Channel Chatter, April 16 - 23 2024

This newsletter is in BETA, and feedback is welcomed and encouraged.? Anyone who joins in the beta will be included in the launch offer! ?The intention is to deliver a set of actionable insights into the discussions had by the community for vendors to leverage for execution. Does this deliver???

Channel Chatter is the parsing of the listening posts that the Business of Tech podcast has around the MSP community across discussion forums and groups to bring together insights and discussions that I think are worth considering.?? In considering the needs of MSPs by listening to them for the podcast, there are insights specifically for vendors serving the space to be shared.? That is this newsletter.??

Browser history discussion hit my radar this week, and is the one I lingered on most.

We were asked by a customer recently whether we could extend our monitoring to include collecting user browser history. The requirement was to grab the history from each user regularly such that they would have a copy even if the user deleted their history from the browser.

The key question — is this useful?

Pretty common, but rather than browser history there’s usually a corporate internet breakout with web filtering.?

If you have any legal or moral questions, suggest they have a accceptsble use policy and electronic communications policy as part of their handbook. Provide them with boiler plate documents in writing and suggest them

Yea browser seems like a nightmare. Just use something like opendns they will give you reports for any machine you want for any date.

Scanning browser history is part of shadow IT discovery.

Browser history collection is easy. The viewing/reporting is messy. I'd like to have the capability to provide the execs with a pretty report, when requested. But, I don't have near enough demand to pay for such a thing.

What interested me was the focus on acceptable use policies (AUP). This is the key consulting opportunity.

An AUP should clearly outline what it covers—whether it's internet use, email systems, or other IT resources. It should also explain why the policy is in place, often highlighting the need to protect both company resources and data from misuse or threats. AUPs must detail what is considered acceptable and unacceptable behavior. This includes the use of email, social media, web browsing, software downloads, and data handling.

They require regular updates, to adapt to new security threats, technological advancements, and changes in the legal landscape.

And that’s the highest value delivered to customers.

Did some research and learned that where I live, employees must be notified of the collection, even on company devices. There was a case where an employee had been fired and browser history used as evidence, they sued for unfair termination and then won.

Now, why did it interest me? Two reasons. First, browser security has been top of mind, with several new products in the space. Second, looking at the conversation gives a sense of the reaction of MSPs, which fell as I would expect. The majority of the focus was on the technical question, but about a quarter of the focus was on the legal and compliance concerns. That exactly checks out to what I would expect.

Vendors, support the work of MSP Radio here

Topics of Interest

This section is a high-level summary of the major topics of discussion within the community during the time period. This gives you a sense of the questions the community is raising and what they are discussing.

1. Automation and CI/CD Implementation:
2. Ethical and Security Concerns with Browser History Collection:
3. Emerging Technologies and Vendor Evaluation:
4. Market Response to Layoffs and Business Decisions:
5. Vendor-Specific Challenges and Community Solutions:

Product Gaps

This section is intended to highlight “gaps” that appear to exist in the market, where a specific weakness or need is highlighted in terms of product offerings. This can also include potential gaps in the market. If you wondered what MSPs “wish things did”, that’s this section.?

1. Streamlined Vendor Management Platforms:
2. Privacy-Focused Web Monitoring Tools:
3. Advanced Training and Onboarding Platforms:

Vendor Discussion

This section is designed to give you insights into who was “discussed” this week. These are vendors that were mentioned or commented upon, and not necessarily a specific set of complaints about the vendor. This may be a good opportunity to learn about a new name, or get a sense of who is in the zeitgeist.?It’s long. It’s intentionally long, to give you the firehose.

• Acronis: Considered for backups and noted for offering Managed Detection and Response (MDR) and antivirus solutions through Acronis Cyber Protect Cloud.
• Adobe Acrobat: Discussed as the standard against which alternatives like PDF24 Toolbox and others are measured, implied to be more expensive or complex.
• Altaro (now Hornet Security): Mentioned for Hyper-V backup but with concerns about company priorities.
• AWS Glacier: For offsite backups as part of a 3-2-1 backup method plan by a new MSP.
• Avanan: For mail filtering, in the context of various security solutions for MSP setups.
• Bitdefender: Recommended for its defense posture and compatibility with popular Managed Detection and Response (MDR)/Endpoint Detection and Response (EDR) services.
• CircleCI: Mentioned as a potential tool to automate CI/CD pipelines, helping to streamline development processes by automating git pulls.
• Comet Backup: Praised for being solid and useful, with support for multiple destinations like Wasabi.
• ConnectWise: Discussed regarding layoffs and organizational changes aimed at aligning resources with partner growth opportunities. Some community reactions vary from understanding to criticism.
• CurrentWare BrowseReport: Used for tracking user browser history on-device, indicating its market presence in scenarios where monitoring is deemed necessary and has been legally vetted.
• Datto: Recommended for backup and disaster recovery (BCDR) and SaaS backups.
• Domotz: Selected for monitoring in a new MSP's infrastructure setup.
• Eset: Suggested for antivirus in the context of various MSP infrastructure setups.
• Foxit PhantomPDF: Preferred for more complex document editing and annotating, compared with Adobe Acrobat and other PDF tools.
• Mimecast: For mail filtering, in the context of various security solutions for MSP setups.
• OpenDNS: Mentioned as a solution for web filtering, providing reports for any machine, which suggests its utility in avoiding the ethical and practical pitfalls of directly collecting browser history.
• PDF24 Toolbox: Mentioned as a basic Acrobat replacement for tasks like merging and splitting PDFs.
• PDF-XChange Editor: Used internally and resold by one of the users, suggesting it's a trusted option for PDF management.
• PDFgear: Highlighted for being free and functional as an alternative to Adobe Acrobat.
• PDFfiller by airslate: Recommended for its ease of use, cost-effectiveness, and scalability, with distribution through Pax8.
• Red Canary: Being looked at for MDR services in a new MSP's infrastructure plan.
• SentinelOne: Mentioned as a popular choice but compared with Red Canary for MDR services.
• Syncro: Chosen for Remote Monitoring and Management (RMM) in a new MSP's infrastructure setup.
• Synology: For local backups as part of a 3-2-1 backup method plan by a new MSP.
• Veeam: Recommended alongside CrowdStrike, in the context of various security solutions for MSP setups.