The MSP Opportunity and the Cybersecurity Problem: Q&A With ConnectWise

In the current distributed office environment, MSPs and dealers are struggling to manage the considerable headaches of a far-flung and hastily put together work-from-home universe. It’s an area companies in many fields are dealing with, so to explore the topic further, I got on the phone with some experts in helping companies navigate these strange circumstances – ConnectWise’s Vice President, Product Management for Security Brian Downey, Vice President, Cybersecurity Initiatives Jay Ryerse, and Senior Director of the Global Security Operations Center Drew Sanford, as well as Vice President, Channels, John Schweizer. They talked about the opportunities in the MSP/dealer space, the security concerns the dealers, the MSPs and their clients face, and how they’re helping the channel protect themselves and their customers.

Cybersecurity looks like a greenfield opportunity. How do you see your total market in North America? Where on the spectrum of opportunity do you see yourselves?

Brian Downey: We are in the very early stages, and there are two dynamics that are happening in parallel. One is the maturing of the security market overall. From enterprise to SMB, everybody across the board is worried about cybersecurity. Anyone who says they have the perfect solution today won’t have the perfect solution a year from now because everything is constantly changing. At the same time, the MSP and SMB market didn’t get an earnest start in the last two or three years. Sure, there were some early adopters, but for the most part, the market is relatively new. I see a huge opportunity with tons of space for growth remaining.

Drew Sanford: Cybercriminals are going to attack the SMB as much as the enterprise. But at least the enterprise has access to a certain class of tools and training to defend against threats. SMBs are fighting the same battle with significantly fewer resources. What we want to do is bring those technologies down to an affordable, manageable toolset that can bring the same level of protection to the SMB – one that has never existed there before. Thanks to technology like cloud, we can leverage economies of scale and provide smaller customers with solutions that reduce costs that come with having and managing their own infrastructure. The SMB market is enormous, so obviously the opportunity is, too.

Why do you think that the independent office technology dealers are so important to achieving your goal?

Jay Ryerse: A lot of office equipment dealers are pivoting their businesses to also solving IT problems. They are getting pulled into solving IT-centric issues because the customer’s IT staff has issues making the office equipment work with everything else. This motivated a lot of office equipment dealers to pivot toward the MSP market, or at the very least, launch their own MSP division. What’s so promising about the emergence of the office equipment dealer in the MSP space is that many of them have an excellent operational understanding of sales and marketing – they’ve been perfecting it for decades. When they turn their focus onto the MSP market, they’ve got a selling engine that some existing MSPs will struggle to compete with.

Do the bulk of your sales go to the SMB?

John Schweizer: The MSPs and dealers use our solutions to provide services to their customers, who are often SMBs. And the typical customers that our dealer/MSPs target are about 20 to 500 users – so right in that SMB sweet spot.

Can you tell me some of the things you want office equipment dealers to know about cybersecurity?

Ryerse: The ability to understand and identify risk is a vital component of strong security. MSP providers need to understand the risks created when customers send everyone home, as well as the risks they’ll create by bringing them back. And there is now even the risk created by rolling closures – moving people in and out of the office several times over a period of time, which seems like it’s going to be likely. I also encourage them to talk to their clients and make sure they understand short- and long-term problems. Moving forward, they need to prioritize security.

Sanford: The conversation always needs to start at assessing the risk to the business. You need to find problems and work backward, then apply the right tools for the right job. Sometimes the solution doesn’t cost a lot of money — sometimes it’s about sacrificing convenience. For example, 2FA (two-factor authentication) isn’t as convenient as entering a username/password, but it raises the size of your wall significantly.

What are some good resources that are available to dealers to help them learn more about cybersecurity?

Sanford: We have a 50-page COVID playbook that guides our partners through the current environment we find ourselves in, and what they should be looking at and thinking about going forward. We also have the MSP Plus cybersecurity framework. It’s a fantastic roadmap for those who aren’t quite sure about where to start and what to do. Between our playbooks and Certified IT courses, it’s something that can show them what a good, better, best approach to cybersecurity looks like and how to implement it. I’d also like to mention that all of this is free to everyone in the industry – you don’t have to be a partner.

What’s the most common weakness you see out there? What do you worry most about?

Downey: A big problem that I see – and one that worries me the most – is inaction. Security can be overwhelming to an MSP, but every MSP has the capability to provide security solutions. We’ve seen a lot of MSPs go from flatfooted to being a successful solutions provider. We’ve seen a lot of our partners do it. It’s very doable. Even so, a lot of MSPs aren’t taking that step into security. And because of that, they develop those blind spots – those things you don’t know, which can be disastrous. I am also concerned about the idea of, “what the MSP doesn’t know about will hurt the most.” In other words, where they lack visibility removes their ability to respond to it. That means staying educated and knowing what “good” looks like. The earlier you can detect an adversary, the better off you are. So it doesn’t mean deploying dark web monitoring or watching and tracking network traffic, or using one tool on its own to monitor compromises in Office 365. It’s not just one tool or policy or door lock – it’s bringing them all together into a robust security program that makes sense.

Sanford: The two biggest problems I see are business email getting compromised and ransomware attacks. Services like Office 365 are a popular attack vector. And in most cases, these attacks start with someone’s account being taken over. Hackers assume the digital identity of the owner’s account and send malware (or a link to a website with malware) to other users. And since the email comes from a trusted source, someone is bound to click a link or download the attachment. We can keep an eye on all the partner’s activity and see if someone has accessed your system and prevent more from doing it. One way we do that is by monitoring the physical location associated with the IP address of each user. If someone logs in from the Philippines at noon, then from London five minutes later, and then from Seattle at 12:30, then something is fishy. It’s impossible for anyone to be in all three locations within a half-hour. So that would enable us to take action sooner rather than later and prevent an attacker from doing some real damage.

What’s the right ratio of education versus tools?

Ryerse: They’re equally important – it’s 50/50. When businesses sent everyone home, they made a quick pivot toward tools to help them solve the problem at hand, because technology does help solve this problem. But now that the dust has settled, we’re seeing a major uptick in education. We rolled out our certified classes earlier this year, teaching our partners about cybersecurity, and coaching partners to teach their customers about cybersecurity.

What do you think about cybersecurity insurance?

Downey: Everyone should have cybersecurity insurance. But you need to understand that it isn’t your only safety net. You need to get into the details of what the policy covers. What is the policy looking at? They can replace lost dollars, but they cannot replace the trust of your customers. We’re seeing more and more that the insurance providers are requiring a certain level of maintained security and checking and testing. Having the right security pieces in place will be required more and more often to obtain that insurance moving forward.

The outlook

There is a lot of opportunity in the MSP space, and cybersecurity is a crucial component of succeeding there. But given the complex, ever-changing nature of cybersecurity, simply applying a tool here or a policy there isn’t going to cut it. The constantly shifting threatscape is difficult to manage and requires a lot of attention that some dealers might not be able to provide. Luckily, there is a bounty of tools, resources, and services out there to help dealers keep their customers’ data safe.

Patricia Ames is president and senior analyst for BPO Media, which publishes The Imaging Channel and Workflow magazines. As a market analyst and industry consultant, Ames has worked for prominent consulting firms including KPMG and has more than 15 years experience in the imaging industry covering technology and business sectors. Ames has lived and worked in the United States, Southeast Asia and Europe and enjoys being a part of a global industry and community.