Skip to the main content.

3 min read

CloudRadial’s Response to the Kaseya Breach

CloudRadial’s Response to the Kaseya Breach

The recent attack on Kaseya’s VSA product shows again the important role that IT support organizations play in selecting, deploying, managing and monitoring the technology stacks of their clients. Kaseya is not the first to be attacked, nor will it be the last. Kaseya is just the latest.

Remote Management is Not Going Away

RMMs or other applications such as Microsoft’s Intune that provide management of remote servers and endpoints are essential in providing affordable and efficient service. Without these tools, per seat pricing would either be considerably more expensive or leave systems exposed to other vulnerabilities such as out-of-date operating systems, browsers or applications.

Stacks are a “Balanced Portfolio” of Risk Management

A proper technology stack combines tools that work together to minimize risk and include processes and procedures to follow if problems occur. The better the stack is designed, the less the impact from attacks or the faster recovery if it occurs. In financial terms, these multiple layers would be called a “balanced portfolio”. In a balance portfolio, if there are problems in one area, there are offsetting areas that step up to fill those gaps.

No Vendor Tells You the Whole Story

Unfortunately, IT service providers must create their own stack based on incomplete information from vendors. For example, Kaseya does not spend much time discussing the complementary strategies and tools that you will require given the inherent risks of the RMM. But it’s not just Kaseya - we have yet to see any RMM provider lead with the marketing message “Don’t worry about our tool until you have a good backup strategy in place!”

“Dumb” Stacks Often Look the Same to Clients

It is the intellectual property (balance, research, testing, procedures, etc.) included with a stack that makes up the value of an MSP’s per-seat pricing. Unfortunately, “smart” stacks and “dumb” stacks often look the same to the average client until problems occur and then it is too late to opt for the smarter solution.

Get Value for Your Stack

Given that clients and end-users are not that interested or noticeable of all the details of a smart and well-researched stack, IT providers must find other ways to showcase their approaches including:

  • Transparency – Exposing more of the internal operations and reporting to showcase the daily efforts to minimize risk.
  • Compliance – Compliance has often come to mean government compliance, but for IT service providers it should be much deeper including: 1) Complying with contract terms; 2) Complying with internal policies; 3) Following best practices and recommendations; 4) Ensuring adequate user training; 5) Documenting everything.
  • Products – Stacks will change over time with better techniques and new threats. Selling solutions rather than technologies helps keep clients focused on their business. Think “secure desktop” vs. Webroot.

CloudRadial helps you with all these key pieces to make sure that your stack and your intellectual property is valued by clients.

Understand CloudRadial’s Security

In discussing a “smart” stack, it is important to understand what CloudRadial does to minimize risk in its own product and how it complements other tools in your existing stack.

Data Agent Security

The most frequent question that comes up is “If agents are the threats, why deploy another agent?” The simple answer is that we are not an agent like an RMM. The CloudRadial data agent can only do three things:

  • Collect and send data.
  • Uninstall itself.
  • Update itself. In high-security environments, this last option can be disabled through a command line switch during install.

The data agent is designed for report-only. As a reporting tool it helps you see:

  • OneDrive protected folder backups – This is critically important in recovering from data loss from hardware issues, endpoint loss or theft and ransomware.
  • Antivirus protections in place.
  • Operating system versions and major updates.
  • Application versions installed on different endpoints.

The data agent helps you (and your clients) see that your core protections are up-to-date and engaged.

Desktop Application Security

Like the data agent, the desktop application has no functionality to make changes to the system and runs a separate browser instance of the CloudRadial website. All other websites and URLs are run through the endpoint’s default web browser where those URLs are controlled by the latest browser security and endpoint controls.

Web Application

All of the CloudRadial infrastructure is hosted in Azure utilizing Azure’s exceptional security framework. We limit access internally as needed and restrict access through multiple layers of security. More information on our security is available at

Document and Engage

Security is no longer the responsibility of only vendors, partners and clients. Security is something all three groups must actively work together to achieve. Vendors to improve their security and enhance security offerings, partners to deploy their stacks correctly, and users to understand how their own actions can both prevent and identify threats.

CloudRadial’s information collection and archiving as well as its training tools help bring all the parties to the table to help shape strategies for the successful prevention, identification, and remediation of future breaches.

Security is too important to leave to any single entity. It takes everyone working together to create a workable solution. The MSP or IT provider role is more important than ever to create and manage this valued solution for clients.

Now Your Clients Can Manage Their Own Internet Activity with CloudRadial and ScoutDNS

Now Your Clients Can Manage Their Own Internet Activity with CloudRadial and ScoutDNS

In 2023, 90% of organizations across the globe experienced one or more DNS attacks.

Read More
From Client Portal to Unified Client Portal: Why the Difference Matters

From Client Portal to Unified Client Portal: Why the Difference Matters

If you’ve recently attended DattoCon or IT Nation or spent some time on MSP forums, then chances are you’ve heard some discussion about how client...

Read More
Why Every MSP Needs to Invest in Marketing — and How It Can Be Easier

Why Every MSP Needs to Invest in Marketing — and How It Can Be Easier

Have you ever stopped to think about how much marketing we digest daily? According to marketing experts, the average person sees between 4,000 and...

Read More