ONGC Systems

Don’t Assume Your IT Provider is Providing Comprehensive Cyber Security Management

It’s easy to assume that your cybersecurity requirements are being met by your Managed Services Provider (MSP), however, contrary to this assumption, your MSP or IT support company is not automatically responsible for this and may not actually provide these types of services automatically.

What Your MSP is Likely Providing

When we consider the base level of services generally offered under a standard Managed Services Provider Agreement, there are a few services MSPs generally provide:

Anti-Virus and Firewall: These are standard items on the list of deliverables when engaging with an MSP. Whilst a very important components, they don’t always provide the level of pro-active protection that you need.

Software Patching: When the latest version or updates for software are released, the patch will generally be rolled out across your relevant devices automatically. For instance, Microsoft regularly release security patches for their software.

Monitoring: As a staple in their services, Managed IT Providers supply device monitoring which can keep an eye on the health and wellbeing of your devices.

Multifactor Authentication (MFA): Multifactor Authentication is becoming more common as a tool implemented by MSPs today and it’s highly encouraged that all companies use this service as it’s pretty much a failsafe should someone try and hack one or more of your accounts.

High Level Cyber Security Advice: Things like best practice password policies, account lockouts, general things to look out for etc are quite often provided as a value-add service when engaging with a Managed IT provider which is great to set up a basic level of protection for an organisation.

Why the Basic’s Aren’t Enough

When we consider the requirements around Cyber Security in today’s world, the abovementioned items only scratch the surface. For example, we are now faced with a multitude of changes to our work environments with working from home now being the norm, alongside the usage of staff personal devices to access your company data. Couple that with the addition of privacy laws now mandating the protection of personally identifiable information (PII) and we have so many different considerations to fully identify and manage an acceptable level of risk in any business. And this is just one example! There is a considerable list of things that should be considered when evaluating your security needs including:

Exit mobile version