Remote support has become a double edged sword. Many “Managed Service Providers” or MSPs base their support upon web-based tools and automation. While this can reduce the costs to the client and increase the technological level of a business network, it has downsides that can be detrimental.
There has been a wave of hackers attacking MSPs and using their strategic access to clients as a tool to push out malware, viruses and ransomeware to the MSP’s clients. They rely on the fact that even the IT company does not implement the security standards and practices that all businesses should have. Tricking one technician into installing a malicious payload can give that hacker access then to the whole company and all the companies they support.
It continues to become imperative that businesses do not blindly trust third-party vendors but instead do their due diligence to make sure those with direct access into their system have policies and procedures in place to limit their vulnerabilities.
We are moving toward using the tools many MSP’s have, while still holding firmly onto the business model that has built our company for years. We still want to know our clients, provide them physical support and make sure that we have a holistic view of the company we are supporting. Running tools like Atera and Splashtop so we can monitor and track your business means that we can provide more immediate response to your issues and preempt potential problems that would otherwise only manifest after the damage has been done.
We are slowly adopting new automation tools to assist in our ability to provide you updates and support while keeping costs down. However, we do not trust these tools blindly. We are using 2-factor authentication and data segmentation so that a hacker, even if they had access to our tools, would be limited in the data they could access or damage they could inflict.