Continuum To Introduce Security Offering For MSPs After Suffering Own Incident
Continuum plans to roll out security products, remediation tools and training for MSPs just months after experiencing its own security issue.
Security concerns for small and midsize companies have, over the past two years, gone from a mere nuisance to a major threat to business operations, according to Michael George, CEO of the Boston-based IT platform management company.
"Security is going to be the sharp edge of the selling sword for all of us," George told the more than 700 attendees of Navigate 2016 by Continuum Wednesday. "It is the greatest opportunity for MSPs going forward."
Continuum suffered its own security incident two months ago after hackers exploited the shadow of a legacy IP scanning tool left on the sever of an end-user client, George said, deploying malware and creating a few bogus admin accounts. Although Continuum's RMM agent and network appear uncompromised, George said the incident prompted Continuum to further bolster its security over the past two months.
"While unpleasant, we believe that great things will happen from it," George said. "What doesn't kill you makes you stronger."
Continuum has long been a player in the world of endpoint protection and backup and disaster recovery solutions, which are the cornerstones of any successful security strategy, said Brian Herr, Continuum's vice president of products.
"But these aren't enough in today's world of increasing threats," Herr said at Navigate 2016 Wednesday. "We will make security a more central part of our offering in the months and the years to come."
Continuum has been working on developing a security solution for more than a year now, George said, and is confident the eventual offering will be easy to deploy and easy to manage. The company will begin treating security as a priority on the level of monitoring, management and backup, Herr said.
George is confident that Continuum's upcoming security offering will utilize true security technology and be much more than just an extension of its remote monitoring and management (RMM) product. Continuum's new security products will help MSPs define, monitor and manage the multilayer defense needed by clients in a world of increasing threats, Herr said.
Continuum will also build a security operations center (SOC) so that it can quickly remediate client issues, George said. The support will be akin to the role Continuum's network operations center (NOC) plays in enabling the company's RMM and backup and disaster recovery offerings, according to George and Herr.
In the short run, Continuum is looking to introduce additional alerts and scripting to support MSPs' efforts to harden their end users' environments, Herr said. And George said Continuum will develop training and policies to address issues that stem from human behavior in secure environments.
"You need to teach and train your customers on how to avoid security threats," George said. "The greatest threat to security is posed by our lack of preparedness."
Continuum also plans to further develop and practice a response plan that includes intervention, remediation and enhanced communication, George said.
When the incident occurred two months ago, George said Continuum proactively activated its NOC, mobilizing hundreds of people to respond to new alerts and shut down any potential avenues of threat or attack. Continuum's engineers also worked around the clock disabling suspicious accounts, writing new software to flag suspicious activity and building tools to help the NOC respond to threats, he said.
Continuum immediately engaged top forensics teams, legal teams and the FBI once it became aware of the incident, George said, and deployed both an internal team and external forensic researchers to ascertain whether or not the company's RMM agent and network had been compromised.
"We were all victims in this particular case, George said. "We certainly never want to live through that again."
With 95 percent of Reliant Technology Solutions Group's (RTSG) clients having experienced Cryptolocker and many having suffered malware, the Edmonton, Alberta-based Continuum partner would love to provide its end users with an enhanced sense of protection, according to company president Dan Anderson.
RTSG already conducts monthly security reviews with its clients, and Continuum could add value by monitoring changes in accounts, classifying or diagnosing potential issues and remediating threats using automation, Anderson said.
Meanwhile, Continuum partner Computerama would love to have the assistance of Continuum's engineers in securing its SonicWall ecosystem, according to Bob Farkas, president of the Freeport, N.Y.-based company.
"I've been asking Continuum for a security offering for a year now," Farkas said.