Q: More and more of my SMB customers are adding additional locations or having employees working remotely. Protecting customers with a single location is easy, but when you add different locations and devices, security becomes more of a challenge. What are some best practices my MSP can use to help protect customers with multiple locations?
Ensuring security for employees at more than one location poses a challenge, and it’s certainly a service that’s in demand as customers grow. To adapt to this trend, MSPs need to start adopting best practices and putting the right tools in place to protect their SMB customers from threats no matter how many locations they have.
To help you better secure your customers with multiple locations, we spoke to Chris Crellin, the senior director of product management here at Intronis. With more than 14 years of IT security under his belt, Chris has a deep understanding of how to protect customers’ environments. Here is his advice:
Best practices to ensure security for multiple locations
To fully protect your customers, secure each location with a firewall. Firewalls are your first line of defense, and threats are everywhere. A next-generation firewall, has advanced capabilities that creates an additional barrier of protection for your SMBs, such as advanced threat protection which identifies and stops zero-day attacks before they arrive in your customer’s inbox.
For some customers, you’ll also need to set up VPNs. You need to decide if you want to put system resources on-prem or in the cloud. If you put (at least some) them on-prem, you need a VPN for that customer. If you put all of the customer’s resources in the cloud, a VPN is less necessary because employees will be accessing the cloud rather than the internal network.
But, both on premise and in the cloud it is important to make sure all your security features are up to date. This includes your firewall, intrusion protection, email security, and VPN capabilities, all of which are standard features in a true next-generation firewall.
Set strict device rules. These days, the cloud is becoming more popular, which is leading to more hybrid environments. In these types of environments, you want to make sure everyone working in the cloud has the same level of protection as those who are on premise, and it’s essential to watch out for devices that aren’t completely in your control that may be accessing the same network.
As a best practice, make sure all devices connected to the network (including cell phones) are protected by MDM (mobile device management) software and educate users on how to use them safely. Are there sites they can’t visit when connected to the corporate network? What apps are approved or unapproved? Other things to consider would be password requirements, types of supported devices, and if the device will be remotely wiped if it’s lost. When developing a BYOD policy with an SMB, make sure it’s comprehensive enough to include all necessary rules and precautions.
It would be wise to review the security standards of cloud applications as well. What security standards do you want your customers and their employees to adhere to for protecting data and user accounts (password policies, etc)? If those cloud applications were breached in some way that could expose the business to data loss or theft.
Backup locally. Just because an environment is remote doesn’t mean it doesn’t need to be backed up. To fully ensure that your SMB is safe, have local backup copies at each site for a quick restore.
You should also back up mobile devices and apps. Users are less likely to investigate email attachments or links on their phone, leaving them vulnerable to clicking on malware or other viruses. By making sure apps and mobile devices are backed up, if a user’s device is compromised you can restore that data. This gives your SMB customers peace of mind knowing that their critical information can be recovered if something were to happen, even if they’re working remotely.
If you have SMBs with more than one location or with employees who work remotely, it is essential to utilize these best practices to ensure their security. Protecting customers with multiple locations may seem like a challenge at first, but once you develop an action plan, you’ll have the confidence to not only protect these customers but also take on new ones with similar needs.
Ask Intronis is a weekly advice column answering common questions from MSPs and IT service providers. It covers topics ranging from pricing and selling to marketing and communications—and everything in between. Submit your questions by emailing AskIntronis@intronis.com.