Preventing Another SolarWinds, Kaseya

Channel Futures: What have you done and what are you doing to ensure N-able isn’t the next SolarWinds or Kaseya?

N-able’s Dave McKinnon: It’s building programs. When I look at security, for me it’s very important to realize security isn’t just [the security team]. Security is something that’s everybody’s responsibility across the organization, so having a comprehensive program that includes all of our employees [is important]. We do training for everybody. We make sure that from a software development perspective we’re investing in helping our engineers understand how to code securely.

You have to ensure that you’re building a program. There’s no magic switch that we can flip and say, “Hey, we’re secure.” We’ve invested tremendously in building our teams and investing in products to help us answer those things. And then having the proactive nature of doing things like penetration testing and doing bug bounty. We have an internal team that does penetration testing so that when something goes out — vulnerabilities are inherently going to go out in all code — we identified it as fast as possible. We have a process to address it and reduce the risk of the impact to our customers. That’s the only way that you can do it. Everybody’s going to have an incident, but we need to reduce the the blast radius of that incident as much as possible with having that program to support it.