How Cloud security providers can utilise MSP at every endpoint
A wealth of new technology has emerged in our digitally driven society, bringing advantages and exciting new possibilities but also negatives and significant new hazards.
The most obvious is the increase in cybercrime, with hackers becoming faster, more prevalent, and, most dangerously, more sophisticated. However, most cyberattacks still happen via workers, with 80% of breaches employing desktop/mobile web browsers and 85% of breaches including a human factor. Due to this, corporations now place a high focus on cybersecurity as they work to strengthen their cyber defences.
For instance, Microsoft disclosed an extensive phishing campaign earlier this year that employed adversary-in-the-middle (AiTM) phishing sites to steal user credentials and control the authentication procedure even when the user had enabled multi-factor authentication (MFA). Since September 2021, this campaign has reached more than 10,000 organisations.
According to Osman Erkan, founder and CEO of DefensX, "with this attack, hackers place a proxy server between a target user and the website the victim desires to view. In other words, this configuration made it possible for the attacker to circumvent MFA by stealing and intercepting the target's password and the session cookie that documents their active and authenticated connection with the website. This is a really important problem, and solving it was one of the goals while developing our technology."
With the help of DefensX software solutions, users may operate safely on any device, over any network, and with any operating system, including iOS and Android, including desktops, laptops, smartphones, and other mobile devices.
Scott Chasin, Chief Technology Officer of Pax8, stated, "This is a terrific illustration of how complicated and crafty cyber assault efforts have evolved." "The expanding number of critical and dynamic risks cannot be solved by a single strategy. According to the end customer's business and regulatory needs, we've created the cybersecurity area of our marketplace to deliver best-in-class solutions that can be utilised together, much more simply integrated with their PSA platforms, and linked, app to app."
As part of Cybersecurity Awareness Month, which has taken place every October since 2004, Pax8 is one of several businesses highlighting the most recent developments in digital security. This year, the National Cybersecurity Alliance (NCA) and the Cybersecurity and Infrastructure Security Agency (CISA) are emphasising what it means to "See Yourself in Cyber" by spotlighting the steps that all Americans can take to improve cybersecurity standards across the nation.
Erkan emphasised the need for all cybersecurity experts to keep up to date on new attack vectors, saying that along with new tactics by attackers, MFA still permits simple user errors to be the breach point for hackers.
According to him, some employees experience "MFA fatigue," or an excess of messages or prompts from MFA apps across many accounts. "Power users may get dozens of these notifications each day, which makes it necessary for them to employ two-factor authentication to accomplish logins or authorise other operations. According to our study, this makes staff members start ignoring security best practices and acting carelessly, placing their company and personal accounts at risk of penetration. For safe remote work, DefensX includes Remote Browser Isolation, Zero Trust File Protection, and Zero Trust Credential Exposure capabilities. We also made it very simple to use without sacrificing productivity. In only a few seconds, a simple DefensX plug-in may be downloaded, and protection is then instantly available."
Through MSPs, MSSPs, and cloud marketplaces like Pax8, DefensX distributes its products. Service providers may package their security services and increase their revenue base with the pure-cloud DefensX solution.
MSPs must start implementing and using all the tools at their disposal to address risks since there are so many different types of assaults, including phishing, malware/ransomware, zero-day attacks, and web-borne threats. Secure Access Service Edge (SASE) solutions are one of the most prominent techniques MSPs are beginning to use in the fight against hackers.
An enterprise's cybersecurity is significantly enhanced by SASE and its integrated set of technologies, including SD-WAN, Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), Zero Trust Network Access (ZTNA), and Firewall as a Service (FWaaS). Using various technologies, SASE can recogniase malware and sensitive data, decrypt material quickly over the internet, monitor real-time sessions, and evaluate risk and trust levels.
The cost of the small, medium, and big company tools is now reasonable and invoiced every month, according to Erkan. "Service providers may serve many end-customers profitably and cost-effectively using DefensX's Multi-Tenant Cloud. Service providers may simply give their customers an extra line item while bundling their current services with DefensX's eSWG, eCASB, RBI, local-isolation, credential exposure prevention, and SaaS access protection capabilities."
According to Erkan, MSPs that use SASE solutions reap several advantages that enhance various facets of their customer-facing cybersecurity services. For instance, SASE solutions expand an MSP's cybersecurity offering with zero-trust security.
While network security solutions safeguard and gather data on network activities, endpoint security products do the same for endpoints. Zero-trust blocks unauthorized access and lateral movement inside a data environment by enforcing access regulations based on contexts, such as the user's role and location, their device, and the data they seek. Additionally, users may handle networks and data securely with personnel spread out and working remotely, thanks to zero-trust endpoint security.
When MSPs include Domain Name System (DNS) security in their offering, Erkan said, "SASE solutions are enhanced." "In order to maintain DNS infrastructure operating swiftly and reliably, DNS security employs overlapping protections, such as the deployment of redundant DNS servers, the use of security protocols like DNSSEC, and the need for strict DNS logging. The DNS system has a number of architectural flaws and was not created with security in mind, like many other Internet protocols."
Because of these restrictions and technical advancements, DNS servers are susceptible to various attacks, such as spoofing, amplification, DoS (Denial of Service), or collecting sensitive personal data. DNS safety is essential in the modern world since DNS is a crucial component of most Internet requests and may be a great target for assaults.
According to the Identity Theft Resource Center, this year has already seen more cyberattack data breaches publicly publicised than all of 2021 combined, putting 2021 on course to be a record year (ITRC).
One ransomware assault occurred every 11 seconds in 2022, affecting 1,097 businesses in the first half of 2021 compared to 1,112 in all 2020.