Recently, the U.S. Secret Service sent a warning about increasing hacking attacks against MSPs. According to the ZDNet report, at least 13 MSPs were used to push ransomware. Due to the nature of the MSP business of managing IT infrastructure remotely, they became more vulnerable to these attacks.
Generally, MSPs manage networks for clients that don’t have internal IT staff. If the clients do have their own staff, they are looking to offload significant amounts of work to the MSP. They need help, and security is an important part of what they expect.
But there’s a lot about IT infrastructure security that could keep anyone up at night. And there’s a lot affecting that security — from networks to devices to data. In this post, we’ll address identity security and how to effectively protect it.
Identity Security: Keeping the Keys to the Digital Kingdom Secure from Phishers
User identities are the keys to an organization. Their systems, applications, data, and even network access are valuable assets. And the biggest threat to user identities is phishing.
Phishing attacks represent many successful hacks and security breaches in organizations. It’s a troubling and continuing trend, as phishing scams become more creative — and effective — every day.
For perspective, here are some of the latest unsettling phishing statistics:
- Data from Verizon’s 2020 Data Breach Investigations Report shows nearly one-third of all data breaches involve phishing.
- According to the Verizon report, 70% of breaches are caused by outsiders and 43% are attacks on web applications (more than twice as much as 2019).
- In the 2019 Cost of a Data Breach Report from IBM and the Ponemon Institute, researchers found that 49% of data breaches are the result of human error and what they term “system glitches.” The human error portion includes “inadvertent insiders” who fall prey to phishing attacks.
A data breach from a phishing attack can mean far-reaching and long-lasting financial and operational consequences for any size organization. According to the 2020 Verizon report, 86% of breaches are financially motivated.
Typically, here’s how it happens:
Sophisticated hackers create clones of familiar websites, then send emails claiming to be from the site and requesting password resets. Receivers unwittingly put their credentials into what they believe are login portals or password reset mechanisms for a key service they use — G Suite™, Microsoft 365™, or AWS, for example. Data from the Anti-Phishing Working Group’s 4th Quarter 2019 Phishing Activity Trends Report indicates SaaS and webmail sites continue to be the most frequent targets of phishing attacks.
Hackers use the credentials they steal to access more protected information and take an organization’s digital assets or empty their financial coffers. It all adds up to a very bad day for an MSP and its client.
Better, Stronger Defense Is Needed
MSPs have long had limited options to combat phishing. Anti-phishing tools exist, but they are cumbersome, often requiring emails to be routed to the solution provider. Many also tout new age technologies such as anomaly detection, machine learning, and artificial intelligence.
Plus — and importantly — many are reliant on end users, which makes complete control an impossibility. Despite the ML and AI techniques, extensive and costly user training is necessary to spot phishing emails, and even that isn’t fail-safe protection.
Most traditional identity security approaches simply involve two-factor authentication (also known as multi-factor authentication). It’s not a bad start, although one-way hashing and salting all passwords is additionally helpful.
While there is nothing wrong with focusing on traditional security approaches, it leads many MSPs to have a false sense of identity security protection, and they focus on other areas such as device management and network security, leaving overall gaps. In fact, the greatest impact MSPs can make on their clients’ security is by leveling up identity security. Protecting identities can dramatically cut down on the risk of a breach.
Level Up Your Security with JumpCloud
JumpCloud’s cloud directory platform can level up an MSP’s security offering. As a core identity security provider, JumpCloud protects end user identities by one-way hashing and salting all passwords. It also implements MFA against system, application, and network access.
Perhaps most importantly, it completely sidesteps the danger of phishing by enabling end users to simply update their passwords on their machines. This propagates each password change to services such as G Suite, Microsoft 365, and more. As a result, users won’t be duped into entering their credentials into a fake website because they’ll know to only update their passwords on their own protected machines.
JumpCloud’s cloud directory platform not only steps up identity security, but is a comprehensive access control and device management solution. To learn more about how you can trust JumpCloud for phishing protection, drop us a note. Or give our platform a try. Your first 10 users and systems are free. Plus, you’ll get 10 days of free, premium 24×7 in-app chat support.