Chris Loehr — executive vice president of Solis Security, an incident response firm — has personally dealt with many of these MSP breaches. Speaking of GandCrab, Loehr says, "They certainly hit some MSPs in 2018, but the ransoms were relatively small: $10,000 to $25,000. In 2019, MSPs became more of a target, with increasing ransom demands and the threat actors leveraging MSP tools with greater efficiency to affect clients. GandCrab never required the MSP to pay up. It wasn't until GandCrab evolved into Sodinokibi in mid-2019 threat actors began to say: 'We ONLY want the MSP to pay. You can pay for ALL the customers or you get NOTHING at all.'"
Miles Technologies is an IT and software firm founded in 1997 and headquartered in Moorestown, N.J. With an additional office in Philadelphia, they operate with a team of over 300 employees to provide various services, including custom software development, mobile app development, and cloud consulting and SI. Their clientele consists of small, midmarket, and enterprise companies within the business, financial, or health care industries.
The Bengaluru, India company has a presence across six continents. It offers consulting and business process engineering services along with IT integration and management expertise across most major industries. Wipro’s primary focus is analytics and AI, application management, cloud and infrastructure services, digital operations and platforms and product engineering. Wipro was listed as a “Leader” on Gartner’s Magic Quadrant for Public Cloud Infrastructure Professional and Managed Service Providers 2019.
The firm has established alliance partnerships with Adobe, AWS, Google Cloud Platform, Microsoft, GE Digital, HPE, Oracle, Salesforce, SAP and others. A key specialty is the company’s cybersecurity and privacy practice, which guides businesses through business transformation while building connected ecosystems that deliver a high level of data protection.
HCL Technologies is based in Noida, Uttar Pradesh, India. HCL’s focus on agile and lean intersects heavily with technologies involving digitalization, analytics, cloud, IoT and automation. HCL has adopted a methodology called Mode 1-2-3. It aims to guide businesses through a process of optimizing core services, adopting next generation services, and adopting products and platforms that unleash innovation and disruption.
OSIbeyond was hired by a private social club to provide various IT services that include troubleshooting, preventive maintenance, IT security, relevant training, and others. Within six months, the private social club's security system has been significantly improved, enabling the club to operate remotely. The club hasn't had any data problems, breaches, or any IT security issues since the beginning of the engagement.
What did that say about cybercriminal understanding of the average MSP? That MSP is just like every other small business organization out there — a small victim with little capacity to pay out for ransomware recovery. This mantra began to change late last year as MSPs began to be leveraged as the initial infection vector of their larger clients. The Texas ransomware attacks were the first highly publicized examples that served as the catalyst, but certainly weren't the last.
However, managed IT services do not necessarily make the enterprise IT professional obsolete; for the end user, an IT professional can act as an endpoint liaison that manages the relationship, provides feedback and analyzes the reports provided by the MSP. Because the majority of routine work is being completed by the MSP, the IT professional is capable of greater efficiency and has the flexibility to tackle larger, more complex projects they would otherwise not have the time or capacity to take on.
From the above, it is clear that a managed service provider does not just help with technology adoption. They also help to monitor the ongoing spending and lessen the danger of introducing new technologies. While the market is already witnessing an increase in capital spending on the cloud and businesses managing IT services, it is evolving by itself.
Indeed! Cybersecurity is not a commodity among service providers. One is not necessarily like unto another. Some MSPs have robust and mature cybersecurity controls while others are lackluster. It is imperitive that the client ask questions to their MSP to better understand their capabilities. Because, as you said -- they inherit the security of their service providers.
Indusa is an IT services company headquartered in Oakbrook Terrace, Ill.; they also have offices in Ahmedabad, India, and Pune, India. Founded in 1989, they have about 330 employees that do custom software development, ERP consulting & SI, CRM consulting, enterprise app modernization, and IT managed services. Indusa serves midmarket clients in a variety of industries.
LTI is headquartered in Mumbai, India. A core philosophy for LTI is “Operate, To Transform.” It focuses on an organization becoming an “automation native” rather than addressing automation issues ad hoc. Operate, To Transform is a business and IT framework that allows organizations to pivot quickly and maintain a continuous business transformation function. This approach incorporates a 4D model that extends across four dimensions: operations, landscape, business process KPIs & end user personas.
Choosing the right IT services firm is paramount. Finding the right fit means understanding what a particular company offers, how your firm’s processes fit with the vendor’s model, and ensuring that adequate quality assurance and service level agreements (SLAs) are in order. Quality and performance metrics are crucial for holding a provider accountable and ensuring you’re your organization receives the agreed upon attention and level of service.
Serving mainly SMBs in a variety of industries across California, Arizona, and Colorado, Fusion Technology Solutions assist in attaining cost-effective and holistic managed services. Founded in 2001, the company provides a best practice approach that results in desired outcomes for its broad client base of companies of all sizes. The company combines business and technology to help clients make smart investments in technology—fully integrated into their organization