Growing IT security fatigue bodes well for MSSPs

Posted by Mike Vizard on Feb 14, 2017 2:23:35 PM

The size of the opportunity for managed security service providers (MSSPs) has always been constrained by one dominant factor. Far too many IT organizations believe they can adequately defend their organizations despite all evidence to the contrary.

But, a new report from the Information Systems Audit and Control Association (ISACA), which counts more than 140,000 security and IT professionals among its members, suggests large amounts of “security fatigue” are starting to take a toll on internal IT organizations.

Read More

Topics: Cyber Security

New deployment options for Barracuda NextGen Firewall – Intronis MSP Edition

Posted by Anne Campbell on Jan 23, 2017 10:57:48 AM

As today’s IT environments get more advanced and threats become more sophisticated, managed service providers need to secure their SMB customers’ networks no matter where those networks are running. Some businesses are transitioning to public cloud deployments, while others are opting moving to fully virtualized environments. As an MSP, you need to be able to offer these types of customers that same level of protection as more traditional on-premise networks.

That’s why we’re introducing two new deployment options for Barracuda NextGen Firewall – Intronis MSP Edition: a virtual firewall that is compatible with VMware, XenServer, KVM, and Hyper-V; and public cloud options designed to protect your customers’ digital assets in Amazon Web Services (AWS), Azure, or Google Cloud Platform deployments.

Read the Press Release

 

To give you a closer look at these new offerings, their benefits, and use cases, we sat down with Nathan Bradbury, manager of systems engineering here at Intronis MSP Solutions by Barracuda.

Read More

Topics: Announcements, Cyber Security

What MSPs can do to help customers avoid the new Gmail phishing scam

Posted by Michelle Burke on Jan 19, 2017 2:45:12 PM

Even the most security-conscious email account holders have been falling for the new Gmail phishing scam. This advanced hack involves phishing for user email authentication information by tricking recipients into clicking on an attachment and re-entering their Google login credentials.

It works like this: Once someone has fallen for the attack, hackers scan the victim’s account and find the best attachment to email to others from that address. For example, the attachment could be an update on a document you were collaborating on earlier that week with a co-worker. This type of advanced attack works so well because the attachment seems legitimate.

Read More

Topics: Cyber Security

What MSPs can learn from malware found at a Vermont utility company

Posted by Michelle Burke on Jan 3, 2017 11:58:01 AM

As we were ringing in 2017 this past weekend, government officials were announcing that they found evidence of malware on a computer belonging to Burlington Electric Department (BED), a local electric utility provider located in Burlington, Vt. Thanks to quick detection, BED was able to isolate the malware to one computer before it could attack the company’s entire grid system.

While this particular situation was resolved quickly, the attack brings up new threats that MSPs can’t ignore. The malware found on a single BED computer shows the destructive new intentions of malicious hackers, who, in this case, could potentially have shut down an entire community’s power during the cold winter season.

Read More

Topics: Cyber Security

Time to resolve to review IT security processes

Posted by Mike Vizard on Dec 15, 2016 12:00:20 PM

There’s no doubt that most IT security professionals were left shaking their heads this week when it was revealed that the Federal Bureau of Investigation tried to inform the Hillary Clinton presidential campaign as far back as September of 2015 that their IT systems had been hacked. Alas, for a variety of issues relating mainly to a lack of IT security skills and flawed communications processes, it would take several more months for senior-level Clinton campaign officials to become aware of the true extent of the security breach.

Unfortunately, what occurred in the Clinton campaign is not an exception. A new study published this week by the McAfee Labs unit of Intel Security find that 93 percent of the 391 IT professionals surveyed acknowledged being unable to triage all potential cyber threats. The study finds that on average organizations are unable to sufficiently investigate 25 percent of security alerts.

But the most troubling aspect of the McAfee report is that 64 percent of the organizations surveyed said they rely on managed service providers to one degree or another for security operations assistance.

Read More

Topics: Cyber Security

IT Incident response planning creates new opportunity for MSPs

Posted by Mike Vizard on Dec 6, 2016 9:50:58 AM

Thanks to hard-won experience, most managed service providers (MSPs) have an IT incident response plan in place to cope with any disruption to their business. In contrast, however, it turns out most internal IT organizations don’t.

At a time when distributed denial of service (DDoS) and ransomware attacks are making it apparent just how weak many of the cyber defenses that organizations have put in place really are, large numbers of IT organizations are struggling to cobble together an incident response plan. MSPs that already have IT incident response planning expertise in place based on established best practices should not overlook that opportunity.

Read More

Topics: Cyber Security

Dyn DDoS attack false fodder for anti-cloud crowd

Posted by Ron Miller on Oct 27, 2016 3:51:55 PM

There's no doubt that you heard about, and were probably affected by the Distributed Denial of Service (DDoS) attack on domain registrar Dyn last week. It was a devastating attack that took down services like Spotify and Netflix along with business cloud services like Box and Zendesk for a time on Friday.

Read More

Topics: Cloud Trends, Cyber Security

Infographic: Don’t let ransomware be your customers’ worst nightmare

Posted by Lauren Beliveau on Oct 25, 2016 11:50:00 AM

National Cyber Security Awareness Month is over—but conversations about security with your customers should not. Cyber criminals are becoming more and more sophisticated with their attacks, and ransomware attacks have increased 13 percent in September alone.

Ransomware is running rampant, and as an IT provider it is your job to protect your SMB customers and their data from this dangerous cyber threat. The best way to mitigate an attack is education. Paired with robust security measures, educating your SMB customers to identify an attack is crucial and can essentially save their business. 

Read More

Topics: Cyber Security

MSPs need to be prepared for rising wave of DDoS attacks

Posted by Mike Vizard on Oct 25, 2016 10:18:51 AM

Now it’s been conclusively demonstrated how susceptible even the largest of organizations are to distributed denial of service (DDoS) attacks. At the core of these attacks are multiple forms of malware that have spread to millions of devices connected to the Internet. Once infected, those devices are then incorporated into a massive botnet like the one that directed last week’s DDoS attack against Dyn, a provider of Domain Name System (DNS) services to Web stalwarts such as Google, Twitter, Airbnb, Paypal, Netflix, and Spotify.

While Dyn was eventually able to fend off the attack, the performance of multiple Web applications slowed to a crawl. In many cases, managed service providers (MSPs) with customers that were adversely affected by the attack on Dyn were dealing with more than a few irate calls. After all, there’s a direct correlation between Web application performance and the amount of revenue many organizations can generate per hour.

Read More

Topics: Cyber Security

The MSP’s Bookshelf: Social Engineering – The Art of Human Hacking

Posted by Lauren Beliveau on Oct 19, 2016 10:02:00 AM

Headlines about new data breaches, ransomware variants, and costly phishing scams seem to be popping up on a daily—sometimes hourly—basis. The media tends to focus on large Fortune 500 companies that are attacked, which leads many small business owners to assume that these threats are unlikely to affect them. Unfortunately, this is not the case—anyone can fall for a social engineering attack, and small businesses are targeted often.

What’s the first thing that comes to mind when you think of social engineering? A scammer trying to trick someone into giving away their banking info or social security number? That’s one common way it’s used, but social engineering is more than that. Social engineering is an all-encompassing term, and it’s all around us—whether it’s someone trying to get a raise or get a friend to share a secret. What it boils down to is the art of convincing people to change their frame of mind—and often divulge confidential information.

Read More

Topics: Cyber Security

Which Data Loss Gremlin Is Targeting You
MSP Health Check
MSP Phishing Quiz
Intronis Local Lunches
MSP Marketing Assessment