What is the clarion call to MSPs?

You are sitting ducks. You need these MSP tools because you can’t do anything without them. The other thing is it is not only vulnerabilities. It is MSPs’ bad practices as well. I have a friend of mine in the U.K. I’ve known this guy for 15 years. He said to me, ‘I have got all these tools. You’ll never get into my system.’ So I made a bet with him that I could get into his system. Within 24 hours I had a remote access tool on his computer. I had his RMM password.

The problem is you have this super tool—the RMM. So the RMM can be breached. But the people that manage the RMM can also be breached. That might give them access to the RMM. So you have this super tool. You are basically walking around with an AR-16 without the safety on.

What is the call to action then for MSPs?

There has got to be a check and balance. You can’t have an AR-16 without safety.

The call to action is don’t leave you’re applications uncontrolled. Run ThreatLocker. Run whitelisting. Run ringfencing. Control what these platforms can do. It doesn’t matter whether it is Kaseya or SolarWinds or Angry Birds, some of this stuff is going to eat your lunch one day and it is going to chew you up.