Include:
Tech
Cybersecurity
Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.

Location

333 West San Carlos Street
San Jose, California 95110
United States

WWW: acer.com

ChannelPro Network Awards

hello 2
hello 3

News & Articles

August 2, 2022 | Andrew Kahl

Addressing the CISA MSP Cybersecurity Advisory

Network security automation can make simple work of three labor-intensive recommendations to beef up cybersecurity.

Managed service providers are a prime target for threat actors as gaining access to one MSP’s network potentially means gaining access to all its customers’ networks. This heightened target profile necessitates specialized tools and processes for keeping these networks secure.

Cybersecurity authorities in the U.S., U.K., Australia, New Zealand, and Canada released a joint statement warning of an increase in attacks along with guidance for how MSPs and their customers can anticipate and mitigate these attacks. Innovations in network security automation can make simple work of three labor-intensive recommendations: managing internetwork operating system patch management, backing up systems, and configuring devices.

Applying Updates

Patch management is a colossal effort to prioritize and implement correctly. For example, a quarterly patch update from Oracle arrived with 520 fixes last quarter—and this is just one vendor among many in a hybrid network ostensibly managed by a single MSP. Routine configuration tasks take time to manually complete, are susceptible to human error, and can lead to vulnerabilities. Critical updates must be implemented as quickly as possible, but are put off, overlooked, or executed inconsistently.

Maintaining a network without automated tools can be exhausting and never-ending, but falling behind on patch management leads to security incidents. Threat actors are targeting known vulnerabilities because they understand many organizations are slow to implement patches. Indeed, 87% of organizations have experienced an attempted exploit of an already-known, existing vulnerability. Therefore, it is critical to be on top of what patches are currently installed, know which updates are required for which systems, and know how to confirm the updates have been correctly installed.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recommends organizations prioritize patching vulnerabilities included in its Known Exploited Vulnerabilities Catalogue. With the right network security automation solution, these patches can be made automatically and will produce a clear record of which ones were implemented, to what devices/systems, and when, for auditing and compliance purposes.

Backing Up Systems and Data

CISA guidance suggests having backups isolated from network connections (cloud with separate, offline encryption keys, or a location that is air-gapped from the organizational network) as many ransomware variants are encrypting/deleting recovery files. Keeping backups on the network can enable the spread of ransomware and foil restoration plans in a worst-case scenario.

IT teams need to ask themselves if they are prepared to handle many different types of disasters and develop a plan should they be forced to reboot their networks from scratch. Manually creating and running scripts after the fact is a futile effort, so some elements of the process must be automated. Teams must have a clear plan for what needs to be backed up (operating systems on network devices, stored data, network configuration files, etc.), create a backup schedule, and regularly test and update backups.

CISA also suggests that MSP customers clarify that their contractual arrangements include backup services that meet their disaster recovery requirements. Specifically, the guidance recommends customers require their MSP to provide a backup solution that automatically and continuously backs up critical data and system configurations and store backups in an easily retrievable location, such as a cloud-based solution or a location that is air-gapped from the organizational network.

In addition to these recommendations, organizations should consider an automated solution that simplifies and ensures backups and includes both seamless disaster recovery and automatic verification procedures. This should be standard, no matter how many multitenant sites and service providers are involved. The goal is to replace the need for manual or scripted backup procedures with a process that enables automated backups of all devices on the network, can schedule and store any number of configurations for as long as needed, and can automatically verify backup processes.

Configuration Management and Compliance

Although CISA guidance precludes direct mention of configuration management and compliance, the increasing complexity in network configuration management continues to be a common pain point. The potential security and other business risks associated with mismanagement (e.g., facing fines for failing compliance audits) warrants a closer look.

When it comes to reducing complexity, taking an inventory of vendors in the current tech stack and holding them accountable are key for quality assurance and regulatory compliance. Network automation should simplify compliance with industry, vendor, and regulatory policies. It should rapidly identify issues before they impact network and data integrity.

Automating network device configurations increases the reliability of IT systems and mitigates any security risk caused by human error. Information regarding all devices connected to the network is all too often in scattered fragments, or only in the minds of specific IT personnel. These configurations must be carefully documented and automated to increase the soundness of IT systems and ensure smooth recovery in the event of an outage.

Network engineers can mitigate increasing complexity by implementing network security automation to streamline configuration and efficiently manage multiple vendor environments, all while maintaining compliance. The thesis behind network automation is to reduce the hassle of staying efficient, secure, and agile in the face of changing business circumstances. Therefore, network automation should stand up to the scrutiny of industry standards and methodologies. That way, the integrity of information assets is maintained, business risks are reduced, and, above all, data remains protected.

Though the joint announcement is the first of its kind for MSPs and their customers, seasoned professionals may look at the guidance and think it falls short of being groundbreaking. Regardless, it serves as a reinforcement for efforts being made and a reminder to dig in deeper to processes to discover areas to fortify. These are real, tangible threats.

For customers who typically do not see the inner workings of their networks beyond support tickets and help desk calls, this is an opportunity to ask important questions about how, among other things, MSP vendors triage updates, maintain compliance, and ensure business continuity with system backup and restore contingencies.

ANDREW KAHL brings to BackBox over 28 years of industry experience and serves as CEO and a member of the board of directors. Prior to BackBox, Kahl was vice president of customer success at NetApp, and the first chief customer officer at Sailpoint. He was also co-founder of CREDANT Technologies, a leading security software firm that was acquired by Dell Technologies.

Related News & Articles

Growing the MSP

Editor’s Choice


Explore ChannelPro

Events

Reach Our Audience