Category Archives for "Managed Services News"

PST Flight Deck is a powerful PST migration tool, enabling you to upgrade the use of PST files within your organization. The automated solution can also repair PST files, identifying ownership, removing passwords, restoring corrupt files, and highlighting redundant PSTs. Once auditing is complete, the intelligent software will migrate PST files to Office 365 or Exchange, automatically deleting old files, detaching without errors.

Download the product brochure here.

In my role as a consultant helping MSPs expand their security practice and expanding the managed services they offer in security, the question keeps coming up about the timing of moving to subscription services. We have always sold managed services for help desk, IT support and managing networks, but how can we position managed services for security with an OPEX pricing model?

The good news is the timing is right now. For many reasons, the industry is shifting to this model in many ways, and MSPs can make the move today with support from manufacturers and service providers. Recent announcements from Cisco and Microsoft have set the direction that many security companies have worked on over the last year. Many have built endpoint security; identity access; IoT and IoMT device monitoring; and log management systems in managed service models to provide MSPs with a great platform to convert existing customers to a subscription-based, managed service model.

Endpoint security is a great example of this. Many providers now allow the conversion of existing endpoint security licenses to a monthly managed service, including not only tools and consoles, but also the installation, update and management of the endpoint security software. Many have now incorporated Office 365 email account security into their offerings, making them very attractive to hybrid environments and a robust endpoint security offering.

We have seen this on a regional and national basis with managed services for log management, alert response and remediation being offered to MSPs as a white label service. This has allowed MSPs to jump in without the cost of building a 24/7 managed SOC.

Today, this is a common approach. Customers understand that MSPs can build it all; they accept the structure of white label for these services, and they like buying from one source–a service provider they are comfortable with. With customers looking to outsource more of their security needs because of limited staff and the ever-expanding threat surface in customer network environments, I believe this trend will continue to expand to other products. Customers need many more security products and services to protect themselves, and they can’t afford the capital outlay to satisfy their needs.

VARs and MSPs alike must work on converting their sales compensation to adjust to this new financial model, providing incentives to sales professionals to drive the new MRR model. MSPs can offer to have customers pay upfront options for these services and make changes to compensation models for salespeople, as well as provide sales training to show them how to adjust their mindsets and see how this will be a positive change in the long run.

Ready to take the next step to expand your security practice? Contact Tech Data Security at [email protected].

John Komer has enjoyed a 40-year career in the technology industry. Prior to joining Tech Data as a Solutions Practice Consultant, he spent 25 years dedicated to cybersecurity. John has enjoyed technical roles involving voice and data networks, video, data center and security technologies, designing and installing solutions for customers. John has held roles as a system engineer, sales account manager, global account manager and founder of a security consulting company for cybersecurity after the 9/11 World Trade Center attacks to help the Department of Homeland Security. John is involved in many security technology groups, giving presentations and helping drive vendor involvement in these groups.

This guest blog is part of a Channel Futures sponsorship.

Nova is a platform of integrated services for Office 365 management. Whether you have one tenant or thousands, Nova enables you to gain deeper operational control and visibility of your environment, while removing a significant load from IT through sophisticated automation, delegation, and policy control in one interface.

Download the brochure here.

The number of ransomware attacks on MSPs mounted last year and more are likely to be targeted in 2020.

Dark Cubed, which provides cybersecurity solutions, procured a research study with data revealing that MSPs are fighting a losing battle when it comes to cyberattacks. MSP networks are under a barrage of attacks from malicious threat actors, and 100% of MSPs reviewed suffered either automated attacks, directed attacks or both.

To get a firsthand account of an MSP ransomware attack, we spoke with Darin Harris, COO of Remote Techs, which incurred a ransomware attack last year that nearly drove it out of business. The MSP works with clients across the western United States, and construction and transportation are its two biggest verticals.

Channel Futures: How did the ransomware attack unfold?

Darin Harris: We used two pieces of software that are very common in the industry. We used a remote management and remediation tool [from] Kaseya and then we used a ticketing and billing system [from] ConnectWise. ConnectWise had a plug-in essentially that connected the workstation data, the audit data back into ConnectWise so that you could connect tickets to workstations and things of that nature. They released a patch [at] the end of 2017 or the early part of 2018 that was to fix a vulnerability. We applied the patch, thinking we were safe, and then in … the early part of February of 2019, the exploit that existed and that was supposedly patched started to be used in the wild, and ConnectWise and Kaseya started to see MSPs becoming attacked. What it would do is essentially bypass your two-factor security, bypass your user passwords … to a direct sequel injection into the database to change a password, they would log in and then they would use Kaseya to start installing their ransomware using your servers to push the ransomware to all of the clients that were connected. Yeah, real friendly stuff.

So for us, it started at about 2:45 p.m. on a Sunday, and we have some customers that run pretty close to 24 hours a day, and so we started to get a few phone calls about 3:15 p.m. of servers being unavailable for one of our clients. We started to investigate and found clients that were ransomed. And we started to see that affect a couple of clients at the same time, at which point we quickly deduced that the issue was the Kaseya server itself. We looked into that and found that we couldn’t gain access to it like we used to be able to. And so we quickly took it offline, shut it down and then started the remediation process to fix everything. That was probably a good, solid, six-to-eight weeks, and we had – compared to other owners like myself that I’ve spoken to – manageable damage. We had about 14-16% of our connected devices become encrypted and more than half of those were servers. I know some owners and some other MSPs that had 100% encryption rate. Every single device was encrypted before they found out what was going on. So yeah, that was January. It took us two months to get everything kind of back to normal. We had our customers back up within just a few days, but … even if you can recover workstations and desktops, and servers you still have to go back and back up all the data, rebuild it from scratch and …

Forcepoint has hired Nico Popp, previously with Symantec, as chief product officer, charged with overseeing the global execution and evolution of the company’s behavior-based cloud security platform.

Forcepoint’s Nico Popp

In this newly created role, he also will lead all product development, management and innovation, such as Forcepoint X-Labs, while also leading the strategic integration of the overall product and customer experience.

“The race to embrace digital transformation has created enormous opportunities for global enterprises today,” Popp said. “However, with these significant gains in digital innovation and business productivity comes an added layer of security complexity. This complexity can only be addressed by moving traditional security to the cloud. Forcepoint is uniquely positioned to capture this industry shift toward security as a service. The new cloud capabilities which Forcepoint is introducing through its dynamic data protection and dynamic edge protection security platform present a very real opportunity for customers to derive the benefits of digital transformation, allowing them to accelerate business growth and desired business outcomes. This is a critical tipping point moment for the cybersecurity industry, as the legacy approaches to securing users and data must change. And with the industry’s most comprehensive portfolio available to customers today, Forcepoint is uniquely positioned to be the next recognized leader of global cybersecurity. There couldn’t be a better time to join this team and help drive forward the Forcepoint mission.”

Popp brings more than 15 years of cloud operations and product development experience to Forcepoint. As Symantec‘s senior vice president of cloud and information protection, he developed and introduced to market cloud-first products. Prior to Symantec, he held senior leadership roles at Verisign and RealNames.

“As chief product officer, Nico brings to Forcepoint a deep understanding of the cloud security market and the criticality of a customer-centric approach to innovative security product development,” said Matthew Moynahan, Forcepoint’s CEO. “He has decades of experience building highly technical products and the teams behind them and will be a force multiplier to advance adoption of Forcepoint’s dynamic cloud security platforms for data, users and networks with enterprises and government agencies worldwide. I am excited to partner with him to firmly establish Forcepoint as a modern cyber security leader.”

Managed service providers, resellers and other channel partners teaming with the top public cloud providers have the opportunity to tout partnerships that help curb climate change, thanks in part to Microsoft’s pledge that it will reach carbon-negative status in 10 years.

Microsoft’s Brad Smith

“We are launching today an aggressive program to cut our carbon emissions by more than half by 2030, both for our direct emissions and for our entire supply and value chain,” Microsoft president Brad Smith wrote in a Jan. 16 blog. “We will fund this in part by expanding our internal carbon fee, in place since 2012 and increased last year, to start charging not only our direct emissions, but those from our supply and value chains.”

But there was more.

Smith also announced that, by 2050, Microsoft will remove as much carbon from the atmosphere as it has produced since its founding in 1975. That goal in particular is getting a lot of attention.

“I’ve never seen that before,” Cynthia Cummis, the director of private sector climate mitigation at the World Resources Institute, told NPR.

To be sure, industry observers agree that Microsoft has set a gutsy – yet crucial – objective, especially the part about removing all carbon emissions ever released.

All eyes now will be on the corporation’s execution, James Mulligan, a senior associate with the World Resources Institute’s Food, Forests, and Water Program and carbon capture expert, told Forbes.com.

“I do expect other companies will continue to ramp up their own ambition in ways that make sense for their businesses,” Mulligan said, according to Forbes. “Hundreds of companies have already set net-zero targets. As carbon removal technology continues to develop, I expect we’ll see more and more companies – and countries – see a viable path to net-zero and beyond. But we need trailblazers and that’s where Microsoft comes in.”

The influence on the wider technology ecosystem is key, said Daniel Newman, principal analyst at Futurum Research.

“With such a large vendor, partner, customer and supplier ecosystem, Microsoft’s commitment should serve as a catalyst for greater commitments from the broader tech and enterprise community,” Newman wrote in a Jan. 16 post. “Those commitments, which will hopefully take shape, should inspire action throughout the value chain. This type of snowball effect is what I foresee making the biggest impact.”

Indeed, Microsoft itself calls its whole plan a “moonshot.”

“It won’t be easy for Microsoft to become carbon negative by 2030,” Smith said. “But we believe it’s the right goal. And with the right commitment, it’s an achievable goal.”

And while Microsoft is not the first public cloud vendor to work toward carbon-negative status, it is the first to take such bold steps.

“Microsoft’s plan is more ambitious than Amazon’s,” Nives Dolsak and Aseem Prakash wrote in a Jan. 17 column for Forbes.com.

As evidence, Microsoft aims to move to renewable energy for its buildings and data centers by 2025, while Amazon has its sights set on 2030 for the same goal. Likewise, Microsoft remains 10 years ahead of Amazon when it comes to net-zero emissions: 2030 compared to 2040.

“Moreover, while Amazon committed to net-zero emissions for its operations only, Microsoft’s plan will cover its entire supply chain,” the contributors wrote. “Even more remarkably, unlike Amazon, Microsoft takes responsibility for its historical emissions, with the pledge to remove them from the atmosphere by 2050. In sum, Microsoft is ahead of Amazon in Round 1 of the climate marathon.”

Not to be outdone, Google told The Telegraph this week that it is working hard to do more than be carbon neutral — meaning that it buys as much renewable energy as it consumes. Google Cloud itself has been carbon neutral for 12 years. But Kate Brandt, the parent company’s chief sustainability officer, says that’s not enough. She intends to have Google overall, and its entire supply chain, operating solely on …

Repeated warnings from security researchers fell on deaf ears as doctors and hospitals ignored the risks and millions of medical images leaked onto the internet every day, according to a joint report by TechCrunch and health news site The Mighty. Researchers spent weeks notifying healthcare providers and institutions to no avail. It appears that even a massive HIPAA violation isn’t enough to make security a priority issue.

Comforte’s Felix Rosbach

“While it is not always possible to prevent malicious access, sophisticated data protection is a must when processing and storing sensitive information — especially PII and health care records. These are core requirements of data privacy regulations like HIPAA and GDPR, and there might be fines coming up for this,” said Felix Rosbach, product manager at data security company comforte AG.

Unfortunately, cybersecurity is given little priority in health care environments, despite heavy regulations pushing the need for it.

“Often, security compliance is managed as a subset of medical compliance, and therefore cybersecurity takes a back seat,” said Colin Bastable, CEO of security awareness and training company Lucy Security.

Knowledge gaps on how networks and systems work are contributing factors in security issues as well.

“Unfortunately, most of the medical world thinks it exists in isolation, in its own private cloud, which is clearly unrealistic. It often appears that most medical professionals don’t understand that so much information is globally accessible,” said Bastable.

“It’s no wonder health care tops the charts every year as the No. 1 at-risk sector for cybercriminals,” Bastable added.

The most common cause for medical image and data leakage is found in network configurations.

Juniper Networks’ Mounir Hahad

“Generally speaking, in this kind of situation, it’s the configuration of the network which is at fault before anything else. No system handling sensitive data should be accessible from the internet without the need for a VPN or some strong authentication method. The DICOM protocol itself was developed a long time ago and did not take into consideration the implications of cybersecurity,” said Mounir Hahad, head of Juniper Threat Labs at Juniper Networks.

Some health care companies try to add security by moving to the cloud, often with mixed results.

“It is often the case when legacy applications are moved from fortified data centers into cloud environments that data leaks occur. Those applications and databases may not have the adequate security considerations to guarantee confidentiality of data; therefore, it is necessary to resort to technologies like secure software-defined networks to provide deployment security,” Hahad added.

MSSPs serving the health care industry clearly have their work cut out for them, not only in terms of adding layers of security and increasing educational efforts to include lessons on how medical data and images leak online, but in persuading the medical community to take a more comprehensive and less patchwork approach to security.

“Insecurity is compounded by the highly fragmented and outsourced nature of the U.S. health care landscape. The need for multiple parties to have prompt access to all medical data ensures that convenient access takes precedence over basic authentication and authorization security,” Bastable said.

Even so, health care isn’t that much different from other types of businesses, at least in terms of risk exposure.

“The massive amount of data sets combined with the number of freely accessible PACS systems that were configured in similar ways shows that protecting data still is a major challenge for organizations in all verticals,” said Rosbach.

Perfecting the art of selling cloud services and platforms remains a hot topic within the channel.

Paul Croteau, channel CTO at Rackspace, will address that burning issue on Tuesday, March 10, during the Channel Partners Conference & Expo in Las Vegas. Partners must get a firm grasp on understanding their customers’ business goals and strategies to effectively discuss and offer the next generation of networking technology. In this edited Q&A, Croteau shares some insights ahead of his session, “You’re Leaving Lots of Money on the Table: Uncovering Cloud Revenue from the C-Suite, part of the sales and marketing conference track.

Channel Futures: This topic of changing the conversation from tech-only to business outcomes goes back many years. Why does shifting the discussion remain such a challenge for the channel?

Rackspace’s Paul Croteau

Paul Croteau: I think it’s just a matter of human nature; people tend to avoid asking questions or talking about subjects they are not familiar with. Much of my experience the past few years has been with channel sellers who have mainly focused on the networking side of the technology stack. Taking the conversation outside of the telco room into the boardroom might be considered a big leap for many sellers; those audiences have different backgrounds and ask different questions. I always tell my channel sellers that I don’t want them becoming experts in my company’s portfolio, or experts in the cloud in general. I want them to become better at talking about business scenarios. It’s OK to step out of the telco closet!

CF: What additional insight can you share that might help partners understand why it’s so critical to adopt this different approach to client conversations?

PC: When you speak with business leaders about their business, instead of talking about one specific piece of hardware or software and its features, that leads to topics like staffing and other current challenges.

CF: Building on the above question and answer, why is this all particularly important when discussing cloud products and services?

PC: This gets back to my human-nature comment. Cloud is still very new to many business leaders; it’s not something you implement on your own. It’s important to engage subject-matter experts who have experience and know how to guide these business and technical conversations. Many customers simply don’t know what they don’t know; the same applies to salespeople. At Rackspace we have a phrase: “The cloud is for everyone but not everything.” We help customers understand how to best leverage this new business paradigm. This is why it’s vital to engage cloud subject matter experts as early in the sales process as possible.

CF: What’s one key, direction-changing question partners can pose to someone in the C-suite to shift the conversation to business outcomes?

PC: “What would the business impact be if your main application went down for three hours today? Are you able to carry on or will it shut you down?” This shifts the focus away from speeds and feeds, and opens the door to actual business-impact discussions.

CF: What are some of the most common business outcomes C-suite execs are looking for from cloud, in your experience?

PC: This has changed over the past couple of years. In 2018, leaders were looking to improve the speed of their service delivery, to become more agile, to make their IT infrastructure more redundant and resilient. There was a lot of “cloud peer pressure” — some leaders felt compelled to move to the cloud even though …

Virtually all business projects come with inherent risk, but data migration takes the cake with its vast web of complex challenges that can make or break your organization’s digital transformation.

The difference between success and failure often rests on the shoulders of risk management, so understanding which areas of data migration are most precarious is a crucial step.

This guide will explain the major points you need to consider when planning your migration project and help you determine how much of a threat they are to your overall success.

This guide will walk you through, in detail, the ordered steps and decisions you need to take when migrating from Exchange to Office 365 – with detailed guidance linked throughout.

Learn how to prepare your Exchange, properly explore all your options, understand pre-requisites and dependencies, and more!