Managed Service Providers

Keeping Your Customers Safe from Ransomware

Simple steps that MSPs can follow to keep their customers from being the next ransomware headline.

Image Source: Nuclear_lily

MSPs, take note: The SMB adoption rate for Azure is increasing faster than the adoption rate for AWS, according to the 2021 Flexera State of the Cloud report. However, cloud security remains a top challenge as more data is added to the cloud and consumers struggle with effectively keeping it safe from ransomware and other malicious threats. 

Here are 5 steps you can take to secure your end users’ Azure environments and keep critical data safe:

  1. Have Strong IAM Controls in Place
  2. Monitor and Audit Your Activity Logs
  3. Invest in Third-Party Monitoring Tools to Double-Check
  4. Have Backups in Place
  5. Scrutinize your Active Directory Logs

Step 1: Have Strong IAM Controls in Place

No matter whether your environment is hosted in Azure, AWS, or privately, tightly controlled access management policies are a must-have. This is your data and your end-users will need to think carefully about who can view and/or change it. Keep data access strictly limited to essential folks only. This not only lowers your risk (fewer endpoints to breach) but saves you administrative time and hassle trying to manage user access and permissions.

Step 2: Monitor and Audit Your Activity Logs

The Azure Activity Log is a core part of Azure Monitor. This tool provides performance and availability monitoring for applications and services in Azure. The Activity Log will capture anything outside your environment, including events such as creating a storage account, restarting a virtual machine, or deleting a key vault. Keep in mind that the logs are formatted in JSON (JavaScript Object Notation), so you’ll need someone with knowledge of that language to interpret it or a way to process them into something more readable.

Step 3: Invest in Third-Party Monitoring Tools to Double-Check

It’s all about the configuration. Microsoft has loads of tools and features built into the infrastructure to help you be secure, but it all has to be configured properly, and anyone can make a mistake. Employing a third-party tool like Tenacity can not only double-check your work but point out any gaps or vulnerabilities you may have missed, all within hours of deployment.

Step 4: Have Backups in Place

Adopt the motto of the Boy Scouts (or Scar from the Lion King): Be prepared! Have backup environments in place and follow the Golden Rule of Backup: 3 copies on 2 different media, with 1 offsite, 1 offline, and with 0 errors (3-2-1-1-0). No matter where you keep your data, you always need a Plan B (and C, and D…). Adding onto that, you need to ensure your backups are regularly tested and work so you know you can rely on them when you need them.

Step 5: Scrutinize your Active Directory Logs

In addition to the Activity log mentioned above, you’ll want to monitor your Active Directory logs, which includes MS365. This gives you insight into key data such as user, group, service principal, directory, and tenant configuration changes. However, keep in mind that IP addresses will be missing from much of this data.

Conclusion: Public cloud like Azure is here to stay. But there’s a huge learning curve when it comes to successfully running an environment. MSPs can take advantage of this by following the above tips and working with their clients who use Azure to demonstrate how to secure their environments or manage them altogether.

Struggling to make your clients understand the true nature of Public Cloud? Tenacity can help. Contact us to see just how easy it is to show your client’s security vulnerabilities and policy gaps in public cloud environments.

Latest articles

Browse all