MSP Xperience Panel – Quotable MSPs Riff on BCDR and Security Challenges

Roddy – How do you prepare for unknowns? Focus on how you will recover, and follow a good framework, such as NIST or CIS. In fact, we use CIS – try to get to IG3. Limit your exposure.

Justin – We take for granted that techs just know, don’t take for granted that your techs aren’t downloading stuff and downloading files. They are often the problem.

Ben – Layer protection, layer on antivirus, you have to have layered security.

Roddy – Of course, clients come with demands. Such as “We can’t ever be down, We can’t ever be breached.” We need to explain we can get you from 60 to 85%. We have to set expectations. You might be down for a day, or you might be down for 3 days. Most of the time, you are having a ransomware conversation when it is happening to them or someone in their industry. You’ve got to have that conversation early. Set a real-world expectation that we cant protect 100%.

Justin – We are using real work examples, such as airports, and bad actors trying to steal Windows credentials. Use a real-world example that this could happen to them, or your customers will ignore it. And remind clients that they also have clients. Just as we want to protect you, you want to protect them.

Ben – We have occasional customers asking if they are secure. A local golf course went to a security seminar and came back asking about Zero Trust and MFA, and I said awesome!

Roddy – We have IR Plans. Some are basic and just a few pages long, while others are more complex. You have to be prepared to pull all hands on deck. Containment is essential, and so is communication. There is always a threat, and people are panicky and can fill in a lack of knowledge with their own thoughts. Communicating your plan combats that. Post mortems are all part of an IR Plan and getting better.

Justin – We have an IR Plan meeting every year with clients who genuinely want to have that service and are willing to pay for it. We can also make a game of it. We call it the death card. You create this scenario (I am a Dungeons and Dragons fan) and say an ice storm hits, and only those who have this card make it to the office. And I tell them I died on the way in, and you can’t ask me questions. And how are you going to guarantee RTO and RPO? These tabletop exercises are some of the strongest things you can do.

Roddy – There is no floor to what an MSP is. That is part of the reason our industry is so hard to insure; there is no standardization or regulation. We have to do a lot better. I can’t tell you how many retainer agreements I have done for high-compliance legal clients.

Justin – In the past, it has been easier to get insurance since we do SOC audits. But since the RMM breach, it has been harder since we are an MSP. So we have to have 2 or 3 extra riders on top of our insurance. And I agree we need to do better with standards as an industry; it would be better for all of us.

Ben – It has been challenging to get a carrier that actually wants to cover an MSP because we have keys to the kingdom. They don’t just take your word for things; they want proof. I was handed the application, and I looked at it and said, well, there goes my week.

Roddy – the more tools you have, the more tech debt you have (and I hate that term). You have 25 different tools you are using to satisfy NIST or CIS controls, and I can’t support 5 different products! It is more expensive; I need a higher-level guy to understand. In the grand scope of things, it goes back to cost savings, you got a lot more in fewer vendors, and you can leverage that with them.

Justin – We want to see which vendor is the most flexible, who understands multi-tenancy and separate policies for each person. I am an Axcient person; we only have Axcient now. As soon as something happens, a person from the service desk can click a button and know it will recover because it is standard across everyone.

Ben – We were entertaining other vendors before we talked to Axcient and got a much better price with the same features, and even more so, we have a much better experience with Axcient.

Axcient Has the Best Partners!

As an MSP, it’s your job to prepare clients for the realities of the cybersecurity threats against them. Taking a security-first approach means you don’t hope it won’t happen; you assume that it will. Using educational resources like this threat glossary designed for end users and our MSP Quick Guide: Surviving a Total Ransomware Takedown is a great way to start. MSPs and their SMB clients need to confront the reality of data breaches caused by human error. The bottom line is it’s going to happen. Preparing for it – with a comprehensive BCDR solution, disaster recovery planning, cyber liability insurance, and practiced incident response policies –determines survival. Are you ready?

>>>Download Surviving a Total Ransomware Takedown: An MSP Quick Guide for Overcoming