The Department of Homeland Security in the United States is reminding users to take precautions when using Managed Service Providers (MSPs) because of an ongoing campaign by Advanced Persistent Threat actors to infiltrate networks.
MSPs can increase efficiency with up-to-date technologies, cut costs and reduce risks. However, there are also important considerations to take into account when contracting these providers. Since these services involve outsourcing many responsibilities to other companies, it is important to make sure that your data is well-handled, accessible, and protected. The following content is related to past information and guidance that can provide valuable insight to keep your networks, systems, and information safe and secure.
Additional information
Cyber security best practices for contracting with managed service providers
The purpose of this Information Note is to provide best practices and highlight security considerations when subscribing to services offered by managed service providers.
AL17-004: Malicious Cyber activity targeting managed service providers
The purpose of this alert is to bring attention to ongoing malicious cyber activity targeting managed service providers (MSP).