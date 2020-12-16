This is my absolute worst-case scenario, someone finding a way to our RMM or deployment tools and accessing client sites. For most MSP's it would be an extinction-level event. We take every step we can to ensure we are safe, but we are at the behest of the companies who supply us our software, some of whom don't seem to give a rats backside if they aren't taking due care. The problem is, they are all pretty much as bad as each other, and as time goes on, and each RMM becomes more complex, has more features, and specifically more integrated with other products, the number of surfaces to keep track of protecting becomes nigh impossible. Insurance is crushingly expensive, and day by day more exclusions are added that means there is a never-ending list of ways for them to wriggle out of paying. One thing that we found out recently, hidden in the very very very very very fine print using obfuscated language, that if you have to pay a ransom, you need to pay it yourself, the insurance company won't pay directly. In the event of a decent breach, ransom could be >1M, and I'd be surprised if too many MSP's in NZ could come up with that in cash.

Some of the big security specialists are advising MSP's daily to spend at least as much time preparing for *when* you are breached, as preventing the breach in the first place.