Search
Homepage This page's url is: -crn- Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC Jobs HPE Discover 2019 News Cisco Partner Summit 2019 News Cisco Wi-Fi 6 Newsroom Dell Technologies Newsroom Hitachi Vantara Newsroom HP Reinvent Newsroom IBM Newsroom Ingram Micro ONE 2019 News The IoT Integrator Juniper NXTWORK 2019 News Lenovo Newsroom Lexmark Newsroom NetApp Data Fabric NetApp Insight 2019 News Cisco Live Newsroom HPE Zone Intel Tech Provider Zone

Five Recommended Ransomware Defenses For MSPs … And Our Experts Add Three More

‘If you don’t use Powershell, just uninstall it. And if you can’t, definitely monitor all Powershell calls and pretty much everything Powershell does on your system,’ says Fabian Wosar, an internationally renowned Ransomware recovery expert.

Back 1   2   3   ... 7 Next
photo

Use two-factor authentication on remote administration tools and Virtual Private Network tunnels (VPNs) rather than remote desktop protocols (RDPs)

Wosar: 100 percent. If you as an MSP get hacked, there are two main reasons why you got hacked. They reused the password and they didn’t have two-factor authentication enabled, or because you forgot to keep your RMM software up to date. It kind of baffles me to be completely honest with you, why remote monitoring and management applications don’t come with 2FA being mandatory. It boggles my mind. They must be aware of the fact of how big an issue, and how big of an impact it has when credentials get into the wrong hands. Its kind of sad that they have to be included in the list. It shouldn’t be optional at all.

Krebs: The biggest issue is a lack of multifactor authentication. A set of credentials gets compromised, or an account gets compromised and there is no mechanism that says ‘This looks weird. This login looks strange. Let’s force a multi-factor prompt.’

A lot of times we see in the MSP environment they have this turned off by default. Or it’s turned on for a time and then they turn it off. Or they turn it on for specific accounts. Anyone who has the ability to manage somebody else’s systems ought to be using strong multi-factor all the time.

The defaults matter a lot, because they hardly ever get changed. So, if the default is multi-factor authentication, and you make it very difficult for people to disable it. I think you’re doing it right.

 
 
Back 1   2   3   ... 7 Next

sponsored resources