At the first virtual IT Nation Explore, ConnectWise made several announcements. There was a continued focus on security and an update on the Continuum products which sees a merging of the leadership teams. Before the event, Enterprise Times had the opportunity to talk to Jeff Bishop, Chief Product Officer, and Jay Ryerse, Vice President, Cybersecurity Initiatives. Bishop has been at ConnectWise for five years, predating the Thoma Bravo acquisition and Ryerse was previously CTO of security products at Continuum.
A new security framework
ConnectWise is introducing a new security framework, the MSP+ Cybersecurity Framework. Jason Magee, CEO, ConnectWise described it succinctly saying: “We talk a lot about how important it is to know ‘what good looks like’ in your business so you can work towards that in all areas. But the challenge has been that MSPs haven’t had a specialised and standardised framework to work against for cybersecurity and therefore don’t know what good cybersecurity looks like
“We’ve designed the MSP+ Cybersecurity Framework to address that issue, and it’s part of a comprehensive new cybersecurity education and certification program called IT Nation Secure that will position MSPs for long-term success.”
The MSP+ Cybersecurity Framework brings together aspects of several different security frameworks, including NIST CSF, CIS 20, UK Cyber Essentials plus and Australia’s Essential Eight. It also uses language that is relevant to an MSP. This is important. Despite security becoming a hot topic, there is a lack of education for MSPs specifically. Few currently offer security plans as part of their offerings. According to research by Vanson Bourne, only 13% are talking to their clients about cybersecurity.
No certification as yet
While ConnectWise has created this framework, it does not appear to offer certification against it yet. Nor does have a peering arrangement with any of the other frameworks that do offer a certification program. Enterprise Times asked Ryerse about certification, he answered:
“One of the problems that we’ve seen is that MSPs are being asked by different customers to follow different frameworks. There is not a consistent alignment across them. None specifically speak to MSPs themselves. By taking the best in class of all of them, we’ve been able to align our industry in one focus and help them meet those certification requirements. It doesn’t matter if it is cyber essentials plus or one of the other ones that are out there, we’ve ensured it is related to their needs.”
IT Nation Secure
The second announcement was around an improved education offering on security. IT Nation Secure provides the collateral to help MSPs learn about the MSP+ Cybersecurity Framework. It includes advice on best practices and will also help to educate them on how to hold conversations about security with their customers. Enterprise Times asked Ryerse why this has become so important now. He replied:
“It relates to the fact that by this time next year, there’ll be between 3.5 and 4 million unfilled cybersecurity positions worldwide. We feel that there’s a huge opportunity for the industry to fill that gap and close that talent shortage. We do that in our Certify programme by actually teaching the MSPs – ‘what good cybersecurity looks like’. More than 3,000 people have gone through our Certify courses, year to date. We expect that to accelerate heading into the end of 2020 and early 2021.”
One of the challenges is that it is more than the MSPs that need educating about security. Customers also need education. Ryerse said:
“In the Certify courses, we spend quite a bit of time talking about the risk conversation. How to stop selling from fear, uncertainty and doubt and talk about the impact on their business as the key element for why cybersecurity matters. We do that in a couple of different ways. We’re teaching our partners how to hold in-person events which, today, are web-based events. We also teach them to do live security awareness training. We know that awareness training has a major impact on the success of a cybersecurity programme and the organisation. Watching videos just hasn’t been enough. We’re teaching them how to do it as a lunch and learn or a web-based meeting with their clients to really drive security and make it relevant for staff.”
Continuum products are now ConnectWise products
Following the acquisition of Continuum, announced in October, ConnectWise is now rebranding the Continuum products.
- ConnectWise Command, formerly a Continuum solution
- ConnectWise Fortify, formerly a Continuum solution
- ConnectWise Recover, formerly a Continuum solution
- ConnectWise Assist, formerly a Continuum solution
Enterprise Times asked Bishop what is happening to Continuum Enable product. He said: “We are starting to work on collapsing Enable into our overall University for Connectwise. The university will be our go forward educational system.”
Fortify gets fortified
ConnectWise Fortify for SaaS Security is a detection and response solution for Microsoft cloud environments. The solution is based on the Perch native Microsoft 365 monitoring tool. The relationship with threat intelligence vendor Perch took a step forward in August last year when ConnectWise founded the Technology Solution Provider Information Sharing and Analysis Organisation (TSP-ISAO). The solution is available from July and provides detailed reporting and visibility into Microsoft 365 security events. It also correlates those events and then gives remediation recommendations to help MSPs quickly identify security issues and address them without needing to scale up their costs and resources. It supports both Microsoft 365 and Azure AD. The solution is included in the ConnectWise MSP+ Foundation Pack, which starts at $600 per month.
Fortify gets fortified again
The ConnectWise MSP+ Foundation Pack will also include ConnectWise Fortify for Assessment. It goes into beta in July and, according to Bishop, should become fully available within a couple of months. The Assessment solution enables MSPs to assess the security readiness of SMB environments. It includes:
- Risk report to drive end client conversations
- Risk information related to stolen user credentials
- Point in time technical review of user and machine risk
- Unlimited dark web scans which are perfect proof points in the sales process
- Access to ConnectWise Fortify suite to protect your MSP or use as proof of concept with clients
The assessment tool is one of the first solutions to come out of the newly combined development function. Bishop explained:
“For the assessment, We were working internally at legacy ConnectWise before the acquisition of Continuum on our scanner technology. We’ve added new reports into it. We got a lot of feedback that the reporting aspect of the assessment was a little hard for some of the clients to follow along. We tried to simplify it, clean it up and help the MSPs deliver that message to their clients. Putting our scanner technology in there allows us to start to expand that.”
The focus for the announcements and the events is around security. However, ConnectWise has also made improvements to its other products that it has highlighted. These includes
- ConnectWise Automate: Moving admin capabilities to the web
- ConnectWise Command: Available in Q3, integrations into ConnectWise Control® and BrightGauge®
- IT Boost: Increased stability and overall performance improvements
- ConnectWise Recover for SaaS: Extended support for Microsoft Sharepoint and Microsoft Teams, and the addition of Microsoft Dynamics 365
The future is the platform
Bishop also gave a brief comment when asked what else ConnectWise is focusing on. He commented: “It ties in a lot around platform. We’ve got a lot of best of breed products between RMM and the PSA. These security products are starting to come into their own as well, but they are still separate products. Continuum had done a great job of starting to bring these into a centralised platform. It centralised data services, around devices, companies and contacts. We have these best of breed products, but we want them to feel like one platform, one product. We want that experience to be on point for our customers going forward.
“It also should allow us to move a lot faster because we’re not developing synchronisation technologies. We’re not developing some of the same repetitive code in each of the product lines that are needed, and we can centralise that to make it available for all products. That uniform platform will be a message you’ll start to hear over and over from us going forward.”
Enterprise Times: What does this mean
This is an impressive update from ConnectWise. After a few months, it is showing that the acquisition with Continuum is working well. On that, Ryerse commented: “It feels more like we’ve been adopted into the ConnectWise world. Everything here has been fantastic. Obviously, it’s a much larger organisation from a product development team. It’s been a lot of fun to watch Brian and Jeff take the things that we were doing at Continuum, with our limited resources, and expand them to align with the broader ConnectWise vision.”
ConnectWise completed the acquisition to add a robust security suite to its portfolio. It is now merging the two and with enhancements to Fortify, showing that the combined development teams are now producing something greater. The announcement around the platform is also interesting. It will make future acquisitions easier if it has a strong platform that can add even more components.