Best posts made by GlennBarley

As the new year approaches, we pulled together a list of some eye-popping cybersecurity stats from 2015.

After you take a look at our SlideShare, let us know if we missed any!

Check out the SlideShare!

Original blog here

Just about everyone involved in sales is familiar with the “funnel” in some form or another – but when looking at MSPs and IT service providers, what exactly are potential SMB customers thinking about at each stage of their journey towards becoming a customer? And what can we do as marketers to ensure prospects are receiving the right content and messaging at the right time?

In this episode of Grow Your Business, we take a quick look at the three main stages of the MSP sales funnel and explore the various types of marketing collateral and messaging that should be leveraged with each.

Watch the video!

A full transcript of the episode is available below:

Episode Transcript:

Coming up on Grow Your Business, a look at the sales funnel for MSPs and IT service providers and how it correlates to your day to day marketing strategy.

Welcome to another edition of Grow Your Business, the show designed to provide MSPs and IT service providers with actionable marketing and sales insights you can use in your day to day business. Today we're going to take a look at the sales funnel. If you're involved in the sales process in any way at your practice, you may have seen these stages before, or you at a high level at least understand that prospects are moving through various stages and touchpoints on their way to becoming partners of yours. Today we're going to take a little bit more of a close look at each one of the three big stages in this funnel and really get a sense of where marketing can align with the sales process and what type of collateral and resources do you want to be using at each of these various stages.

Right up at the top of the funnel is our first touchpoint. At this point you have a business owner who's maybe identifying some sort of problem or challenge that they're having in their day to day lives. Maybe they want to make better use out of the technology they already have. Maybe they feel like they're spending too much money on an existing managed services provider, even a break fix provider who's taken a couple of days to come in and fix something when a machine goes offline or something like that. At some point or another there's going to be an issue identified. Someone's going to raise their hand and say, "Hey, you know, I could be doing better at this, we could be operating more efficiently or more effectively here, or we could be saving some cash flow here." There's going to be some issue identified.

The way that you're going to know that there's going to be an issue identified is really by looking at visits to your website and leads that are converting by filling out forms, by downloading an eBook, a white paper, subscribing to your blog, any of those content mediums that you have pushing out via the website. The type of materials and resources you want to be sharing at this point are high level and educational. From an MSP standpoint it could be the importance of patch management or how scripting can help save time or even the value of managed IT services for those customers that are still leveraging a break fix provider. It's not diving too deeply into your particular service offerings or your pricing or your business model. It's basically identifying and addressing a need and trying to help folks get a sense of hey, there may be a better solution out there.

After that they're going to be moving into this middle of the funnel or this second stage in the process. This is really where they're saying, "Okay, I've identified that there's some issue, something I can be doing a little bit better here. What are my options to actually improve that? How can I get out there and learn a little bit more? What providers, what services, and what support's available to help me do a little bit better?"

At this point you want to start pushing your products and services. You want to get a sense of, "Hey, these are the solutions that I actually have available. This is some of my pricing," if folks are interested enough at that point. "These are how we can help you solve the problem that you've identified and raised with us." Sales collateral, product data sheets, information that says, "This is actually how we do business, this is how our customers like to engage with us and how they work with us."

Once you provide a little bit of that information, they'll be interested and ready to really make a decision and get to that final step or the bottom of the funnel. At this point they've already identified a need. They want to get out there and partner with someone or find a solution to that problem. This last part is really about identifying why you're the right tool for the job or the right provider for the job, why your solutions are the best fit ones to solve this prospect's particular problems or pain points.

Here they're going to make a decision. They're ready to take action. They're ready to close the deal. They're ready to come on as a partner. At this point it's about looking at case studies, testimonials, social proof, things that are going to say, "Hey, we are as capable as we say we are in some of these pieces we are showing you earlier. We have customers that are happy and engaged. This is what they have to say about working with us." Things that are really going to help get folks across the finish line and basically sign that deal with you and come on board or at least get into an eval or a trial, raise their hand and say, "Hey, you seem like the right fit for me here, let's learn more, let's get started."

That was a very high level look at some of these three main basic stages of a funnel. What's unique and important for MSPs to remember and for service providers to remember is that in a lot of traditional lines of business, this is really the end of the line and this is where the transaction ends, but MSPs are really in the customer service business, the relationship business. There's often no shortage of opportunities to upsell, cross sell, have various touchpoints throughout the year, business reviews, compiling technology road maps and things like that. It's important to remember that even when you've reached this point with a particular customer, the process really comes right back up to the top and you can reset that clock and have an opportunity to constantly be in touch with folks and continue to upsell.

What's unique here and what's valuable here is that when you circle back up to the top of the funnel, you already know these folks. They're already doing business with you. You already have an understanding of what their business is like and who they are and what they need. It's a great way to continue this process and to continue building more revenue out of each of these customers.

That's a pretty quick look at the funnel here. Thanks again for watching. Be sure to check out our other episodes. We'll see you next time on Grow Your Business.

@scottalanmiller Thanks. I suppose we could embed the images, just seems a lot easier to post the link... But I understand that people may see it as "click bait," which we don't want to be perceived as posting. Will use this thread as a learning exprience and improve posting practices going forward. I looked as some of the other posts in "self promotion" and see how including the entire post in the thread can be done. Thanks!

Article Originally Publish on: Continuum's MSP Blog

People use tools to make their jobs easier. A carpenter might use a SKILSAW to more easily complete a project, a director may take advantage of an Arri 35mm camera to shoot a movie and you might seek out remote monitoring and management (RMM) software to more easily monitor your clients' endpoints. When these tools work properly, you are able to complete projects much more effectively than you would be able to without them. But what happens when things go wrong?If the SKILSAW stops working, the carpenter needs to spend time and money repairing it. This is probably fine if it happens once or twice, but what if it's happening consistently throughout the course of the year? And what if the saw takes two weeks to repair every time it breaks? Soon, the gap between the time and money spent fixing the saw and the revenue earned building houses starts to grow smaller. In other words, the carpenter's margins are shrinking. The same ideology can be applied when MSPs use software-only solutions.

What's the Issue?

Okay, so software-only RMM software might not completely stop working the way that a power tool might, but it certainly could require a lengthy setup process, hands-on management, frequent updates, or even a full-time employee to make sure that things are always running smoothly. Over time, those costs start to add up. Like, way up.

Often times, MSP business owners look at the cost per agent when it comes time to select an RMM solution. Sure, this is important, but it certainly shouldn't be the only consideration. What are you getting for that cost? What is built in to the software that you're paying for? It's more important to think about the long term costs of the tools that you select. In the end, what will cost more? A few more bucks per agent for a fully-managed solution that you never have to worry about, or a full-time employee to oversee the software-only solution that you're paying less per agent for?

Shrinking margins are the real concern when it comes to software-only solutions. Even if you don't spend the money to hire a new employee, your existing technicians are going to be spending their time working on the tool instead of taking care of projects that they should be working on or investing time in relationships they should be building. On a per-day basis, the time spent updating or maintaining the tool may not seem like much, but add it all up at the end of the year. That little number looks a lot bigger now, doesn't it?

When considering an RMM solution, or any other MSP tool for that matter, there are a few questions that you should always ask yourself...

• How much time do you spend setting up this solution?
• How much time are you (or your techs) spending managing this software solution?
• How fast does it allow you and/or your technicians to work vs. another solution?
• What tasks are you and/or your technicians spending time on with this solution?

If the carpenter could have spent more money on a saw that had a built-in maintenance system that could automatically take care of any issues as they occurred, without him even knowing, don't you think he would?

What's the Solution?

Again, software-only solutions can be attractive because they are able to be purchased for lower prices. When you dig a bit deeper, you'll find that for a higher cost per agent, you're able to save yourself a LOT of money in the long run. Fully-managed solutions allow you to receive the same benefit that you would with a software-only solution, but you also get an entire team maintaining your system behind the scenes. The software needs an update? Don't lift a finger. It's taken care of for you.

Some of you business owners may have an issue with relinquishing complete management of the tools that you're using to monitor your clients. If this is the case, you can always step in. Fully-managed solutions allow you to have as much or as little involvement in the software as you'd like.

If you're currently using a software-only solution and don't agree with these points, simply start tracking these expenditures. Track how much time your employees are spending with the software. Come up with some sort of a tracking mechanism that will allow you to calculate the real cost of the solution that you have in place. You might end up realizing that it's worth it to spend a little more upfront on the saw that will save you money in the long haul.

Original post at: MSP Blog

Tis the season for unprecedented snow fall! As children, we obsessively watched the weather forecast when there was the slightest mention of snow, hoping that 67% chance crystallized into a sure thing. Then the next morning, we'd get up earlier than our parents would normally have to drag us out of our beds to race to the window, hoping to see nothing but white.

As MSPs you don't often have snow days. The biggest snow storms actually wreak havoc for the IT environments you monitor and manage. Are you prepared when they do? In a recent Channele2e post about business continuity, Joe Panettieri recaps the results of Jonas - the blizzard that rocked the east coast this past weekend - and highlights specific MSPs who proactively updated their disaster recovery (DR) plan in preparation. They, like many other MSPs and IT solutions providers, recognized room for improvement and increased responsiveness in the event of an emergency. Have you revisited and revised your own business continuity processes? Is your backup and disaster recovery (BDR) solution Jonas-tested and safe from any other disaster triggered by natural disaster, malicious attack or user error?

Let's see just how robust your disaster recovery plan really is...

1. Have you properly defined and documented what you consider a disaster scenario to be?

You can't know when and how to act when you don't know what to act upon. It may seem like common sense, but you can never be too thorough when recovery planning.

2. Have you identified all of the risks that necessitate an IT disaster recovery plan?

Thinking back to Jonas, we know that by the time Joe had written his article, almost 72,000 customers had already lost power. In this scenario, the risk is systems going offline as a result of the power outage. A snow storm is just one case that tests how strong your plan is. Don't forget about the other threats to your clients' network uptime, such as a phishing email that's clicked and installs ransomware or hardware failure.

3. Have you conducted a Business Impact Analysis (BIA)?

With each of these risks, you want to know how likely they are to occur and what the impact would be if they actually did. Just as different geographic locations may be subject to different weather calamities, different IT environments may have varying levels of susceptibility to outside threats. If your client doesn't have a BDR solution in place, for instance, the impact of an unexpected power outage is critical - if their server and local backup fails, their data can't be recovered. If they do have a BDR solution in place, while they'll experience downtime with workstations being offline, there's not as big a risk of data loss. Once you've conducted the BIA for each risk, you can prioritize which vulnerabilities to address first.

Keep reading!

The hackers responsible for the 2013 attacks on South Korea are believed to be back at it. Meanwhile, a security company has discovered two tools that may have been used to bypass security in the Sony Pictures Entertainment hack.

To hear more, and to watch the video, just click here!

I recently came across an article on eWeek that talked about Malware attacks shifting back toward the end user.

One of the quotes that really resonated with me was the following...

He also said that he was disappointed that education didn’t work as well as it should and that the only thing that seemed to work was after people had been the victims of an attack. This means that companies need to perform more realistic training, he said.

What does "more realistic" training look like? Does anyone have any examples of effective security training? What can you do to make security training "more realistic?"

@Dominica Guilty as charged...

We just moved into a new office in Boston. THIS is our view!

Lets see yours!

Spinning off of my other thread, I wanted to know what people are doing in light of the return of CryptoWall...

How are you educating your clients?
What advice are you giving them?
What do you do if a client becomes a victim of CryptoWall?
In what scenario, if any, would you advise a client to just pay the ransom?

A lot of companies recognize the opportunity to offer managed IT services to their clients, but that transition is easier said than done. There's a lot you need to consider, including new technology, new training, organizational changes and more.

On this episode of MSPradio, we chat with Milton Bartley, CEO, President & Co-Founder of ImageQuest, about how he has been able to successfully reposition his office equipment business into a true technology solution provider.

Tune in now to learn how you can effectively and successfully make the leap to managed IT services!

Listen to the podcast!

There has been some recent discussion in the channel around SLAs... Joe Panettiere recently posted about the idea that it could be time for MSPs to abandon service level agreements, while Jaq Baldwin thinks that they just need to be adjusted.

So, what do your current service level agreements entail? Are you considering dropping/changing them?

Marketing is tough. It's tough to get your content, products and services in front of people and even tougher to get them to bite. But when you're not even targeting the right people, marketing can be near impossible. Whether you are sending out direct mail or promoting a blog post, you want your content to get in front of the people that are most likely to become your clients and brand champions. One way that you can do this is through social media platforms. Still, how are you supposed to know who the right people are? Well, that depends on your business. To determine who you should be targeting your marketing efforts at, you first need to evaluate your business. Once you have done that, you can kick your social media marketing strategy into high gear.

Many MSPs will target a certain region. Perhaps the vast majority of your business is local. Obviously, you're going to want to appeal to the people and businesses in your local area. Still, you can take your targeted efforts even further. Are you serving any specific verticals? Many MSPs make efforts to serve retail, financial and healthcare verticals, with much of their business coming from each of these markets. If this is the case for you, you can use your social media presence to hone in on those verticals that present the highest quality of prospects for your MSP business.

Read more!

Original post at: MSP Blog

SplashData, a password-management application provider, has released the fifth edition of their annual “Worst Passwords List,” putting the spotlight on the poor password habits of Internet users. Unbelievably, the most terrible—and most common—passwords remain the same: “123456” and “password.”

Despite all of the warnings and notifications that have attempted to permeate the public consciousness, people are still using these risky and unsafe options, leading to the conclusion that they either don’t know or don’t care about the great risk such weak passwords pose to their data.

If you use any of the following passwords, please—PLEASE—go change them now. We’ll wait.

25. starwars (New)
26. passw0rd (New)
27. solo (New)
28. qwertyuiop (New)
29. princess (New)
30. login (New)
31. letmein (Down 6)
32. monkey (Down 6)
33. master (Up 2)
34. dragon (Down 7)
35. 1qaz2wsx (New)
36. 111111 (Up 1)
37. abc123 (Up 1)
38. 1234567890 (New)
39. welcome (New)
40. baseball (Down 2)
41. 1234567 (Up 2)
42. 1234 (Down 1)
43. football (Up 3)
44. 123456789 (Unchanged)
45. 12345 (Down 2) - remind any of you of this classic Spaceballs scene??
46. qwerty (Up 1)
47. 12345678 (Up 1)
48. password (Unchanged)
49. 123456 (Unchanged from 2014)

This list was compiled from over two million leaked passwords over the course of 2015, and some interesting trends have emerged.

Read the rest of the blog

Original post can be found at: Continuum's MSP Blog

People use (excuse me, depend on) anywhere between 2-3 devices on average, and the number is steadily increasing, expected to hit 4.3 by 2020. With the holidays behind us, I am sure many of you are finally getting comfortable with your new gadgets, but how comfortable are you with clients introducing these new toys into the office? Are you positive you can trust their use of personal devices in a professional setting?

More data mobility means there's a greater market need for managed IT security. Embrace this opportunity as you map out your 2016 business plan. By introducing new services and solutions you may not have ever thought to include in your product portfolio, you'll attract new clients and retain existing customers, all while growing your revenue and profitability!

The Need to Adapt in an Increasingly Mobile World

It is undeniable that technology has evolved at a rapid rate and simply having one connected device is old news. Your clients, like all users, turn to mobile devices – cell phones, laptops, tablets etc. – to pass time in waiting rooms, sift through social media updates and swiftly respond to important emails they’ve been anticipating. Consider this comScore graph which depicts the convergence (and dominance) of mobile with desktop usage:

Sure, the Internet of Things (IoT) and emergence of new endpoints makes it easy to stay connected on-the-go. There’s a caveat, however. An increasingly mobile world means more data, with more reliance on networks, connections and security.

In this case, managed services providers (MSPs) must adopt a broader product portfolio and skill set to keep up with the changing times. This point is emphasized by Ray Vrabel, Continuum's Senior Director of Strategic Planning, in our recent webinar, 2016 Business Plan, What Every MSP Should Be Offering Next Year. Joined by partner, Eric Wood of Blue Fox Group, the two reflect on what they believe every MSP should consider when kicking off 2016. Luckily, we are only a few days into the New Year. You still have plenty of time to explore new ideas, enter new lucrative markets and make this year your most successful one yet!

New Services and Products to Take a Hard Look at in 2016:

You know, and likely offer, the existing products and services that drive the managed IT services market - i.e. remote monitoring and management (RMM), backup and disaster recovery (BDR and business continuity, help desk client support and cloud computing.

But with the scope of IT infrastructure ever-expanding and the need for stricter data security, what new opportunities are out there that you've yet to explore? You could be leaving money on the table by not recognizing the value of being your clients' all-in-one IT solution. Expand your portfolio with:

Collaboration Tools
This is huge, since data is everywhere! People expect their cellphone, laptop, tablet and work desktops to work quickly, smoothly, and interchangeably. By providing collaboration tools with business-grade security, MSPs create offerings that are more competitive due to the increase of accessibility, communication and data protection between both employees and clients. With Bring Your Own Device (BYOD), compliance measures and corporate IP, file sync and share solutions are collaboration tools that are in especially high demand. Clients want their company data to be easily accessible, audited, fast, and most importantly, secure. As Ray reminds us in a previous blog post about new managed IT services to add, email is not the way you want clients transferring important and sensitive files. By introducing file sync and share as a new IT service, you can ensure their corporate data is encrypted, safe and separated from personal accounts.

Security
What is the point of relying on the accessibility of modern technology if you have to constantly be reminded of potentially losing everything? With all of the coverage of recent data breaches pervading the mainstream media, your clients understand the importance of data security. As explained in the webinar, in an attempt to convince users to invest in their proactive IT solution, MSPs often lead with cybersecurity as a service. It's been known to really pay off too! Clients, particularly those bound to federal regulations, clearly understand the longterm business value of securing their data with a trusted solution. Recognizing this and adding security as an additional revenue stream, will only grow your profitability.

Mobile Device Management (MDM)
The MDM market is burgeoning at an accelerated pace with multiple devices carried per person, both personally and professionally. With the ongoing and seemingly unstoppable trend of BYOD characterizing the modern workplace, the line between personal and corporate data has become blurred and managing all of this information, understandably complex. Complex, yet more necessary now than ever before. By adding Mobile Device Management (MDM) as a new service offering, MSPs have the ability to remotely wipe an individual’s data when he or she leaves the company or when a device is compromised.

When looking for an MDM tool to offer clients, here are some features to look for:

• Synchronization and sharing between files
• Security for data
• Interchangeable support between personal and corporate devices
• Ability to maintain and manage the application
• Compliance as a Service

This is one of the most recent revenue streams that is providing huge margins. Since the switch from file cabinets to electronic medical records (EMRs), doctors and other healthcare providers have the ability to store and manage patient data seamlessly. Unfortunately, the data that lies within a doctor’s tablet, in addition to all of his or her employee’s devices, can add up to one giant HIPAA violation if necessary security precautions and protocol aren’t followed. Recalling the need for MDM, devices that are compromised are often referred to as $50,000 cellphones due to the hefty fines associated with HIPAA. HIPAA is just one form of compliance, however. PCI Security Standards apply to all organizations that store, process, or transmit cardholder data. Any clients that accept payment cards are required to be PCI compliant.

Your clients need help! This year's your chance to renew your commitment to being their trusted IT advisor and help them become and stay compliant. Continuum has partnered with RapidFire Tools to offer a PCI and HIPAA Assessment MSPs can then use with end-users. The modules are proving to sell themselves and offer extreme margins in the pre and post work projects generated.

What it Takes to be on Top this Year

In order to stay ahead of the competition and make the most out of 2016, MSPs must be a trusted advisor and an all-purpose IT provider by creating a one-stop-shop for their clients. By including additional services and products like the ones described here and others discussed in the webinar, MSPs will start out the year with a solid business plan, growing revenue and forming lasting customer relations with clients who'll appreciate this shared interest in helping them meet their own 2016 business goals.

See the full blog at: Continuum's MSP Blog

With the Consumer Technology Association's CES 2016 conference kicking off today, I can't help but think of how many new gadgets, or endpoints, will be unveiled at the event by week's end. Endpoint management is becoming increasingly challenging due to the growing number of personal devices, as well as the growing number of places where a connected device can be found.

Not too long ago, I wrote a post on my own blog about IoT (Internet of Things). When taking a quick inventory, I was a little stunned to realize I actually carry six connected devices on my person each and every work day! Counting Bluetooth, Wi-Fi, and 3G/LTE devices, I have a laptop, smart pen, fitness watch, iPhone, iPad, Kindle and occasionally a USB stick. While these all bring enjoyment and productivity to my life, if not properly managed, they could also leave the security of my personal data and company's data seriously vulnerable. Considering how highly connected to the Internet we've become at home through TVs, thermostats or even Wi-Fi enabled refrigerators, it should make you and your clients wonder: how much of our data could we be potentially and unknowingly putting at risk?

Need-to-Know Statistics on Endpoint Security

Here is an excerpt of relevant findings from an independent endpoint security study done by the Ponemon Institute from 2015:

"Mobile devices, such as smart phones, have seen the greatest rise in potential IT security risk in the IT environment. Eighty percent of respondents say smart phones are a concern followed by vulnerabilities in third party applications (69 percent), mobile remote employees (42 percent) and the negligent insider risk. Governance and control processes are the biggest gaps in stopping attacks on endpoints. On average, 28 percent of attacks on an organization’s endpoints cannot be realistically stopped with enabling technologies, processes and in-house expertise. Seventy percent of respondents agree that their organizations’ endpoint security policies are difficult to enforce."

• Ponemon Institute Research 2015 State of the Endpoint Report: User-Centric Risk

Also, of the growing number of mobile attacks, a Webroot study found that 38.7 percent of attacks are SMS malware, 39.8 percent are Ad-SDK PUAs (potentially unwanted applications) and 8.9 percent are malware using obfuscation (malware hidden deep in an application's code).

• Webroot Mobile Threat Report 2014

How to Help Eliminate Anxieties about Endpoint Security

Thankfully, MSPs can reduce the data security risk described by setting and overseeing an AUP (Acceptable Use Policy). Start by applying an AUP that requires strong passwords on company issued laptops or company connected mobile devices. Clearly establishing what's expected of your employees when using a personal device for work and enforcing that protocol is critical, especially with the ongoing trend of BYOD (Bring Your Own Device)... Keep Reading!

Original Source: MSP Blog

As cited in CompTIA's 4th Annual Trends in Managed Services report, "the global managed-services market is predicted to grow to $193B by 2019, at a Compound Annual Growth Rate (CAGR) of 12.5%." What is fueling this impressive level of adoption? Why are so many business owners fans of your business model? We dug into the report to examine the top reasons small-to-medium-sized businesses (SMBs) list for working with MSPs and IT solutions providers. As you build your 2016 sales strategy, pay attention to these main market drivers.

Why SMB Owners Demand Managed Services

When thinking about how best to position your managed IT services, it's worth considering what points make for the most compelling sell. Remember that while you may think they should adopt your business model for one reason, they may have an entirely different set of priorities that you should appeal to first. So what should you lead with when marketing and selling to prospective clients? Using data presented in CompTIA's report as reference, we break it down for you! How well do you deliver - and communicate that you deliver - each of the following?

Let's break the top five down:

1. Increased efficiency/reliability of IT operations
As depicted in the chart above, 56 percent of companies with over a hundred employees list this as the main reason for working with a managed services provider (MSP). Indeed, it is the single most popular reason given. Often, the SMBs you aim to partner with have over-burdened IT staff with employees who may lack the skills and training for certain tasks or can't handle the whole of the company's network on their own. In response, these companies recognize the value of working with an outside technical support team. According to CompTIA's report, "60 percent of end users describe their managed services engagement as a collaborative arrangement with their internal IT department, suggesting that certain IT areas fall into the MSP bucket, while others remain in house." Notice how the reason provided is to improve the abilities of the in house team, not to do away with these IT employees altogether. Not only does it help having an extra team of IT experts able to troubleshoot and remediate issues that arise, clients benefit from having access to the latest technology and business-grade solutions that maintain uptime and profitability, such as remote monitoring and management (RMM), backup and disaster recovery (BDR) and cloud computing. Investing in these tools increases the reliability of organizations' IT infrastructure. Investing in the managed services business model tackles existing labor constraints and prevents internal IT departments from always having to play catch-up.

2. Enhanced security/compliance
Laptops, desktops, smartphones, applications, tablets, servers, operating systems, browsers, wearable technology and the like all store and transmit data and thus require the strictest security measures. Prospective clients will turn to you out of fear of becoming the next headline in a high-profile data breach or data loss incident. Remind them of the most notorious examples highlighted in the media, and share the results and fallout. Use the information shared in our Top 10 Data Breaches of 2015 infographic to reach prospects who may share similar company profiles. Are you offering compliance as a service? If you're trying to convince a doctor's office to consider you, begin by stressing the importance of working with a HIPAA compliant IT solutions provider, one who understands HIPAA regulations and how to supplement them with additional managed security protocol, policies and procedures. Reference the Anthem data breach, which implicated one-third of Americans and compromised the medical data of nearly 100 million individuals. As CompTIA's study finds, security and data protection resonates with your target audience. Along these lines, compliance is becoming even more of an outsourced IT adoption driver for SMB owners, especially with regard to PCI security standards, since many businesses offer e-commerce on their websites.

3. Proactive approach to maintenance
This is a benefit of managed IT services that we discuss a lot because it is so important. Your clients don't want to have to think about their daily IT operations. They don't want to have to second-guess the reliability and speediness of their network connection. Similarly, they don't want to have to worry about what the state their IT environment will be when they commute in to work each morning. They choose to work with an MSP because you can provide 24/7/365 coverage. Services like RMM and the security suite you offer detect potential disturbances and vulnerabilities, allowing you to resolve these problems before they develop into more critical threats. When you offer fully managed IT support, you can often troubleshoot and remediate glitches or bugs before the client is any the wiser. Again, they're paying you to worry about these things for them. Does a CEO have the time to verify that the backups his company has taken actually worked? We already know that data management in the cloud is expected to yield more managed services revenue in 2016. In working with the right MSP, key executives can take advantage of proactive BDR solutions that offer business continuity by combining RMM intelligence with regular, encrypted backups, cloud computing capabilities and IT virtualization.

Click here to view the final two factors!

Original blog post at: MSP Blog

This weekend, news broke that malicious emails requesting payment for licenses were sent in remote management company, Kaseya's, name. This latest security headline is just one of many instances of malware launched through an email phishing scheme. The hackers, who haven't yet been identified, reportedly sent an email with a fake invoice attachment, which once opened, compromises the recipient's device with malware capable of stealing sensitive company data. If you've not yet heard of this latest hack sending tidal waves through the channel, let it serve as a warning. All employees and clients must screen any emails requesting payment for services, even those from a trusted name or company they do business with.

The Kaseya Email Attack Explained

On Saturday, January 16, Channelnomics reporter, Sam Trendall, exposed the false Kaseya email that landed in her inbox. According to her account, the email's subject is titled Kaseya Invoice with a random customer reference number to fake authenticity. Keeping up the rouse, the message is directed at the recipient company's Accounts Payable department, as shown in this screenshot provided by My Online Security:

The fake invoice with payment details is attached to the email in both a Microsoft Word document and Microsoft Excel XLS spreadsheet version. Once downloaded, malware such as Trojans, password stealers and ransomware infect the user's system.

It is worth noting that in each of these email impersonation attacks, the companies or individuals who've had their names used have not been hacked themselves. Unless their email servers have been compromised or some other vulnerability is exploited, they are not to blame for phishing attempts based on mimicry.

With that in mind, understand that hackers can make it look like any company is sending you a legitimate request, not just Kaseya. In case this latest attack signals a new trend in targeting companies in the IT services space, we advise you to be especially suspicious of invoice emails sent from any vendors within the channel, including those which may appear to come from Continuum.

If you do receive a phishing email like the one from Kaseya that's circulating, do not click into it or attempt to contact the sender. Along with other Microsoft Office tips like ensuring your programs are up-to-date, My Online Security reminds us that "if protected view mode is turned off and macros are enabled then opening this malicious document will infect you, and simply previewing it in Windows Explorer or your email client might well be enough to infect you." Besides disabling edit mode and macros to protect against this or future malware attempts, above all never open any attachment in an email you aren't expecting or aren't sure is legitimate. Pro tip: files ending in .exe, .com, .pif, .scr or .js should never be clicked or downloaded. These are indicators of malicious intent.

Thanks to social engineering, however, judging email legitimacy isn't always easy. Let's take a look at some of the tactics employed in the fake email above.

The attacker appears legitimate by addressing Accounts Payable rather than a random individual at the company. Knowing that this is the department that typically processes invoice payment, the scheme crafters hope to gain trust. Similarly, the Kaseya customer service department email address, [email protected] is believable, as the tail duplicates the company's name and the "cs" could be an abbreviation for customer service. A popular social engineering trick, attackers often manipulate account information to only subtly differ from the original. Additionally, pay attention to the email signature. By including one, the message seems to be sent from a professional account. Also, the email address listed matches the sender's address, which makes it easier for recipients to mistakenly trust.

As a sanity check, create a list of all your vendors, when they typically invoice you, which addresses the emails come from and the follow-up contact information detailed in the body of the email. Then, each new time you receive an email requesting payment, cross-reference it with this list to make sure it's legitimate.

For a closer examination of the process of email phishing, and common occurrences of it, check out this guest blog post about the current state of encrypting ransomware, written by our friends over at Webroot. What other best practices and tips can you share with your employees and clients to avoid additional malware cases? Check out our related material:

Protect Yourself and Clients from Malware
How to Keep Clients Safe from Phishing Attacks and Online Scams this Holiday Season

And don't forget to stay up-to-date with the latest threats and patches! We compiled key updates from last month to give you an idea of what to look out for and help you stay ahead of the malware curve:

Monthly Malware Roundup - December 2015

See the original blog at: MSP Blog

Social media can be a real driver for your business. If you've taken the time to set up your accounts, share content and make connections, you've probably experienced this firsthand. Still, managing all of these social networks can become a bit overwhelming if you're not connecting with the right people and keeping your contacts organized. The more you grow your network of connections, the more content and messaging will be made available to you. With this stream of new information, it can be easy to miss important posts. Luckily, you can continue to grow your following and influence without losing key content. In this post, I'll explain who to connect with and how to stay organized by segmenting contacts across the various social channels you're now active on.

Before you start to segment your contacts into groups or lists, start by first connecting with the right people.

Who Should You Connect With?

The answer to this question largely depends on what you're looking to get out of your social media efforts. In the meantime, here are a few categories of potential connections that you should explore:

Current Clients
You might be thinking, "Why would I need to connect with my clients? I already have their business!" This is true, but the key to retaining your current clients is to build strong relationships. Of course, new business is great, but you also want to make your current clients feel valued. Make new friends but keep the old! By connecting with your current clients on social media, you'll be able to see, in real time, what they're interested in and talking about. What if they're talking about you? Perhaps employees in their office can't connect to the Wi-Fi and are reaching out for assistance via Twitter. You can leverage your social presence to field these requests, troubleshoot the issues and deliver superior customer service. By following the client who's having trouble, you'll see this tweet in your feed. Instead of waiting for them to call you, proactively reply to their message and let them know that you're sorry for the service disruption, but are looking into it!

Additionally, following clients expands your reach to their own individual networks. if you're having discussions with your current clients on social media, their connections are going to see these threads. Who knows, maybe the owner of one of the companies they are connected with will appreciate your accessibility and immediate response so much that they become a future client of yours!

Prospects
In our "Step-by-Step Guide to Targeting Your Verticals on Social Media," we discussed the importance of targeting the companies in your area that fit your buyer personas. Evaluate your current clients and determine which verticals you're serving. Additionally, identify which geographic areas you are servicing. Once you have broken your business down into verticals (it might be just one) and location, you should do an audit of all businesses that fit these two qualifiers. These are the companies that you should be connecting with. As you make connections, the content that you share will be made available to these potential clients. At the same time, you'll be able to see what they think is worth sharing and can learn of new trends and stories you may have otherwise missed. This way, you'll position yourself as a thought leader and problem solver in the industry, and your company name and logo will gain more visibility in your area.

Relevant Publications & Thought Leaders
We've mentioned "sharing content" a couple of times in this post. Where is this content coming from? Hopefully, your company has a blog that you and your employees are consistently contributing to. However, blogs take time to create and maintain and sometimes, you just don't have that time. When this is the case, connect with and follow relevant publications, those that create the exact kind of content that will be interesting and helpful to your clients and prospects. This way, you'll see the content that these publications are sharing and can pass it along to your own connections.

Even if you do have your own blog, it never hurts to connect with these publications and thought leaders. If you share one of their posts, they may reciprocate and share something that you have published. Now, you will increase your exposure and get in front of a larger collection of strategic accounts.

How to Stay Organized

Once you have built out a solid network of connections, you might notice that monitoring and managing social media can get a bit hectic. Messages from your prospects are mixed with your clients are mixed with the publications. If only there were a way to keep everything nice and organized...

There is! You can utilize social media lists or tags to segment contacts and connections. Some of you may choose to do this to separate personal and professional content. The methods vary a bit on each of the platforms, so let's take a brief look at how to stay organized on Twitter, Facebook and LinkedIn.

Keep reading!

We recently published a "Would you rather" post on our blog and are planning on creating another one. I wanted to reach out to you clever folks to see if you could offer up any tough/clever/funny would you rather questions for the MSP community. Some of the examples that we have currently are....

• Never have a client get malware OR Never lose a skilled technician?
• Have a big client get hooked by a phising scheme OR Have one of your own employees hooked by a phishing scheme?
• Have an 8 day recovery window OR Have a small backup drive that needs to last 8 days?

What else can we ask?!