Include:
Tech
Cybersecurity
Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.

Location

333 West San Carlos Street
San Jose, California 95110
United States

WWW: acer.com

ChannelPro Network Awards

hello 2
hello 3

News

August 24, 2020 | Brian Weiss

What Doesn’t Kill You Makes You Stronger

After a breach that exposed clients to ransomware, ITECH Solutions transformed to a security-first posture with a focus on higher-value, mutually beneficial customer relationships.

ITECH SOLUTIONS took the challenge of a security breach that impacted half our clients and turned it into an opportunity. It was painful, but through that pain we refocused our business on quality of customer vs. quantity, redoubled our security focus, reduced our risk, and reemerged with some new lines of business.

The breach happened in 2018, a year we expected to hit $1.8 million in revenue after a period of rapid growth and customer acquisition. We were in the process of migrating from an RMM tool that didn’t support multifactor authentication to one that did, but got attacked on a Friday night before we completed it.

On Monday morning, customer calls started coming in; one by one, they had gotten hit with a variant of WannaCry ransomware. At that point, we were completely oblivious to the idea that we were the source of the breach, because two years ago you didn’t hear much about MSPs being an attack vector. Then we noticed a commonality: All the clients getting hit were still on our old RMM. We checked the SQL logs and discovered one of our employees had been phished. The hacker had used that account all weekend to log in and out of the client accounts. Once we realized the old RMM was the vector of attack, we immediately cut off access to it.

We created an incident response plan on the fly, restored from backup everyone we could, and procured Bitcoin for the two clients we couldn’t restore after negotiating with the hacker. The remediation took about two weeks, and we incurred some hard cash losses. Fortunately, because of the deep customer relationships we have, we only lost three clients, two of which we had already been in the process of parting ways with.

My knee-jerk reaction was to become an MSSP so this didn’t happen again, but the expense and level of expertise required didn’t make sense for our business. So after some peer networking and vendor research, we built a security-first MSP stack that minimizes shared risk. Most important, we recognized that we needed a single source of truth to understand which users, which devices, and which networks we’d be responsible for protecting. We embraced the Microsoft stack to help us do so, and now require all clients to be on Azure Active Directory and Intune. We also require everyone to have a unified threat management firewall in place, and to have cyber insurance to cover losses we’re not responsible for. We did not take on any new clients for two years as we worked to get our existing ones up to par with this enhanced security stack.

We learned two key lessons from this experience. First, communication and transparency with clients are key. They need to know they can trust you, so don’t hide anything and keep them updated on the remediation. It will help you retain them.

Second, get your insurance company involved immediately and let them guide the process. We didn’t have the benefit of that in 2018, but the industry has changed and they now have experts to help with a breach.

In fact, we leveraged our experience to develop a new line of business working with insurance companies to help their clients that have been hacked.

Silver Lining

Another new line of business arising from the aftermath is co-managed IT. We already had one fairly large co-managed IT client and liked that collaborative relationship of working with and supporting an existing IT department, so decided to grow that offering. These types of clients understand the value of security, and it’s a great way to scale our business as we can take on a lot more endpoints and users under management without having to staff up.

Finally, ITECH Solutions shifted its growth paradigm. Instead of the model we were following to constantly acquire new customers to grow, we actually pruned our client list to those that value both security and our services. In doing so, we minimized risk and boosted our monthly recurring revenue.

While WannaCry made me wanna cry when it happened, we came out of it stronger.

Photography/Brian Weiss by Carlos Alvarado Photography

Photography/ITECH Solutions team by Tayler Enerle Photography


Editor’s Choice

Midwest MSPs Treated to Personal Stories, Compelling Demos, and More at ChannelPro LIVE: Columbus Show

June 7, 2024 |

Ohio technology professionals joined ChannelPro to share business best practices at the area’s first-of-its-kind event.

Asigra Makes a Splash with New SaaS App Data Backup Platform

June 3, 2024 |

Asigra’s new SaaSAssure platform offers MSPs comprehensive, secure, and easy-to-use backup solutions for SaaS apps, addressing a critical market need and providing an unparalleled opportunity for revenue.

Peer to Peer: John Kampas on Why EMPIST Thrives — Plus, 1 Mistake Too Many MSPs Make

May 31, 2024 | John Kampas

How prioritizing customer protection and technological empowerment helped EMPIST evolve into a “managed technology provider” with an international presence.

MSPs React to Comprehensive, Aggressively Priced Kaseya 365

May 1, 2024 |

Hear from MSP peers on the launch of the new Kaseya 365 program — designed to provide a crucial package of tech services at an affordable monthly price.


Related News

Growing the MSP

Explore ChannelPro

Events

Reach Our Audience