Lessons from XChange University: Even the best security guard needs backup

Posted by Michelle Burke on Mar 9, 2017 9:13:03 PM

security guard.jpgIn the security space, you’re always on guard, working hard to prevent the next big disaster. Aside from mitigating risk internally — whether that means deciding which vendor will be best to partner with next or which BDR solution could make or break your business — you now need to carefully consider risk from an external perspective.

This past Sunday morning at The Channel Company’s XChange University event, keynote speaker Robert Westervelt of IDC's Data Security practice shared some interesting stats with the audience of MSPs. For example, a recent IDC study revealed that 99 percent of hackers hit already-known vulnerabilities in platforms like Adobe, Microsoft, and Internet browsers.

“Vulnerability growth is a problem for companies without patch management or awareness,” Westervelt said.

While the industry launches full speed ahead into ensuring that proper security solutions are in place, it’s important to remember BDR solutions that may seem “old school” are still imperative to pair with your security solutions to provide full protection for your customers.

Stop talking about solutions and start educating

Preparing for disasters that cannot be restored via simple file-and-folder backup solutions requires internal planning. To start, Westervelt suggests we stop talking about security solutions and ransomware attacks and instead focus on educating both customers and employees on the importance of why and how to reduce risk when it comes to network security.

No one hopes for the worst, but it’s crucial to always be prepared for it. We all do this regularly when we backup data as a caution for a worst-case-scenario. The probability of falling victim to a ransomware attack is on the rise, and it’s nearly impossible to avoid a disaster forever. As an industry, we’ve recognized that and adapted.


Westervelt shared an alarming fact that woke up the entire audience early Sunday morning: Hackers can lay dormant in a system learning processes for weeks, waiting for the perfect moment to strike. This means a customer's backups could be infected, too, if they don't the proper security in place.

Security technologies, like Advanced Threat Protection (ATP) and sandbox emulation, assist in risk management by never taking a document at face value. Multi-layer scans of anything a user receives online help mitigate the risk of malware infecting a network. 

Take the next step: Create a plan

Security alone won’t save a network without a strong BDR solution in place, so you need to have a plan:

  1. Face reality: It’s not a question of if, but when, will you need to act in a crisis
    If MSPs/MSSPs could take away one lesson from this year’s XChange University, it should be that a crisis management plan is critical to ongoing success and growth. Is your team ready to lead when a natural disaster strikes? What about a PR nightmare? Have a plan in place and educate your team for the almost-inevitable ‘what-if’ scenario.
    New Call-to-action
  2. Provide continuing education for employees and customers
    Michael Knight, Xchange University keynote speaker and president and CTO of Encore Tech Group, emphasized the importance of continuing education for both internal employees, as well as customers. He said overemphasizing small points such as Identity Access Management (IAM) best practices like revoking employee access to a network after they leave the company, can work wonders for security. No education point is too small, and continuous reminders and ongoing education will ensure everyone’s on board.
  3. Share your knowledge to drive business growth
    We all take risks on a daily basis. MSSPs can take a leap of faith by adding professional services to their service offerings. Partner with those in the industry that you can leverage to help satisfy your SMBs from all angles. Westervelt explained: “We can no longer just manage networking gear and provide a daily report summary to help SMBs meet compliance. We need to focus on growth, and professional services are a great addition to show SMBs where the real risks are and how to prepare for them.”

So, MSPs, don’t forget about your OG backup solutions. Instead, leverage their strengths while you grow your knowledge in the security space. Stay ahead of the trends to help your SMB customers remain secure, but also to establish yourself as a leader in the industry. Sharing your expertise with your customers will build trust, leading to long-lasting relationships and, ultimately, business growth.

Need help with business growth and industry education? Let’s chat!

smb cyber security

Photo: Jacob Davies via Flickr.com. Used under CC 2.0 License.

Topics: Cyber Security

Which Data Loss Gremlin Is Targeting You
MSP Health Check
MSP Phishing Quiz
Intronis Local Lunches
MSP Marketing Assessment