December 6, 2022
Considerations, best-practices for defensive network architecture, and cyber security concerns when selecting a new MSP partner.
Managed Service Providers (MSP) and/or their sub-contractors should be granted the minimum necessary rights assigned to perform their job, for the shortest duration possible. Your organization should regularly review system level access, and disable old/unused credentials. On a periodic basis, a trusted member of your IT department, or your MSP should verify service accounts are being used and do not have more access rights than necessary applied to the account.
Questions to ask:
What is the risk associated with old accounts, or accounts with too much access?
MSP accounts should adhere to the same password policy (if not stronger) as your organization. MSP accounts should always enforce MFA. This is especially true if the account has elevated access to your network, or resources. Access to your network should be kept to a minimum and should be logged either by a SIEM, system, or firewall.
Questions to Ask:
What are risks associated with access and authentication?
Regularly update and patch operating systems and networking equipment. Equipment brought on site (such as a management PC, sometimes considered a “jump” terminal) must adhere to the same cyber security standards as other machines in your organization.
This includes enabling audit-logs for success and sign-in failures, enforcing enterprise antivirus and DLP policies, utilizing encryption of HDD/SSD, and restricting access to sensitive VLANs such as servers, or networking equipment when possible.
Questions to ask:
Private data collected and utilized by your MSP must be protected, and have strict policies around who can access confidential data, and from where. Your MSP should be able to answer the following questions, and provide documentation on their policies for collection, storage, and access of your private data.
Questions to ask:
“Detailed guidelines for log and records maintenance, including requirements for the MSP to provide secure storage of backups and for detailed records of when accounts are accessed, by whom, for how long, and what actions were completed. 1
We follow strict cybersecurity safeguards to protect data collected from our clients.
Network experts dedicated to 99.9% uptime