Hopefully your customers weren’t impacted by the recent Kaseya VSA ransomware incident that caused massive outages for many MSPs’ customers. There’s a good chance that your customers and end-users will be wondering if they are still at risk. Even if you don’t use Kaseya products, they may still be anxious about the potential for similar attacks to target them.
Clear, transparent messaging is needed
It’s important to be transparent with customers at a time like this. I expect that responsible MSPs will be looking for the right words to update their customers on how the incident might impact them. I encourage you to make use of these points below, and revise them for your own use in communicating with customers and end-users.
1- There are always risks when using third party software, especially for remote management, which is primarily how small business systems are managed by MSPs these days. This was an extremely rare incident, and should not be a cause for taking drastic action. MSPs should still be trusted to manage and protect operational systems.
2- Systems that could be impacted directly by the recently discovered ransomware attack are being shut down or isolated to limit potential damage.
3- Systems that were not impacted are still being monitored closely, and may be taken out of service temporarily, until there is a high degree of confidence that the risk is under control.
4- Systems may be managed manually for a while, which means that response times for tickets could be slower than normal. Please be patient.
5- MSPs had virtually no way to know that the customer systems they manage were at risk, since the attack was carried out through a vulnerability in software from a major, trusted vendor. But MSPs are taking responsibility, staying on high alert, and are making this incident a priority for investigation.
6- MSPs will be doing a thorough review of all third party and remote management software vulnerabilities to make sure that systems are configured securely and have the latest security patches.
7- Customers should plan to collaborate as soon as possible with their MSPs to conduct a “Business Impact Analysis”. This will help in identifying critical business processes that require contingency measures that will allow for operation to continue in the event of a ransomware attack or other major incident that causes system outages.
The Kaseya incident is a major wake-up call for MSPs that can’t afford to have multiple customers suffering outages simultaneously. But having a good communication relationship with all customers and end-users, with clear and simple messaging, should allow you to retain trust through the worst of times.
