Webroot Exec: Partners Should Get Back To Security Basics And Double Down on Backup, Patch Management

Printer-friendly version Email this CRN article

A Webroot vice president urged solution providers to avoid the hype around far-fetched threats and instead focus on defending against vulnerabilities that can be monetized and automated.   

The Broomfield, Colo.-based company said channel partners could get distracted by news reports around Jeep hacks and data exfiltration and lose sight of the more mundane day-to-day threats their customers typically face, according to David Dufour, vice president of engineering and cybersecurity.

"There's all this sensational news, but your goal is to protect your customers at the least cost to you," Dufour said during Autotask Community Live 2017. "Try to get past the sensationalism, and understand what it is you really need to worry about."  

[RELATED: Autotask Execs Aim To Help MSPs Prosper With A Platform That Adds Value, Context To Business Data]

Even providing network security solutions comes at a cost, Dufour said, since solution providers often need to open a Security Operations Center (SOC), manage software, and deploy modeling solutions that handle threat detection to address the entire landscape. Moving from the MSP to managed security space isn't easy, Dufour said, and partners should have a handle on the resources they'll need to hire and the impact to their bottom line before making the leap.

"It's a lot more complicated than you might think," Dufour said. "Make sure you understand what you're getting into, and maybe explore a little bit what your customers are willing to pay."  

The first thing all solution providers should do is ensure they're backing up all customer data in a manner that can be quickly restored, Dufour told 1,000 attendees Tuesday at The Diplomat Beach Resort in Hollywood, Fla.

"If you have a backup, don't pay the ransom, wipe the system, restore the backup, and you're done," Dufour said. "Who cares if you got inflected by ransomware because it's simple?"

Channel partners should also have a sound endpoint solution in place to safeguard the end user's machines against phishing websites, bad websites, and erroneously-inserted USB drives, according to Dufour.   

"If you can do this, the bulk of your customers are going to be protected," Dufour said.

Ransomware is one of the most pervasive threats faced by channel partners, Dufour said, and is expected to inflict $5 billion of damage on the economy in 2017. It is wonderful for nefarious actors, Dufour said, since it allows them to untraceably gain access to the client's system.

Printer-friendly version Email this CRN article