Blog

6 questions you should ask your MSP before trusting them with your IT security

Cyber Security breaches are, increasingly, not a question of “if” but “when.” Data shows that two in three (66 per cent) of companies have experienced a cyberattack. Though these affect companies of all sizes, smaller businesses are hit particularly hard; 43 per cent of cyberattacks target SMEs, and just 14 per cent have the resources to handle them.

antony.pinto /
Cybersecurity, Secure Network, Security

Gaining access to the right IT security support can help you with mitigating the risk of a cyberattack. Having a plan (and response if one should occur), is a good reason to seek the services of an MSP. However, not all MSPs are created equally, and it’s important that any MSP you engage with should be able to answer these questions:

1. How do you handle penetration tests?
You want to know that your MSP can uncover vulnerabilities in your IT environment, and then be able to move to address them. The MSP should be able to explain its process to “stress test” an IT security environment; across operating systems, services and applications. Additionally, it is important to find out how they account for human behaviour (this includes social engineering techniques to get passwords during the stress test).

The MSP should also be able to produce a timeline of how frequently these penetration tests will occur, since software updates happen frequently in modern IT and can result in new vulnerabilities being opened.

2. Do we need any particular equipment?
Sometimes, an MSP will need you to install equipment in order to access their services. You might need to purchase new hardware and software, and install it into your environment without adding to the vulnerabilities and IT risk. The MSP should also offer support with securely installing any new purchases that are required.

3. What are you doing to protect your own access to our systems?
To provide its services, the MSP is going to need deep access to your systems—often at an administrator’s level. Additionally, most MSP services are provided remotely and over the Internet, meaning that there is potential risk in giving them remote access.
The MSP should therefore be able to demonstrate the security of their logins and connection points, including the use of secure administration technologies such as multi-factor authentication.

4. What certifications do you have?
Any technology that the MSP utilises or manages will have certifications available for it. These come from the vendors themselves. For example, there are Microsoft certifications for the Windows environment, or certifications from companies like Dell, HP, Cisco and others that range from endpoint devices to data centre technology.
Certifications reflect that the MSP has put its people through the requisite training and examinations, and that the vendor is satisfied in their knowledge of the technology to manage it securely and responsibly. The MSP should be a partner to these companies for any technology they present to you.

5. Are you keeping backups?
Because security breaches are so common, one of the best defences against them is simply to be diligent with backups. It is especially important to be able to restore to a recent backup in the event of a breach. If you understand the backups you need, the MSP will run and manage these on your behalf.
In addition to creating the backups, how often does the MSP test the viability of those backups? Often, data is lost after a cyberattack because the MSP or business discovers that recent backups aren’t viable. Backups need to be tested to ensure their integrity, and the MSP should be able to provide a schedule for doing this.

6. What would you do in the event of a security breach?
Finally, you should understand what process your MSP has in place for managing a security breach. This should also include the role they take during each of the best practice steps involved in security breach response:
– Contain the breach: The moment a breach is detected, will the MSP have the resources to assist in containing the damage? What kind of after hour and 24/7 support does the MSP offer, given that most cyberattacks occur after hours?
– Determine the severity of the breach: What kind of reporting tools does the MSP run, and what data can be extracted from it? How quickly can the MSP generate a comprehensive report so that the company can take moves to address the damage?
– How quickly can you restore the environment with the MSP’s help?
The stakes are high, and any MSP candidate should be thoroughly vetted to make sure that, in the event of a security breach, they will be a resource that you can leverage in protecting your business assets—helping you get back to work in the quickest time frame possible. The range in services and capabilities among MSPs can vary drastically, so be sure that the service levels, certifications, and internal processes are in-line with modern security best practices and 24/7 business operation.

For more information on what a leading MSP can provide your business around security, click here. To find out how you can hire an MSP, talk to a Nexon expert today.