Partners Need To Lead By Example In Ransomware Prevention

While solution providers have to make sure to protect their clients from ransomware attacks, they said it is just as, if not even more important, that they protect themselves.

"We have to make sure we're protected first, especially since our systems touch so many other systems. We need to make sure we're as protected as we can be," Matt Johnson, CEO of Baltimore, Md.-based Phalanx Secure Solutions, said.

Johnson said his company uses the same products it recommends to its clients, as well as its own solution Trident CMP for continuous network security monitoring.

[Related: 8 Security Trends Affecting The Midmarket]

Johnson wasn't alone; all of the partners CRN spoke to at XChange Solution Provider 2017 this week in National Harbor, Md. said it is critical they protect themselves as best they can from ransomware attacks against their own businesses, just as they do for their clients.

John Lazo, president of Murray, Utah-based LazoTEK Computer Solutions, said it arguably even more important for solution providers to be on top of their game when it comes to ransomware. They can be, he said, as they can be a third-party attack vector to clients or force a customer to report a HIPAA compliance violation if hit by a ransomware attack.

"It's really a liability, or we risk becoming a liability for them," Lazo said.

Ransomware attacks have grabbed the headlines and become an increasingly worrisome attack method over the past year. Matthew Hickey, director of sales engineering, enterprise, at Sophos, said in a presentation at XChange that more than 50 percent of organizations have been hit by ransomware.

The trend is only continuing to grow, Hickey said, with the $250 million paid in ransom in 2015 jumping to more than $1 billion in 2016. Those numbers do not include additional costs around recovering data, security analysis, and lost business, he said.

"We're seeing this more and more," Hickey said. "This is something that will be here for a while."

Michael Goldstein, president and CEO of Fort Lauderdale, Fla.-based LAN Infotech, said two of his clients have been recently affected by ransomware attacks, before they invested in appropriate security solutions. He said his company is now going to all of its clients to check backups, as well as put a bigger emphasis on the importance of backups and email security solutions with its clients to prevent further incidents.

"I think we need more of this proactive stuff," Goldstein said. "We all in the community have to take it seriously because if a client is going to sue someone, they are going to come after the MSP because they expect they will have a good backup."

Goldstein said his company has put in place the same protections it does for its clients, including email security solutions from Mimecast, multiple backups and "everything in between." He said his business has not yet been hit by a ransomware attack, but it must be protected in the event one does occur.

"We are going back and making sure our own backups are flawless. We are also figuring out what to do to further education our clients about this issue," Goldstein said.

LazoTEK Computer Solutions's Lazo said his company has not been hit itself by ransomware, but it has stopped a few attacks on its clients. He said the company uses all of the solutions it offers to its clients to protect its own business.

"We eat our own dog food before we try to sell something out," Lazo said, adding that the company reviews these solutions quarterly or as often as possible. "I believe in using what I'm doing to sell … I offer something that I will use and know it works and believe it."

Lazo said LazoTEK Computer Solutions also puts great emphasis on user training around security best practices and ransomware prevention, both for itself and for its clients.

"It comes down to training," Lazo said. "If you're not aware and constantly talking about and training your organization, it doesn't matter what technology you have in place."