Cybercriminals are exploiting weak credentials, unpatched software, or using phishing to single out high-value targets. And IT companies — such as Cognizant and Conduent, both hacked earlier this year – are very high-value targets. 1
Of course, this isn’t just a problem for the IT provider because hackers are using them as a gateway to their clients. A poorly secured IT provider provides an open road directly to every bank, hospital, government agency, or business they service.
Why is this such a widespread issue? Many believe that a lack of standardization among IT providers is part of the problem. There are currently no regulations regarding cybersecurity claims, and many managed IT providers are calling themselves security experts simply because they sell antivirus software.
Safe, Secure, and Verified by (Actual) Experts
This lack of oversight has put the IT industry in a lurch – until now. Head up by credentialed cybersecurity veteran Jason Rorie, a board of information security experts has come together to create their own certification. Called “TISC-2020”, this certification audits and tests over 70 controls which have been deemed vital to the security of an IT provider and their clients.
Their goal? To create a measurable standard by which IT providers can make trustworthy claims about their cybersecurity posture. Through rigorous exploration of physical and digital security measures, employment policies, monitoring, vulnerabilities, and other aspects of the IT provider’s internal protocols, the TISC-2020 board can make a very qualified assessment of their strengths and weaknesses.
An IT provider must satisfy every control to be awarded a TISC-2020 certification.
Heiden Technology Solutions Earns First TISC-2020 Certification
Detroit-based Heiden Technology Solutions completed their final inspection in June of 2020, making them the first independent managed IT services provider to earn the certification and the associated MSP Overwatch™ badge.
“The process was not easy – this is a very demanding set of controls,” says CEO Carl Heiden, “but the weeks of work was worth it to know that we’re among the most secure IT providers in the country. And to be able to show our clients evidence to that fact is priceless.”
About Heiden Technology Solutions
Heiden Technology Solutions has been providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses since 1994. With a goal to provide enterprise-level IT practices and solutions to the small business sector, with small business prices, their experience has allowed them to build and develop the infrastructure needed to keep prices affordable and clients safe and productive.
TISC-2020 was created as a direct response to increasing cyberattacks directed at MSPs, MSSPs, and other IT providers. Methods of auditing the security levels of IT providers include Information Security Policy review and creation, Security Procedures review and creation, Security Control Testing through the implementation of Vulnerability Scans, Penetration Testing, Social Engineering Testing and Physical Access Testing, among others.