Category Archives for "Managed Services News"

Michael Greene

Security hygiene is an increasingly important factor in today’s heightened threat environment when companies are vetting technology providers, MSPs and others in the channel. These groups are investing significant sums of money to strengthen security to protect their data and their clients, yet there is a critical area that is often overlooked: password reuse and the sharing of passwords between personal and work accounts.

The average person knows better than to reuse passwords across multiple work and personal related sites, but the human desire for convenience and efficiency will trump this knowledge every time. For example, 91% of respondents in a LogMeIn survey claim to understand the risks of reusing passwords across multiple accounts, but 59% admitted to doing it anyway. What’s more, 62% of employees are reusing the same password for both work and personal accounts.

There is a staggering amount of breach data on the internet and Dark Web and with attacks occurring on a continuous basis, this treasure trove for hackers is only growing. I recently spoke with a company that discovered that 4% of its uncompromised credentials become compromised within one month and this happened month over month. All a cybercriminal needs to do is obtain an exposed credential from one breach and use those same credentials to access other sites and systems. With the rampant practice of password reuse, it won’t be long before the hacker is able to access sensitive accounts and information.

For channel partners, this practice represents a serious security vulnerability. MSPs have emerged as a top target for hackers, with the U.S. Department of Homeland Security’s Computer Emergency Readiness Team (US-CERT), issuing an alert warning companies of advanced persistent threat activity. In addition to the typical headaches associated with data breaches — financial repercussions, brand impact, loss of sensitive data — MSPs and other groups in the channel face the added pressure of fallout from the client and vendor community. For many, this pressure will be too much to withstand — one study found that 60% of small businesses fold within six months of experiencing a breach.

What Can Channel Companies Do?

Organizations have historically addressed compromised passwords by implementing mandatory password resets every 42 to 90 days following the recommendations of traditional guidelines. However, times have changed as both the National Institute of Standards and Technology (NIST) and Microsoft have recently come out against password expiration for a number of reasons:

• Security: Employees typically choose a simple password or a pattern that can be easily guessed when forced to change passwords frequently.
• Costs: Mandatory password resets can drive up help desk costs, with Forrester estimating it costs $70 of help desk labor for a single password reset.
• Productivity: In addition to the financial element, password resets divert both IT and end-user resources away from more strategic initiatives — companies lose upwards of $420 in productivity annually per employee due to password challenges. This is a painful factor for many MSPs.

With awareness growing of these and other issues associated with expiring passwords, organizations must now focus on securing employee accounts from the start. Many companies in the channel have high employee turnover, and it’s important to be conscious of poor password practices that might follow your new hire from their prior position. Researchers from Virginia Tech University found that more than 70% of users employed a compromised password for other accounts up to a year after it was initially leaked, with 40% reusing passwords which were leaked over three years ago. This underscores that companies must expect poor password hygiene from their users and revise password policies accordingly.

NIST recommends that companies now verify …

As the year comes to a close, Channel Futures would be remiss to overlook some of the recently announced under-the-radar cloud M&A that impacts partners. Here’s a look at three deals that promise to generate activity in 2020.

Snow Software Buys Embotics

Snow Software in early December said it had purchased hybrid cloud management provider Embotics. Terms were not disclosed.

The deal enables channel partners to help CIOs manage their full technology stacks, including software, hardware, infrastructure and applications, no matter where they reside, Snow Software said.

That’s important because the rapid shift to cloud means technology now goes beyond the traditional bounds of IT management and is consumed by every employee on demand, Sanjay Castelino, chief product officer at Snow Software, told Channel Futures.

Snow Software’s Sanjay Castelino

“This trend extends from old software to new apps, data center to serverless, private to public cloud and everything in between,” Castelino said. “The trend has created a new challenge for technology and business leaders who must understand, empower and govern the consumption of technology without slowing down innovation and execution. Channel partners are well positioned to help enterprises as they adapt to these challenges – and Snow’s acquisition of Embotics strengthens our ability to deliver a platform for organizations trying to better understand and manage an organization’s full technology stack on-premises, in the cloud and in hybrid environments.”

To that end, the Embotics platform automates provisioning, reduces costs, and ensures governance across private, public, hybrid and multicloud environments. The Snow-Embotics union extends these capabilities throughout the world.

“To date, Embotics’ primary market has been in North America with select customers and partners in the Asia Pacific region,” Castelino said. “With this acquisition, Embotics’ cloud management platform is supported on a global scale in markets where Snow has an established presence.”

Snow Software said to expect big things from the acquisition.

“Cloud migration planning, bring-your-own-license optimization and hybrid cost control are just the beginning of what our combined platform will help customers accomplish,” Vishal Rao, president and CEO of Snow Software, wrote in a Dec. 2 blog.

NTT Data Gobbles up Flux7

Amazon Web Services premier consulting partner Flux7 in early December announced it had agreed to an acquisition by global systems integrator NTT Data Services.

Flux7 specializes in cloud implementation, migration, automation and DevOps consulting, mostly within the financial services, retail, pharma, software and manufacturing verticals.

“The acquisition of Flux7 will enhance the value we can deliver in AWS, DevOps and Agile development capabilities, while aligning with our focus to drive digital services for our clients,” Bob Pryor, CEO of NTT Data Services, said. “With an excellent brand, industry recognition and impressive client base, as well as a strong record of growth, Flux7 is a strategic fit for our business and part of our ongoing strategy of growth through acquisition.”

Aater Suleman, co-founder and CEO of Flux7, will continue to lead day-to-day operations.

The companies did not say …

While it’s easy to foresee several current trends continuing into next year, 2020 isn’t shaping up to be just more of the same.

Among some of the most surprising developments in the new year is the high interest in adding quantum strategies to cybersecurity plans. Shareholder lawsuits are equally surprising as they gain traction against board members and thus are a rising enterprise threat.

An increase in Raspberry Pi popularity in IoT networks makes sense, but who saw that coming to the point that Raspberry Pi becomes a backbone for IoT? Conversely, VPNs look to be facing a surprising but potentially serious disruption, at least in the disaster recovery (DR) market.

Perhaps most alarming is the expectation of some experts that cyberthreats will leave bigger footprints on reality than the traditional data theft and all that implies.

BitSight’s Jake Olcott

“Despite years of warning, governments still haven’t invested in the cybersecurity of critical infrastructure, as highlighted during the March 2019 attack on the U.S. energy grid. In 2020, a Western government will be forced to quell looting and rioting when a cyberattack disrupts their electric grid,” predicts Jake Olcott, VP at security ratings company BitSight.

Even so, many attackers are going to go considerably more low-key next year.

“Zero-day vulnerabilities receive the most attention from the media, but in 2020, hackers won’t bother with these highly publicized attacks; instead, they will home in on simple strategies, like gaining access to a network through an org’s vendor or third-party or through lack of patching,” said Olcott.

“The NSA reports that it responds to intrusions from zero-day vulnerabilities very rarely — instead its time is taken up with incidents where unpatched hardware and software have been exploited.” Olcott added.

Most organizations will need a bigger budget next year to protect the ever-expanding threat surface and expand their defensive arsenal. In any case, cybersecurity is now a top critical risk for businesses of any size and the evolving issues require your full attention.

According to ISACA, CMMI and Infosecurity Group’s “State of Enterprise Risk Management 2020” study, 29% of respondents found that cybersecurity is the most critical risk category facing enterprises today and 33% believe that information/cybersecurity risk will be the most critical category of risk facing their organization in the next 18-24 months.

However, security pros should also take heart because all is not lost. Attackers wouldn’t have to work so hard to change their strategies and tactics if the security measures already in place weren’t so effective.

“As 2020 rolls up, it’s important to take a step back and understand the average internet user has never been safer. Automatic updates, embedded phishing protection and more help ensure the average user is safe to run his life online,” said Daniel Goldberg, senior security researcher at Guardicore.

“The flipside is that the check is coming due for a lot of organizations, large and small, that have failed to protect their company and customers’ data,” Goldberg added.

Click through the slideshow above to see what else the experts say 2020 has in store.

In early 2016, HP unveiled its then-innovative smartphone, the HP Elite X3, which the company touted as essentially a computer in your hand that could be connected to a Windows PC and used as a true business work environment.

I was so excited about the possibilities of the smartphone that I gushed about it for eWEEK. “The HP Elite x3 could be the smartphone of my dreams because it could actually, possibly, potentially be the first handset I can buy to serve as not only a phone but as a PC, enabling me to do my work anywhere,” I wrote.

Not long after, I was disappointed when the Elite XP3, which was a Windows phone, lost support when Microsoft dropped its Windows phone initiative. I was back to square one after using a series of perfectly competent phones, mostly from Samsung. The phones were fine, but none allowed you to do your work in sync with your laptop or desktop PC.

Then earlier this year I saw Samsung’s latest stylus-equipped Galaxy Note10+ phone and its two sisters, the smaller 6.3-inch standard Note10 and the 6.8-inch Note10+ 5G, and I got those desktop-in-your-hand dreams all over again. The Galaxy Note10 family is impressive.

I’ve been using a Samsung Note10+ handset for the last several months and have found it to be a capable phone and business tool in most ways, though it does have some shortcomings as well.

The Positives

From the start of my review, I absolutely loved the large, bright 6.8-inch quad HD Dynamic AMOLED Infinity-O display (3040 x 1440 resolution, 498ppi) and its edge-to-edge screen layout. It is clear, distinctive and works well in all kinds of lighting situations.

I also love one of the Note family’s greatest features since it was launched in 2011 – the built-in removable S-Pen stylus which lets users “write” on the display and capture their work for use in documents, emails and more. Today’s S-Pen stylus has gained even more features and capabilities, including easier ways to use it to capture and create unique content. The flexibility and creativity it offers to users is game-changing, especially when you realize that it’s not just a fad. but is a real business tool you can carry with you all the time. I at first thought it was just for show, but its true value became more evident as I used it to make notes and then sent them to myself via email. It was that computer-in-your-hand idea again.

The Note10+ has superfast charging and the longest battery life of any smartphone I have used since the genre began officially in 2007 with the first Apple iPhone. I can use the phone all day and still have 60% of its battery life remaining by late evening, or I can use it more heavily for things like GPS and Google Maps and still have 20% life left without recharging during the day. With its 4,300mAh battery, that is…

If you’re a cybersecurity professional and your New Year’s resolution is getting a new job, there are a lot of things to keep in mind in terms of opportunities and pay.

Cynet has released the results of its 2019 survey of cybersecurity professionals, examining pay rates measured against employee achievements, education, skills and more. More than 1,300 participants from diverse industries globally participated in the survey, which was administered this quarter.

Yiftach Keshet, Cynet‘s director of product marketing, tells us one of the drivers of the survey was to gain more detailed insight into what may be limiting qualified candidates from potential job opportunities.

“What the survey showed is that, indeed, there are certain employee attributes that could be reducing the qualified pool of potential employees,” he said.

For cybersecurity professionals planning post-holiday job searches, there should be a focus not just on education, but actual skills in order to differentiate a cybersecurity candidate’s capabilities from potentially competitive applicants, Keshet said.

“As having high-value skill sets were more closely related to higher compensation, the data justifies security professionals continually building upon their knowledge base,” he said.

The data backs detailed salary profiles for five popular security positions: security analyst, threat intelligence specialist, securitycloud security architect, penetration tester and security directormanager.

Among the findings:

• Security analysts in North America get significantly higher salary than in EMEA and APAC, with more than 80% earning between $71,000 and $110,000. In contrast, less than 35% in EMEA and 21% in APAC earn equivalent salaries.
• All analyzed positions feature similar salary range distributions for both employees with or without a degree in computer science or a related engineering field.
• Banking and finance provide the highest salaries in the industry, for both strategic management and tactical positions.
• Individuals were analyzed across all positions; quality professionals with little experience were at the top of the payment curve, while seasoned veterans were at the bottom.
• Individuals that pivoted from an IT occupation to a cybersecurity position earned more than their peers who started out in cybersecurity.
• With the exception of security analysts, all other positions included periodic bonuses with annual rates ranging from 1%-10%.
• There is a significant shortage of women in security positions, with the highest percentage in the 20-29 age group with 6% in overall positions.
• Within the five analyzed positions, the highest percentage of women were found in the security director/manager position at a rate of 10%.

“The No. 1 most surprising finding was that a cybersecurity professional’s portfolio of skills was of equal or more importance when it comes to earning higher wages,” Keshet said.

The data provides average, low and above average rates of pay as they relate to the IT security position they are assigned to, which will help security providers to better align their pay structures so that they are in a better competitive position to attract and retain talent, he said.

“Whether under the title of CISO, director of security or even CIO, one cannot protect their organization single-handedly,” said Eyal Gruner, Cynet’s…

As 2019 comes to a close, MSPs should already be ramping up their plans to grow their customer and product base in 2020. Cybersecurity will continue to present massive challenges for everyone’s client base, and even those MSPs that aren’t currently in the security market will find themselves inexorably drawn into working with security solutions. The continued focus on security as a top concern as we head into the New Year is not surprising, but certain dynamics will certainly influence shifts in the cybersecurity landscape.

To help MSPs better target their resources and position themselves for success, here are a few predictions about what the security landscape is going to look like in the near future.

1. Consolidation will drive security innovation.

Security has been an essential catalyst for the MSP marketplace: The dynamic threat environment has challenged MSPs to evolve their offerings and skillsets, and to move beyond basic toolsets (i.e., antivirus) by providing their customers with more comprehensive, security-centric solutions. At the same time, MSPs are driving vendors to expand their security offerings beyond antivirus.

Most of this expansion has come in the form of mergers and acquisitions, rather than organized R&D, and we expect that will continue in 2020.

2. The cybersecurity talent shortage will continue.

Not all MSPs have the capacity to meet the security needs and requirements of their customers. Using an outsourced security operation center (SOC) is one way an MSP can combat the talent shortage.

MSPs will also need to embrace cloud security (beyond email) and ensure that they’re protecting their customers’ desktop and application infrastructures. A SOC can help automate the monitoring and management of workloads in the cloud from a tactical standpoint, while the MSP’s staff focuses on more strategic initiatives. If you’re an MSP who doesn’t currently have a security partner, 2020 is the year to get one.

Furthermore, integrating your RMM tool and your security portfolio will enable you to stretch your resources further, through automation.

3. Automation and cybersecurity awareness training will be critical.

Traditional email security products have difficulty protecting against attacks such as targeted spear phishing that are becoming more prevalent and are also much harder to detect.

Consider these statistics from a recent email security report from Barracuda:

• 74 percent of respondents said that email attacks are having a significant impact on their businesses.
• 78 percent of organizations said that the cost of email breaches is increasing.
• 66 percent claimed that attacks had a direct monetary cost on their organization in the past year.
• Nearly a quarter of respondents advised that attacks have cost their organization $100,000 or more.
• 79 percent of IT professionals said they’re worried about attacks and breaches stemming from inside the organization.
• 92 percent of Office 365 users have security concerns.

In 2020, there will be a continued emphasis placed on

A recent study commissioned by the World Bank Group estimates there are between 365 million and 445 million small to midsize businesses (SMBs) in emerging markets around the world. These businesses increasingly seek managed service providers (MSPs) for outsourced IT services. According to the same study, in the next three years, SMBs expect up to 75% of their IT infrastructure to live in the cloud. This reliance on the cloud puts increased pressure on the network infrastructure needed to run the business.

For years, networking technologies have been a constant for IT service providers, resellers, value-added resellers (VARs) and MSPs. However, networking has typically been deployed and repaired on a project-basis. The idea of proactively managing networks as a service has not been commonplace until recently. In this article, we outline key components of successfully delivering networking as a service.

Sell Based on Value: To be successful in selling networking as a service, it is essential to pitch the value of networking rather than the device itself. Imagine yourself as the client. Why is having a reliable network important to you? How would it impact your day to day if your networking service did not work? If you can answer those questions in detail, you can begin to help your clients understand how much they rely on connectivity to run their businesses successfully and the value you bring. Your team can keep them online and deliver and manage a network infrastructure that keeps them running. So, sell that expertise, and don’t be afraid to charge for it.

Choose a Go-To Marketing Strategy: The strategy you choose to sell networking as a service will be based on several factors, including how you deliver other managed services, your market, and financial concerns such as cash flow, margin targets, etc. The classic managed services strategy is to sell networking hardware along with an ongoing monthly service fee for that hardware.

Hardware as a Service, or HaaS, is another option worth considering. In this model, the customer pays a single monthly fee for service and hardware. It’s a one price, all-inclusive networking service. The HaaS model with the automatic hardware refresh saves you the effort and hassle of going through another sales process with your client. This removes the challenge of a new negotiation and, potentially, the introduction of a competitive MSP into the conversation.

Whether you opt to sell hardware or offer HaaS, networking technology that enables you to deliver effective services should be a top priority.

Hone in on Your Pricing: MSPs use a variety of pricing strategies today, and yours will ultimately be dictated by your business’ specific needs and market demands in your region. Per-user or per-device pricing is the most common, while others opt for a fixed-price model or a hybrid of the two. When setting your price, start with your costs. From there, you can add your margin. When determining markup, it is important to look at costs associated with particular clients. So, think of per-user/device as a starting point, and adjust the pricing accordingly. Remember, you are selling your expertise and value. That’s why your clients hire you. Charge accordingly.

We live in an increasingly connected world. Businesses of all shapes and sizes are dependent on the network and are looking to managed service providers to deliver fast, reliable connectivity. To learn more about this opportunity and gain insights from your peers in the MSP channel, download Datto’s eBook “Selling Networking as a Managed Service.”

John Tippett is VP of Product, Networking, Datto.

This guest blog is part of a Channel Futures sponsorship.

It was an intriguing and entertaining year for open-source software in 2019, with news headlines that were all over the map.

In the biggest news, IBM completed its acquisition of open source market leader Red Hat, bringing the two powerhouses together on a new shared path of making their now-connected futures successfully work out for both.

But there was plenty more happening as well, from SUSE dropping OpenStack to Microsoft continuing to deepen its role and relationships in open source with Azure. Then late in the year Microsoft announced that it had released a technical preview of the Linux version of its Teams chat and communications software — after the company said last year that it had no plans to do so. Click through the slideshow above for a glance at these headlines and more in the fascinating world of open source. Where will 2020 take us?

Talk of hybrid cloud and multicloud ran rampant in 2019, and for good reason. Each configuration offers organizations important options for their computing needs — and as public-cloud-only setups proved insufficient mostly because of cost and security, more enterprises adopted hybrid cloud (on-premises/public and private cloud pairings) to give themselves more flexibility and assurances.

Organizations also understood the importance of teaming with more than one public cloud vendor to ensure redundancy, compliance and other important requirements. Thus, talk of “multicloud” took off in 2019, too.

The slideshow above reviews some of the biggest hybrid cloud and multicloud developments of the year and provides guidance to channel partners.

As the internet of things (IoT)  permeates homes, cities and office buildings as well as industries like retail and health care, It’s clear that connected devices are changing how people interact with virtually everything around them.

Kaleido Insights’ Jessica Groopman

Technologies such as 5G – the next generation of cellular connectivity – and edge computing – an architecture bringing compute closer to the users and devices that need it – have enhanced the capabilities of IoT devices. They have made it possible for wearables devices to convey health data in milliseconds, a fingerprint scan to admit you to a building or a voice command to schedule a meeting. 5G and edge computing technologies have furthered the potential of IoT devices, boosting data transport speed and reducing data latency.

As a result, IoT market growth is predicted to continue to grow apace in 2020 and beyond. International Data Corporation (IDC) estimates that there will be 41.6 billion connected IoT devices, or “things,” generating 79.4 zettabytes of data in 2025.

Despite this growth, and the clear opportunities of IoT in various sectors, successful adoption of IoT technologies faces challenges. In 2017, Microsoft data indicated that 30% of companies’ IoT projects failed at the proof-of-concept phase, and only 26% of projects were deemed successful. That may be because roughly one-half of respondents to a Capgemini study had not identified a clear business case for IoT, and three in five said they struggle to realize value from their initiatives because they lack the analytics capabilities.

Smart Connections Consulting’s Bill Pugh

As partners consider the growth opportunity in selling IoT services, it’s important to consider how these still-nascent technologies can best succeed. According to recent McKinsey data, many companies report a 10-15% cost savings from IoT projects. While substantial, there is still a distance to go to get ROI from these projects.

We spoke with Jessica Groopman, industry analyst and founding partner at Kaleido Insights, and Bill Pugh, co-founder, managing partner, Smart Connections Consulting, about the top IoT trends for 2020.

Click through the slideshow above to learn more about the top IoT trends in 2020 that you should be watching.