<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=522217871302542&amp;ev=PageView&amp;noscript=1">

The 'Human Error' Factor in Online Security Behavior

Posted by Tracy Holtz on Feb 23, 2021 12:32:13 PM

We’ve long known that one of the most significant risks that any company has is human error and bad online security behavior. As I look at how the pandemic has forced us all to rethink our security postures, I’m struck by the increased volume of attacks and the strategic, manipulative nature of the attacks themselves. Attackers are preying on the emotions the pandemic, the availability of vaccines, and the often contradictory messaging about the pandemic, are having on Americans. It’s a sad, undeniable reality that these bad actors have made a serious business out of exploiting the fears and hopes of everyday people. And, faced with the growing number of attacks, worker vigilance -understandably- is being overwhelmed by the flood of phishing emails coming in both to company and personal email addresses.

The risk extends beyond employees working from home -outside of the traditional perimeter and endpoint defenses that may have existed in their traditional office. In a lot of cases, these workers are sharing their online environment with kids who are distance learning. Students logging into remote applications, whether it be a Zoom call or learning portals, run the risk of deleting data by accident—and the machines they’re working from are rife with personal information from school, personal applications and social accounts, which presents a tempting and valuable target for attackers.

This new paradigm, while a bit scary, offers opportunities for partners to step in and help…and increase margins at the same time.

End User Security Training: In recent years, I’ve seen an uptick in the number of partners offering end user security training and earning some decent margins on that critical education. If users aren’t fully understanding how to look at email aliases, identify where they come from, and recognize where they’re malicious, they’re putting both their company and themselves at risk. End user training is a vital offering that managed service providers should bring their customers, reducing risk while increasing their own value.

Partners are doubling down on this education during the pandemic and wrapping it around phishing and email security products. There are many companies in the marketplace that have phenomenal products around these areas, that provide the foundation for partners to resell as their own or as a bundled training service. The beauty is that it isn’t a “one and done” solution. Security has to be continual education.

Building on Foundational Solutions: As far as security solutions, both the anti-phishing and email security component are increasingly important. When you think about the number of customers that have migrated to Office 365 and a hybrid environment since March, it’s clear that email security is of the utmost necessity today. In a home office with all of a family’s connected devices and cobbled together security measures, not many individual users have a sophisticated home security environment. They don’t have adequate MFA, firewalls, VPNs or anti-malware solutions in place.

Partners able to wrap training around phishing and email security solutions have just landed upon an increased margin opportunity. You can always attach the email security to customers’ managed email. If partners want to take the next layer, there are endless applications that need securing: Exchange Online, SharePoint, OneDrive, Teams—all of those applications are being leveraged in the cloud in this remote workforce. There isn’t a day that goes by that I’m not sitting on Teams or Zoom calls. Attaching the phishing service gives an added level of margin. The ability to protect all of that and have more encrypted backup is pretty compelling to an end customer. That should be table stakes in any package an MSP offers.

What are some of the attacks you’re seeing? How are partners having success in coming to the rescue?

Tech Data provides multiple security solutions that address email security as well as a host of other cybersecurity solutions. For more information, visit our website or reach out to our expert team today for a more in-depth conversation.

About the Author

Tracy Holtz serves as director, Security Solutions for Tech Data. She is responsible for providing the strategic vendor strategies, direction and accelerating security sales performance across our entire security solutions vendor portfolio. Tracy joined Tech Data in 1997 beginning her career in finance prior to joining the vendor management organization in 2000.

Tags: Cybersecurity, Online Security, Online Behavior, Human Factors in Online Security