Cyber Security Measures in a Hybrid Workspace

COVID has impacted everyone and every industry in the world like few global events before. Unfortunately for businesses and prosumers alike, profiting from these changes has been a priority target for attackers, who have been quick to jump on the opportunities presented by remote work. 

Criminals know that all businesses are challenged to protect network endpoints, and the statistics cited below clearly demonstrate how cyberattacks have increased in 2020.

• Since the pandemic began, the FBI noted a 300% increase in reported cybercrimes.
• 80% of firms have seen an increase in cyberattacks.
• Attacks targeting home workers rose five-fold in the first six weeks of lockdown.
• Coronavirus is blamed for a 238% rise in attacks on banks 
• Confirmed data breaches in the healthcare industry increased by 58% in 2020.

As the pandemic appears to subside, some employees are returning to their company’s offices – either part time or full time. Others remain working from their home offices. A recent survey cited that only 20% of financial services employees think an employee needs to be in the office three days per week or more and only 2% of employees would work in an office without a remote option. This is creating a new paradigm – the hybrid workspace.  

Even before the COVID epidemic, it was a challenge for small-to-medium-sized businesses (SMBs) to maintain their IT systems. Like today, SMBs had limited budgets and could not afford to hire many – if any – IT experts. Many SMBs have only one or two individuals who manage and maintain their servers and endpoints. In some cases, the IT work is performed by an individual whose main job is something else like office administration. Anyone who has any background in IT may be recruited to manage the company’s systems on a part-time basis. 

When the need for remote work surfaced, every organization – large and small – across every industry was challenged to ensure the protection of their systems and data. Criminals were attacking businesses – yes, even small businesses – across every known attack surface, leaving even the most sophisticated IT departments challenged to respond. While many SMB executives continue to believe they are “too small to target,” SMBs are one of the most attractive targets for a cyberattack. 

With the advent of the hybrid workspace, cyber security is not going to get any easier. In 100% remote work, employees can be segmented so that the central networks are protected. However, every time an employee returns to the office and reconnects to the network, there is risk of them bringing malware with their devices. “Multiply this by hundreds (or thousands) of employees connecting and reconnecting a couple times each week and you have hundreds (or thousands) of new vectors through which malicious actors can gain a foothold in your network, making the task of securing a network, and the users and data that are on it, even more complex.” 

SMBs need managed service providers (MSPs) now more than ever and MSPs must be ready for the “call to arms.” The migration to the cloud and the evolving nature of the cyber security landscape is just too complex for a minimal IT staff to handle, or worse yet, an office manager who “tinkers” with IT systems. SMBs need assistance with backup, disaster recovery, cyber security, endpoint protection, and the day-to-day tasks required to minimize downtime and protect and secure their systems and data. Going forward, we will find that for many SMBs, the MSP is the SMB’s IT department.  

Every business, regardless of size, must back up their systems and data. Like death and taxes, data loss is inevitable, whether it be caused by a natural or human-made disaster, user error, hardware issue, software glitch, or cyberattack. And when it comes to cyberattacks, there is a truth that can no longer be denied: no cyber security solution is 100% effective 100% of the time. It is not a question of if, but rather when an attack will succeed, and an SMB has no chance of recovering without backup.

Lost data leads to lost revenue and downtime. It impacts an SMB’s customers and can result in regulatory fines and additional expenses to get the business back up and running again. Uptime demands put the SMB under tremendous pressure to protect their data without impacting production systems. The company must run 24-hours a day to meet service level agreements (SLAs). They need a fast, scalable backup service that does not consume their limited budgets.

By offering a backup service, you can ensure that your client’s systems, applications, and data are protected from data loss. Your clients can also be assured that you are following best practices, such as the 3-2-1 backup rule and storing at least one backup off-site, scheduling backups frequently, encrypting backups, ensuring compliance with appropriate regulatory requirements, etc. 

Any business that collects data needs to have a secure and well-structured disaster recovery strategy. Failure to do so not only results in massive data loss but can also seriously damage a business’s credibility and reputation in the market. Businesses without a disaster recovery strategy put themselves at serious risk of going out of business. 

Because of limited budgets and a lack of in-house expertise, many SMBs do not want to manage their own DR plan and solution in house. Instead, these organizations look to MSPs that can recover their systems and data in the event of a disaster. As an MSP, you can offer managed DR services, which provide backups to protect data, applications, and systems and when a disaster strikes, it is easy and fast to spin up their IT systems in the cloud and keep operations running. After the disaster passes, you can help your client easily recover to the same, new, or dissimilar hardware.  

Anti-malware and cyber security is another area where MSPs can help SMBs. In fact, offering anti-malware and cyber security services creates more opportunity for MSPs than in the past. Whether an organization is large or small, they all need anti-malware to secure sensitive and personal data and keep an organization’s systems, applications, and data protected. More specifically, modern anti-malware software can protect an organization from:

• Malware, phishing, and ransomware attacks
• Drive-by downloads that happen when a user visits a malicious webpage
• Advanced persistent threats (APT) that are intended to establish an illicit, long-term presence in a network to collect sensitive data or compromise an organization’s operability
• Exploits that abuse zero-day vulnerabilities
• Data leakage, whether deliberate or due to negligence or mistakes in data handling

But just having an anti-malware defense in place is not enough; it should be configured properly. This means that:

• A product should be able to detect never-before-seen malware through behavior analysis, or by static analysis with machine intelligence.
• A product should be connected to its cloud detection mechanisms. It is on by default, but the business needs to be sure that the internet is available and not accidentally blocked for anti-malware software.
• On-demand and on-access (real-time) scans should be enabled and react on each new software installed or executed.

Endpoint protection provides management and protection of a business’s endpoints and data from cyberattacks. If an employee is remotely using a computer, laptop, or mobile phone for work, the device can hold their company’s sensitive information. The device can hold the employee’s personal and sensitive information as well. If the endpoint is attacked, endpoint protection can detect and stop the attack.

By protecting the endpoint, you also protect your client’s network and other endpoints from malware threats. Once an attacker infiltrates one endpoint, they can access and deliver a payload into the network and other network endpoints to steal, corrupt, delete, or otherwise harm a business’s sensitive data and systems.

For these reasons, any business of any size needs endpoint protection, which provides another service opportunity for MSPs.  

An SMB can have dozens to hundreds of devices and applications to patch, many of which are outside the network perimeter. It can take a lot of time to apply patches manually, and many times, applying a patch can make a device unavailable during patch application. These are the reasons why businesses turn to MSPs for patch management services – to manage multiple software patches automatically and keep the business’s infrastructure up to date and protected from threats.   

Acronis Cyber Protect Cloud provides MSPs with one integrated solution that eliminates complexity, so service providers can protect clients better, keep costs down and:

• Reduce risk. Minimize your clients’ security risks with integrated cyber protection covering 100% of their endpoints and unlock unique capabilities not available from your current security vendor.
• Increase profitability. Strengthen your security services and unlock easy upsell and cross-sell opportunities built on one integrated solution.
• Lower costs. Cut cyber protection costs by up to 50% by consolidating vendors instead of purchasing multiple point solutions from multiple vendors.

Acronis Cyber Protect Cloud utilizes a revolutionary approach to cyber protection. By integrating data protection with cybersecurity, these solutions eliminate complexity, deliver better protection against today’s threats, and maximize efficiency by saving time and money. This eliminates the need for you to provide a patchwork of system and endpoint protection tools, which typically create gaps in your client’s defenses. Instead, Acronis Cyber Protect Cloud offers unmatched integration and automation using a single console and single agent to reduce complexity, increase your productivity, and decrease operating costs. Some of its unique features include:  

• Next-generation anti-malware, which uses machine intelligence (MI)-based technologies to prevent emerging/new malware
• Forensic backup that allows you to collect digital evidence data, include them in disk-level backups that are stored in a secure place to protect them from cyber threats, and use them for future investigations
• Auto-adjust patching, scanning, and backup policies based on threat landscape alerts
• Automatic back up of endpoints before installing patches to enable easy recovery in case a patch renders the system unstable
• The ability to offload scans and enable more aggressive scans and vulnerability assessments in backups
• Continuous Data Protection that ensures you will not lose data changes made between scheduled backups
• Automated app allowlisting – including customer apps – from backups
• A data protection map that ensures tracking data distribution across the machines, monitoring the protection status of files, and using the collected data as the basis for compliance reports
• Fast and reliable recovery of your applications, systems, and data on any device, from any incident
• Remote work security capabilities and prioritized patching and protection for collaboration apps

With Acronis Cyber Protect Cloud, you can provide multiple layers of protection for your clients’ endpoints, ensure their data, applications, and systems are always available and protected, and provide the shortest time to recovery no matter what happens.