The Gately Report: ThreatLocker Growing Fast in MSP Industry Spurred by Zero Trust Adoption
A ransomware attack closed schools for multiple days in Michigan.
Shutterstock
Channel Futures: What’s the latest in terms of Threatlocker’s partner program? Any new opportunities for partners?
Danny Jenkins: So I think the big areas where we’re trying to help MSPs is how do you get this in front of your customer? How do you message it? If you think about this, zero trust is being pushed by the federal government, Cybersecurity Maturity Model Certification (CMMC) and all of these compliances coming down. So there’s loads of opportunities for MSPs to make money using compliance, implementing compliance tools, and we make it really easy. What we’ve done for our partners is we’ve got features like we will onboard you, we will sit on every single call with you. We have the 24-hour support within 30 seconds for our partners and we have marketing support. We have pre-drafted emails. We have hacking tools so you can show your customers the risk. And we’re constantly evolving that program. And whether you’re just a registered partner, a silver partner or gold partner, you get all of these benefits from ThreatLocker and we’re here to help you. And then we also do annual conferences In Orlando where customers can come down, they can learn, they can learn how to hack and they can learn how to do things like that. We do one in February every year, Zero Trust World. And that’s a great few days for partners and MSPs to educate themselves.
CF: Is zero trust catching on out there? Are more organizations adopting it?
DJ: Yes, because if you think about it, like when we started ThreatLocker, it was really a bit of a pipe dream that we could get people to think about security in a zero trust philosophy. And honestly, it wasn’t even called zero trust then. It was default deny if you like. But now it’s been branded a zero trust and it’s kind of the new philosophy. And to think five years ago there were no small businesses running things like ThreatLocker Allowlisting and and Ringfencing. It just didn’t exist. And now there’s 30,000 small businesses and that’s rapidly growing. I think it’s very obvious to the MSPs that this is important. Give it another year and if you’re not operating in a zero trust environment, you’re basically a break-fix shop that just has an antivirus on the machine.
CF: What are the potential roadblocks to adopting zero trust and can ThreatLocker help with those?
DJ: I think the perceived roadblocks are worse than the actual roadblocks. People often perceive this as oh, this is really going to be difficult, and it really isn’t. You roll out an agent and it was difficult traditionally, but with ThreatLocker we make it very simple. You roll out an agent. It learns. It replicates your customer’s environment. It saves what they’ve got and you can review it. We walk you through every single step of the process. To give you an example, I personally onboarded an MSP with about 1,500 endpoints and their first step was they deploy the agent. So they deploy to their own internal seats first. They tested it to make sure they liked it, then they deployed it to their customers through their RMM and that’s a half an hour call and it’s all done. Then we went over five calls over five weeks and we just reviewed, simulated the environment, made sure nothing business-related was going to get blocked and locked it down.
I feel like if you do the part you’re supposed to do, it’s zero to zero trust in five hour-long calls. We will have you from nothing to all of your seats in a secured mode. And then we’ll continue to improve and help with extra compliance, and help with extra controls put in place with you. If you need more than five calls, we’re here. So if you’ve got lots of endpoints, 30,000 endpoints, and you need 10 calls or 20 calls, that’s fine. We don’t charge you for those calls. And then we have quarterly business reviews as well once you’re live to make sure you are finding your policies and keeping up with the latest threats.
CF: Are there myths or misunderstandings about zero trust? What it means, what it does or doesn’t do, etc.?
DJ: Yes, there are. And the problem is that zero trust is not one product, it’s not one philosophy. It’s really a philosophy that means least privilege. Remember the old days when the cloud used to be called hosting? Zero trust is the new word for least privilege. And what it means very simply is only give access where access is required. Now, that could be nothing to do with ThreatLocker. It could be talking about you’re not in the payroll department so you can’t see the payroll database, that kind of philosophy. But in our environment, what we’re saying is zero trust endpoint security. We deny by default and trust by exception. But what it means is only allow what you need, only allow the software you need. And when you block untrusted software, you also block ransomware and malware, and scripts and other things like that.