Aviva Zacks
With many thanks to Mike Schipper, Founder & CEO of InsITe Business Solutions, Aviva Zacks of Safety Detective got a good understanding of what his company does to keep its customers’ data safe.
Safety Detective: What does your company do to keep your customers’ cloud, network, and server safe?
Mike Schipper: Everything begins with understanding and education. First, we work hard to have a great understanding of the threats out there. Combine that with a great understanding of our Clients, and focusing on educating them of the importance of security and compliance, making it simpler to digest and understand. Providing our clients with the right tools to educate their employees on security is highly critical. With better understanding comes more willingness to invest in security and compliance measures. The news cycle, with reporting of all the recent breaches, certainly doesn’t hurt either.
We also understand that security is not a single product, such as antivirus, and you are done. Nor is it a set it and forget it situation. To effectively protect our Clients we take a layered approach, and it is always a work in progress, improving all the time. As an example, we have developed our Systems Management & Security (SMS) Platform, which is a comprehensive bundle of layered services and systems management tools that we have developed through significant research, time investment, vendor negotiation, and overall security experience. The SMS Platform makes security and systems management affordable and enables co-management with our Clients as well. But it’s always moving. In fact, at the time of this writing, we are negotiating with another vendor to add an additional layer to this bundle across our Client-base, as we have identified a new emerging threat category that should be addressed in the near term. The target is always moving, and it is our responsibility to stay ahead of it.
InsITe is also what I consider a “cloud-first” MSP. When we launched back in 2013, we recognized that, without some serious help, most organizations would not be able to keep up with the growing security threats. Many debates did cloud spark – among IT folks and business leadership. That aside, beyond all the other apparent advantages of cloud, for our client base we can enable new security measures, from the very simple to the extremely complex, with just a few clicks. Before cloud, enabling the level of security, auditing, and control to maintain a safe environment was near impossible, and certainly less affordable. When it comes to security, cloud is nothing less than a lifesaver. MFA can be turned on system-wide in minutes, where before it required complex hardware and software. We can automatically shut down accounts that show suspicious login attempts based on geography. Those are just a few basic examples of what is possible today.
It is also worth noting that beginning by (and maintaining focus on) securing our own systems is critical. We advocate a “security mindset” within our Team. Nothing advocates and propagates that mentality better than practicing it ourselves every day. InsITe must maintain strict security compliance due to pass-through requirements within our client base. We live it every day, which makes it second nature for our team.
SD: What types of companies use your services?
MS: Our team partners with leading manufacturers, primarily in Michigan, but expanding nation-wide. While our primary vertical is manufacturing, we do often work with clients in other highly regulated industries such as healthcare and the financial space. As it relates to manufacturing, our clients are often those who have heavy compliance requirements, which is a growing trend across the industry due to pass-through compliance requirements (top-tier on down).
What we are finding as of recent is that even outside of the highly regulated industries, there is a new awareness and requirement for general security compliance. Business leadership is more aware of the threats, and the eventual consequences of doing nothing. They see it all around them, so security and compliance services are growing across the board as well, and we are well-positioned to help.
SD: How do you stay ahead of the competition?
MS: To be honest, we don’t focus too much on our competition, at least not as it relates to any threat to our business. There are times we can learn from our competition, but spending too much time looking at the shadows behind you only serves to detract from looking forward, and keeping our eyes open to the true responsibility and challenge of today’s modern MSP. There is enough business in our industry for InsITe and 400 of our friends.
Instead, we place our focus and energy squarely on staying ahead of the present and coming threats, opportunities that can be influenced by technology, and ensuring that we partner with clients that share our philosophy and value our strategic approach. Technology is an investment that should keep us safe, make us more productive and efficient, and generate some level of tangible return.
As it relates to staying ahead of the present and coming threats, bad actors, it really is getting more challenging all the time. It takes a constant effort within our team to identify threats, educate our clients, manage and progress their environments, and at the same time research and keep eyes wide open to future trends.
For us, it began with a commitment to security across the board, then propagating a culture of security throughout our entire Team, top to bottom. Everyone on our team is expected to understand the threats and mitigation methods, as well as stay up to date on the latest. Taking this approach, combined with formal training, as well as a culture of coaching each other, staying ahead is possible.
SD: What are the worst cyberthreats out there today?
MS: As it relates to how attacks take place, social engineering is right there at the top. It’s really out of control. E-mail phishing attacks and bogus credential harvesting sites (that look very real), to bogus phone calls from IT attempting to gather critical information, almost no method for tricking people into giving up something relevant and valuable is off the table.
Most readers are probably aware that there is now an official underground network of organizations that help upstart attack groups. From lists of vulnerable accounts and employee names, phone numbers, to call scripts and call centers to make the calls for the attacking organization—the underground economy of bad actors is alive, well, and growing. It will only get worse.
We have received frantic calls from companies whose CFOs were spear-phished without their knowledge. Armed with stolen credentials, the attackers accessed their e-mail accounts, lay in wait—learned their language, tendencies, and other high-level company resources—then struck gold with a request for an emergency wire to an “updated” vendor bank account for a product they were ordering. In many situations, hundreds of thousands of dollars were lost. Why would the attackers stop? That’s easy money!
Beyond phishing and general social engineering, ransomware is next in line. Again, the delivery of ransomware is getting more sophisticated, and the ransoms are growing. The data acquired by the bad actors is now being used as a phase 2 threat, with direct threats that the data will be released without an additional ransom being paid. It’s really sick honestly, I don’t know how to better describe it. Security is no longer an option.
SD: How will the COVID-19 pandemic affect cybersecurity for the future?
MS: With more employees working remotely, mobility to enable Work From Anywhere has exploded. Thanks to cloud services, the necessary mobility is made possible, but it also means security has moved from the space between four walls to… well, somewhere in the world. Again, cloud enables mobile productivity, and also enables simple ways to turn on the appropriate and necessary security—but only if those setting up the cloud services know what boxes to tick and settings to set.
Instead of thinking about how we secure our firewalls, networks, and servers, we need to look at it as how do we secure the data and assets of our organizations. Data that used to reside on a server inside a building protected by physical and virtual security now resides somewhere out there in the cloud. Businesses that take an active approach to enabling work from home will be far more successful at securing the data and assets than those who do not. We have to remember that human nature will drive us all to default to the path of least resistance. If not provided the tools to store, share and collaborate on data securely, in compliance with company guidelines, we will simply find their own way. No, everyone creating their own Dropbox account is NOT the way. IT/MSPs need to be the enablers of safe, productive, work from home.
As IT professionals and MSPs we must shift, and we must bring a new refreshed focus to security. Businesses that do not make this shift will find themselves in big trouble. It is our responsibility to protect our community and our economy, we cannot take this lightly.