Basic Cyber Hygiene

Get Your Free Guide and Questionnaire

Establish Basic Cyber Hygiene Through a Managed Service Provider (MSP)

Small and medium-sized organizations often grapple with IT challenges such as limited funding, evolving technologies, legal compliance, and a shortage of skilled IT staff. They frequently turn to Managed Service Providers (MSPs) like Snyder Technologies to handle their IT infrastructure, allowing them to focus on core operations

The Center for Internet Security (CIS) has released guidance to help enterprises with this challenge. The new guide, Establishing Basic Cyber Hygiene Controls Through a Managed Service Provider, can help small and medium enterprises ensure their basic cyber hygiene needs are met by their service provider.

CIS Controls utilize Implementation Groups to prioritize cybersecurity initiatives. By identifying the right Implementation Group and CIS Controls for your organization, you can better integrate an MSP like Snyder Technologies into your strategy.

Download Your Free Guide - Establish Basic Cyber Hygiene Controls with an MSP

The guide contains a questionnaire that can be modified to address an enterprise's specific concerns before it is provided to the MSP.

This paper provides an overview of the CIS Critical Security Controls® (CIS Controls®) and provides small and medium enterprises with a guideline questionnaire to ensure their basic cyber hygiene needs are met by their managed service provider.

CIS Controls

The CIS Controls are internationally recognized for bringing together expert insights about threats, business technologies, and defensive options into an effective, coherent, and simple way to manage an organization’s security improvement program. They are a prioritized set of actions that collectively form a defense-in-depth set of best practices that mitigate the most common attacks against systems and networks. The CIS Controls are comprised of 20 Controls that are supported by 171 Sub-Controls, or Safeguards.

In CIS Controls V7.1, CIS introduced a new prioritization scheme called Implementation Groups (IGs):

is the definition of basic cyber hygiene and represents an emerging minimum standard of information security for all enterprises.


prescribes what has to be done for more sensitive components of an organization depending upon the services and information they handle.


is the highest level of cyber hygiene. These are steps fully mature organizations should take to protect the most sensitive parts of their missions.

MSP Services and Solutions

MSPs like Snyder Technologies, from a security perspective, can help enterprises reduce the risk of understaffed and underfunded in-house solutions. Due to their offerings, MSPs are highly attractive to potential clients. They offer a wide range of solutions and services that include, but are not limited to, those listed below:

  • Anti-virus, anti-spam, anti-phishing, and anti-malware services
  • Data backup services
  • Network monitoring services
  • Software configuration and provisioning services
  • Cloud computing services (applications, services, resources, management)
  • Hardware configuration and implementation services
  • Network infrastructure configuration, implementation, and enhancement services
  • Patch, repair, and update management services
  • On-demand augmentation of incumbent staff/expertise

Ensuring Basic Cyber Hygiene with MSPs

How can small and medium enterprises protect themselves while taking advantage of some of the benefits of working with an MSP like Snyder Technologies? Asking the right questions when shopping for a provider can help inform an enterprise’s decisions.

The new guide from CIS considers the issue from the perspective of the CIS Controls and provides a baseline of questions to ask MSPs. It is especially important to know:

  • The types of controls that are implemented at the MSP for their own security
  • Which CIS Controls are implemented by the MSP on behalf of its clients

The guide contains a questionnaire that can be modified to address an enterprise’s specific concerns before it is provided to the MSP. The 43 Safeguards in CIS Controls IG1 provide a guideline for basic cyber hygiene for all enterprises. In particular, IG1 can be easily implemented by small and medium enterprises, potentially with support from an MSP. These Safeguards will help organizations protect their IT infrastructure, systems, and data from most cyber-attacks.

The new guide, Establishing Basic Cyber Hygiene Controls Through a Managed Service Provider, is an effective way for organizations to ensure their basic cyber hygiene needs are met when contracting with an MSP. Our team is more than ready to assist you in implementing Cyber Hygiene Controls in your enterprise - contact us to set up a time for us to discuss a custom security solution today.

Download Your Free Guide - Establish Basic Cyber Hygiene Controls with an MSP

The guide contains a questionnaire that can be modified to address an enterprise's specific concerns before it is provided to the MSP.

This paper provides an overview of the CIS Critical Security Controls® (CIS Controls®) and provides small and medium enterprises with a guideline questionnaire to ensure their basic cyber hygiene needs are met by their managed service provider.