How to secure your remote access tools against cyberattacks
There’s a lot to love about remote access tools. If you’re like most managed services providers (MSPs), you and your clients both appreciate the convenience they offer. Gone are the long, winding support calls, and the need for on-site troubleshooting is largely a thing of the past.
Yes, everyone loves remote access tools. Including cybercriminals.
You might not think you need to worry about a cyberattack on your MSP—but you’d be wrong. Despite the common misconception that cybercriminals only target larger enterprises, the vast majority of businesses are fair game. In fact, in a recent survey of 850 global organizations with sizes ranging from 10 to 1,000 employees, Vanson Bourne found that 64% had suffered a cyberattack.
The truth is, cybercriminals love MSPs. Why? Because thanks to your remote access tools, they can gain access to multiple businesses from a single attack. To make matters worse, many MSPs have weak security practices, which makes them easy targets for ransomware. Add to that the fact that cyberattacks among small and mid-sized businesses are becoming increasingly commonplace, and you can see why MSPs can’t sleep on remote access security issues.
To protect your network, your clients, and your reputation from malicious attacks, here are five ways that you can secure remote access software and remote machine management software.
1. Password complexity
Passwords are your first line of defense against cybercriminals—so don’t make things too easy for them.
The first rule when creating passwords? Use common sense. Ask yourself: could an attacker easily guess this based on the information I share online? If you have pictures of your dog all over Instagram, for example, then using Fido’s name as your password is probably not a good idea.
So what does a good password look like? The National Institute of Standards and Technology (NIST) recommends using long, unique passwords for all your accounts. The ideal password is about eight characters long and incorporates a mix of upper and lowercase letters, symbols, and numbers—making it truly unique and hard to guess.
Of course, when you’re dealing with multiple applications on a daily basis, it’s hard to remember lots of complex passwords. That’s why you need a password manager. These applications allow you to store multiple passwords in one secure place, ensuring you only have to remember one—the password to the password manager.
2. Multi-factor authentication
You know how you need two forms of ID to renew your driver’s license? That’s the basic idea behind multifactor authentication—it adds extra layers of security by requiring users to verify they are who they say they are using at least two unrelated authentication methods. For example, after typing in their log-in details, a user might be asked to supply a one-time password that’s been sent to their phone.
Two-factor authentication is a way of making an account doubly secure. That way, even if a cybercriminal were to crack your password using methods like brute force, credential stuffing, or keylogging, they would still need to gain access to that second method of authentication in order to access your account.
3. Role-based security
When you check into a hotel, you don’t get keys to every room—just the one you need for your stay. Similarly, role-based security is about granting permissions according to the role that a user performs, limiting their access to only the machines that they need to do their job.
This reduces the damage that a cyberattacker can do. If they steal one of your technician’s credentials, they’ll only have access to a limited set of features and machines, meaning they can’t wreak havoc like they could with full-blown admin access.
Role-based security is not meant to put roadblocks in your employees’ way. It’s simply about giving them everything they need to do their job, and nothing more.
4. Logging and auditing
In security, as in medicine, prevention is better than a cure. To spot potential remote security issues in advance, you should be tracking who connected to what machine, what actions they performed, when they connected, and where they connected from.
Ransomware is usually the last thing cybercriminals do. Typically, they’ll poke around in your environment for weeks before they strike, doing things that won’t necessarily raise alarm bells—like sending a 3:00 a.m. command here and there—until it’s too late.
It’s critical to review audit logs regularly. That way, if you notice something suspicious, you’re able to remediate it right away, before a molehill becomes a mountain.
5. End user controls
Last but not least, security is ultimately an all-hands-on-deck effort—so make sure your end users are doing their part.
Client education is a must. After all, the average end user doesn’t know what a phishing attack is or how to recognize one. Taking the time to teach your clients not only makes your life easier in the long run, but helps to demonstrate the value that you bring—bolstering their trust in you.
Walk clients through what different types of attacks entail and what you are doing to protect their business against them. You can also encourage end users to report suspicious behavior. If they notice their machines running slow or weird programs opening up, those are red flags they need to send you tickets on—but they won’t do so unless you teach them how to spot and report these potential threats.
One final way you can empower end users to help with security is by using guest consent. Guest consent gives the end user the power to say whether or not someone can connect to their machine—so even if your credentials are compromised, your end users can serve as a last line of defense against cyberattacks.