs — are increasingly targeted. Why? It boils down to the (false) perception that security isn’t a priority in smaller organizations. Which, of course, is a reason to ensure everything is just as secure in SMBs as at the enterprise level.

While exploiting smaller organizations may not be as lucrative as a large scale enterprise for a hacker, many easy targets can add up to a nice result.

What Are Hackers’ Goals?

Obviously, hackers are looking for free money. But the first step is targeting employees. Hackers look for ways to trick employees into sharing secure information — namely their credentials — that essentially gives them the keys to the digital assets of the organization.

Often, SMBs do not have sophisticated technology or advanced security tools in place on the network to prevent attacks. Regardless of whether this is true for an SMB organization, the simple perception that this is true can be enough to make the SMB a target for hackers. And, if an MSP’s client is a target, then by extension they are a target. It’s oftentimes their role to protect their clients.

How Hackers Target SMBs

The number one approach for hackers to target small-to-medium businesses is phishing. Here’s what happens:

  1. The hacker sends out hundreds of thousands, if not millions, of emails asking for password resets to Google, Microsoft, Amazon, and other popular services. 
  2. If an end user clicks on the link, believing it to be authentic, and enters their username and password, the hacker then has access to the account.
  3. The attacker will leverage that account to compromise other accounts (particularly in the case of email accounts) and to wreak havoc for the organization.

For MSPs, who are often responsible for the proper functioning of a network and the online security/safety of their client — often an SMB, this is a worst case scenario. All of the tools and training to prevent a compromise are bypassed with a simple click from an unsuspecting (and well meaning, most often) end user. The client is likely in a bad position and so is the MSP. If word gets out of the compromise, the MSPs’ other clients will begin to question their trust and faith in their service provider.

How to Combat Phishing

With the damage and chaos that phishing brings, it’s no surprise that many solutions have been developed to address the issue. For the benefit of each organization and end user, phishing frankly must be mitigated.

However, not all solutions are equal. Here are a couple of the common options:

  • Traditional anti-phishing solutions: These typically require SMBs to send email through the vendor’s processing center in the cloud or others are plugins that will scan the end user’s inbox to determine which emails may be malicious.
  • Education-focused solutions: Still others focus on training and education as the line of defense — an educated end user can more effectively spot phishing than cloud services while not blocking useful messages. 

Many of these solutions will also tout technology innovations such as anomaly detection, machine learning (ML), and artificial intelligence (AI) among many others.

What Makes an Effective Anti-Phishing Method? 

The challenge with all of these anti-phishing techniques is that they are trying to stay ahead of an onslaught of phishing attacks by dealing with attempts that have already happened. These solutions are high risk because they can still fail. Great technology could miss one very convincing phishing email or an end user might still be duped despite high quality training. The risk is still too high.

All phishing attacks come from the same thing: a compromised account due to shared credentials. What if, instead of trying to address phishing after the fact, we eliminated the way phishers access information?

Phishing starts with a single action that should be challenged: that credentials should be entered or updated on a public facing website. That process is what makes phishing possible. If you change the game, by not letting passwords be updated publicly via a website, you can cut off the chances of phishing. 

This is exactly what JumpCloud’s Directory-as-a-Service® does — it enables end users to change their passwords on a private native application installed on each Mac® or Windows® machine. The password change doesn’t happen on a malicious site and isn’t triggered by an email. End users can make the change at their discretion safely and securely.

This simple yet powerful patented approach to password changes can eliminate phishing threats. MSPs and their clients can rest easier knowing that a user’s core identity can be secured without the concern of phishing. That updated set of credentials can be securely forwarded through APIs to G Suite, Microsoft 365, RADIUS and LDAP servers, and many more locations.

Learn More

MSPs have enough to worry about every day. Worrying about their client’s being hacked through phishing doesn’t have to be one of them. To learn more about how you can leverage JumpCloud for phishing protection for your clients, schedule a Directory-as-a-Service demo to see the platform in action. If you’re ready to explore the platform, you can even set up an account. Signing up is free, and so are your first 10 users and 10 systems. For more information about JumpCloud’s Partner Program, visit our Partners page.

Brandon White

Brandon is an enthusiast, solutionist, and JumpCloud’s Technical Evangelist, active in journalism and IT in cities across the US for over 25 years. Pick his brain on Slack in the JumpCloud Lounge: http://ow.ly/seTs30qO7WX

Continue Learning with our Newsletter