In March, the Cybersecurity and Infrastructure Security Agency (CISA) and Department of Energy released a warning for users of uninterruptible power supplies (UPSs) that may have taken some by surprise. Like any other device that can now be connected to a network, backup power devices require mitigation measures to ensure they’re protected against potential malicious activity.
As more businesses embrace digital transformation and cloud connectivity, IT solution providers and managed service providers (MSPs) must understand the potential threats that can impact customers’ connected infrastructure. Protecting power devices, when viewed as part of a comprehensive cybersecurity strategy, can help build greater trust with end customers while mitigating potential long-term threats to their businesses.
From Challenge to Opportunity
The evolving cybersecurity landscape is illustrated by high-profile breaches that have impacted systems in critical industries. Businesses of all sizes are leveraging more equipment featuring network connectivity, and power devices are no different. Adding network connectivity to UPSs enables integration with software, services, and other IT infrastructure to facilitate remote management and monitoring of key infrastructure. These components must be secured just like every other network access point.
When selling power, channel partners have a golden opportunity to create and build greater trust with their customers around cybersecurity in important ways:
- They can supply products that are secure by design to help mitigate the risk of potential attacks.
- They can advise customers on cybersecurity best practices, including technology strategies and opportunities to educate employees about potential risks.
Solution providers should always instill the importance of a comprehensive cybersecurity strategy that incorporates people, processes, and technology in a way that enables multiple levels of protection throughout their customers’ organizations.
Raising Standards for Backup Power
Eaton partner Elevate Technology Group, for example, takes a proactive approach when it comes to power management. The MSP has nearly 180 customer sites primarily throughout the Northwest. Its support model combining customer service with 24/7/365 IT help desk services allows very little tolerance for downtime or security risks.
Elevate recently worked with Eaton to implement a broad range of complementary backup power upgrades to fulfill its commitment to driving high availability and continuous uptime for customers while aligning with the latest cybersecurity advancements to keep their systems protected from potential threats. One step that helped IT teams solidify this effort was to ensure their network management cards were certified to meet UL 2900-1 and ISA/IEC 62443-4-2 cybersecurity standards.
Deploying UPSs with network management cards that carry the latest cybersecurity certifications gives IT teams peace of mind that their devices are best equipped to protect against vulnerabilities. When used with power monitoring software, IT teams can be informed of the status of their power devices.
At the monitoring level, Elevate offers its clients a power management software solution that possesses a wide ranging, real-time view of network conditions. The solution allows IT staff to assess network information and a plurality of reporting capabilities – from power quality alerts to firmware updates and security requirements.
A Well-Rounded Strategy
In addition to taking calculated steps like Elevate to align backup power technologies with the latest regulatory and industry guidelines, channel pros should employ cybersecurity best practices to keep connected infrastructure protected. Experts recommend:
- Use a firewall and encrypt information.
- Conduct routine security assessments.
- Regularly update anti-virus software and anti-spyware.
- Use advanced email filtering.
- Establish powerful password policies and endpoint protection.
- Offer employees cybersecurity awareness training.
Physical security measures, such as securing IT racks with security locks, can also help to keep unauthorized personnel from accessing IT equipment. And, as cybersecurity strategies evolve in the increasingly interconnected IT landscape, technology and solution providers should be willing to demonstrate an ongoing commitment to protect against potential risks to ensure their clients remain secure.
Lasting Protection
As digital transformation continues, many solution providers are seeking to provide customers with infrastructure connected to their networks to help automate processes and drive new services. In this environment, with threat actors always looking to exploit potential vulnerabilities, cybersecurity should remain a consistent priority. The best-positioned MSPs will be those that look to secure backup power components as part of an end-to-end cybersecurity defense for their customers.
JAMES MARTIN is the global connectivity product manager at Eaton. He has promoted Eaton’s software and connectivity solutions for the past 10 years and built trusted technical adviser relationships with channel partners, field sales, and sales operations.