MSPs Race to Establish Zero-Trust: ‘We Are Headed for Disaster’
MSP SUMMIT — MSP leaders are still trying to define what zero-trust means to protect their customers from the next cyber threat.
Threats continue to abound IT, as do the proposed solutions for those threats. The list of zero-trust vendors grows by the day, as MSPs seek to manage fine-tune their security offerings. However, the definitions and understanding of zero-trust network access varies considerably, depending on whom you ask.
Datalink’s Colby Norwood
“As of right now no company we’ve seen has been able to say, ‘Hey, zero trust is this, and at the end this is what you’re going to get from it,'” said Colby Norwood, business development manager at Datalink Networks.
Partners and vendors discussed zero trust and its implications at the MSP Summit, co-located this week with the Channel Partners Conference & Expo, in Las Vegas on Monday. ThreatLocker CEO Danny Jenkins (pictured above) encouraged the MSP audience to think about zero-trust in terms of applications, not just users.
“The application has access to everything that we have access to. It doesn’t matter if you’re a local user or a domain administrator; it doesn’t matter. If you’re running Angry Birds or Microsoft Office, everything we run can see everything that we see,” Jenkins said.
Thus, zero-trust for Jenkins means ensuring that certain applications don’t connect with each other. For example, Office doesn’t speak with PowerShell and SolarWinds doesn’t touch any other websites. It doesn’t mean you distrust those applications, but the shift to zero-trust removes some of their privileges. Those policies can make a big difference.
“If we start by allowing what we need and blocking everything else, we’re in a far better situation.”
Cybersecurity Reigns
Cybercrime and zero-trust dominated the discussions during the MSP Summit.
“There are a lot of cybersecurity conversations going on in this room,” said Len DiCostanzo, CEO of MSP Toolkit. “I can feel it.”
MSP Toolkit’s Len DiCostanzo
High-profile attacks on SolarWinds and Kaseya are putting the pressure on MSPs to solidify their security posture and ensure that their vendors know what they’re doing. In some cases, it’s leading MSPs to move away from their remote monitoring and management (RMM) providers, for fear for supply chain attacks.
Rob Rae, who heads up business development for rival RMM provider Datto, scoffed at the idea that MSPs ought to jettison their RMMs.
He also rejected the idea that a vendor like Datto should be excited to see its competitors lose credibility. For Rae, if one RMM vendor loses credibility, it impacts the entire IT services industry.
Datto’s Rob Rae
“That’s like saying, ‘A bank got robbed; let’s not use banks any more,'” Rae said.
Moreover, he urged partners and vendors to accept a wake-up call.
“I’ll give you a sobering truth; we are headed for disaster,” Rae said. “All of us in the MSP space – with he inertia that we are all on, we are heading for disaster. And it is time that we all take this much more seriously than we are.”
Chris Wiser, founder and CEO of 7 Figure MSP, told partners that they need to …
- Page 1
- Page 2
