What can solution providers do when bad hacks happen to good clients?
As the MSP or solution provider protecting customer data, you may need to rely on what your client has done—and not done—before the attack to solve the problem. That may leave you in the unenviable position of closing the digital barn doors long after the digital horses have fled.
You’ll be in a much better position if you’ve taken one of the key steps to mitigate any corruption, encryption or change to vital data. Ensure that not only that your client’s data is backed up, but that it can be easily restored as quickly as possible.
If there’s a blind spot in many enterprises’ cybersecurity stances, it’s practicing a full restore. As a trusted solution provider, however, it’s your job to ensure your clients are protected as well as possible. A real disaster is not the time to find out flaws in restoring data.
A real-life example of a problem that can occur without testing a restore came in a recent Next I.T.-sponsored webinar title “You’ve Been Hacked, Now What?” In the webinar, John Sohacki of Michigan-based managed solution provider Next I.T. recounted a story about a client that used USB drives to backup their data.
Next I.T. recommended that the client protect their data more securely, but Sohacki said the client had a high comfort level with managing their USB backups.
A hacker gained access to their network (via ransomware) and affected not just their data servers but one of the USBs as well (as a network attached device). When attempting a restore, they discovered the USB was unreadable. Eventually, Next I.T. was able to get that USB’s data restored—though only the past six months.
Could the client have foreseen this problem? Perhaps in a test restore, if this was a scenario they tested, they would have known the threat their backup method posed. Make sure your clients understands a trial of a full restore (which you can supervise and assist) may be the real key to successfully recovering from a data disaster.
For more insights on the good, the bad and the ugly when clients are hacked, check out the full webinar You’ve Been Hacked, Now What?