The shifting landscape of data protection
The IT space is full of risk, wins, and losses as any long-time professional can attest. MSPs deal with so many shifting scenarios each day, they have to stay on their “A-game” because the stakes are ever-increasing.
Knowledge sharing on social spaces like Reddit is one way the MSPs partner up and help each other out. They will often call something out that they just discovered, alerting the Channel, gathering feedback, and sometimes coming to a consensus. This allows fellow MSPs and security researchers to work together to find a solution, buy time for other MSPs to mitigate damages and risk, and most importantly help to stop the bad actors while keeping their customer’s businesses operating continuously and safely as possible.
WholesaleBackup has been working directly with MSPs for well over a decade, in fact, some of the best features of our MSP backup software are a result of listening and working with our MSP Partners over the years.
In this article, we’ll quickly summarize the Top 3 MSP Posts from the last 12 months (from Reddit), which could actually be dubbed the top 3 pain points for MSP over the last 12 months if we are trying to be exact.
“We are tracking over 30 MSPs across the US, AUS, EU, and LATAM where Kaseya VSA was used to encrypt well over 1,000 businesses and are working in collaboration with many of them. All of these VSA servers are on-premises and we have confirmed that cybercriminals have exploited an authentication bypass, an arbitrary file upload, and code injection vulnerabilities to gain access to these servers. This is not the first time hackers have made MSPs into supply chain targets”
Sadly, this is not the first time WholesaleBackup has heard of crypto locker/ransomware targeting Managed Service Providers RRM tooling. This story has many heroics of MSPs banding together from across borders to solve and fix this issue, with whoever had the bandwidth stepping up and making an impact. While we won’t cover everything, the story ends with the RMM vendor making an acquisition of a backup software company.
Perhaps the moral of the story is that the best defense against ransomware and crypto locker variants is still a solid offsite msp backup solution? The idea might seem very basic, but for best results, we always recommend a local and offsite copy of the backups to all of our Partners and assist in setting them up if needed. This practice alone dramatically increases your successful restore times with zero risk of it spreading to your offsite backup vaults.
“Q: The automatic reseed process appears to have started automatically. How long will that process take?
A: Anywhere from weeks to several months. We really don’t know.
Q: What is the status of backups that we have stored in StorageCraft’s cloud (which go back a year or more).
A: All backups in cloud storage are permanently lost. We had hoped to find a way to recover that data, but those efforts stopped when it became clear that recovery would not be possible.
Q: What efforts are being made to compensate MSPs for the failure here?
A: We won’t be billing for the time that the backups were not working.
Q: That’s it?
A: We are putting together a list of partners who are asking for additional compensation. I will put your name on that list.
So there you have it folks, they totally screwed the pooch here and besides a mea culpa they are ‘generously’ not charging for the time that cloud backups aren’t working. No immediate plans to compensate for the huge amount of data that we’ve been paying every month for them to store.”
It’s really hard to understand this one… It’s also really hard to imagine what led to this happening. Perhaps the public response from the MSP partners who are now in this poor position, and left with no recourse or valid compensation could have been different?
This begs the question, should your backup software vendor own the storage too?
This is a prime example of why WholesaleBackup does not try to be the middleman with your backup storage, we write the MSP backup software, and MSP will brand it as their own, then the MSP will also decide where the storage from backups will live.
That could be on your own server or datacenter, or perhaps you want more simplicity and will host it on AWS S3, GCP, or Wasabi cloud. The choice is up to the MSP, and best of all you only pay the raw usage costs, which means no mark-up, and no hidden software vendor storage fees.
There is a direct separation of concerns, it’s very loosely coupled, and you can even decide to make it hybrid, the software allows for several backend storage options, and any one of those options will work perfectly.
Currently, Wasabi storage is the most popular option at just $6/TB, which results in MSPs generating significantly higher margins on their backups by simply using that as the remote backup vault with WholesaleBackup’s MSP backup software. However, AWS S3 has always been the gold standard and WholesaleBackup uses that in-house for our needs. Others may go with GCP because they might already have existing Google partnerships. Lastly, some MSPs have their own servers and great bandwidth in-house and want complete control and responsibility over the data, or have specific contracts which might prevent using a third-party cloud system. In this case, they will self-host the MSP backups on their own server(s).
3. Automating with PowerShell: A much better partner portal [src]
“So this is the reason I’ve been blogging a little less lately, I’ve just built a new open source project for MSPs. … “The CyberDrain Improved Partner Portal is a portal to help manage administration for Microsoft Partners. The current Microsoft partner landscape makes it fairly hard to manage multi-tenant situations, with loads of manual work. Microsoft Lighthouse might resolve this in the future but the development of this is lagging far behind the development of the current market for Microsoft Partners.”
“This project is a way to help you with administration, user management, and deploying your own preferred standards. It’s not a replacement for security tools or a way to cut costs on specific subscriptions. The tool should assist you in removing the gripes with standard partner management and save you several hours per engineer per month.” [src]
MSPs comfortable with PowerShell will be happy to learn that the backup MSP software from WholesaleBackup can be completely run and operated by the command line, making it super easy to integrate scripts with RMMs, send remote commands, or navigate through a shell.
All of the backup software’s command line functionality is totally optional and available as a bonus, because WholesaleBackup has one of the best white labeled backup software GUI’s on the market. You can even brand it with your own business logo, terms, and vendor agreements.
In summary, reflecting on the top 3 MSP posts from the last year
We can conclude a few things:
- Ransomware and crypto lockers are not going away and offsite backup software continues to be the best defense against them.
- If your MSP backup software vendor also provides the backend storage aspect of your backup service you might want to consider reducing risk by decoupling and providing storage under your control.
- MSPs can not wait for enterprise solutions to catch up, so they will innovate and find a way to keep moving forward. Because the command line and PowerShell play large roles in day-to-day operations, software that allows dual-mode operation from the command line and a GUI will help MSP’s when rolling out new scripts that help with remote management and automation.
Reviewing these top 3 MSP posts makes clear that WholesaleBackup MSP backup software will continue to add massive value for our partners. We thrive in this space because we believe we share the same spirit our MSP’s do, to solve problems, help customers, and keep building our community of IT professionals. When you partner with WholesaleBackup you’re not getting an offshore vendor, but instead, a totally US-based vendor that always provides unlimited free support and training.
If you are interested in testing out the brandable MSP backup software from WholesaleBackup you can easily spin up a trial in five minutes, deploy it in seconds, and begin to manage and monitor the backups remotely from your own Backup Ops web console.