Listen to the podcast here:
—
Watch the episode here:
What It Takes To Be A Successful MSP Owner | Charles Henson | CYBER Edition
I have something to ask you. Can you please share this episode with at least three people? We don’t promote and we don’t take sponsors. The only way we continue to grow is when you share this out, which means that we can help more people. The content that you read that you love, share it out, especially for MSPs, Managed Service Provider. What shaking, MSP audience?
I have an amazing partner and friend. I say partner because we were in a movie together a few years ago, and this dude is managing partner of Nashville Computer Inc. and advisory member at The 20 MSP, which is a collaborative amongst MSP. It does pretty cool things and participate in over fifteen publications. We were both in the documentary CyberCrime a few years ago. This dude is just an amazing father, mentor, speaker, Charles Henson, welcome to the show.
Thank you, Rick. I’m glad to be here.
I love everything that you’ve got going on and everything that we’ve done together too, and we started to get to know each other during CyberCrime at the premiere. It was like, “What’s up?” It was twelve people in the film. There wasn’t any filming together of the twelve people. The first time we saw each other was at the premiere, which was a pretty fun experience too.
I would never have thought I’d be walking on a red carpet in LA at a movie premiere. To me, they’re having so much fun with everybody. It was truly a blast and it’s something I’ll always remember.
Life takes fun turns. I was starting my IT career in glorious fashion at the Geek Squad. From what I know of you, you had an entry-level job at an IT company too.
Yes. I started at Nashville Computer. It was Intel computer back in ’88 and I started at ’91 as a part-time tech.
Did you start at the company you now own?
Correct. I now own the company. I’ll share this quick story. When I was interviewing at 21 years old, the guy said behind the desk, he reached out. He’s like, “What’s your long-term goal? What do you want to do in 5, 10 years?” I said, “I want to sit in your chair.” He said, “I don’t think you would like it over here. It’s not fun.”
I see this a lot because I’m acquiring 50 to 70 MSPs over the next couple of years. We’re going public here, but a lot of it is driven by the weight and the pressure that MSP owners and CEOs carry on their shoulders. They forget that this can be fun too.
You have to build the right team, have the right people around you, and get it to where you need it to be. Through the years, I became that guy for him. He was very comfortable sitting in that chair, as the business evolved and we started to grow it. We had a lot of fun and I’ll often tease that, “I spent more time with you than I did with my parents.” I was seventeen when I left home and joined the military and then I worked with him. It was 29 years when he retired.
Out of all the years we’ve known each other, I never knew that you were in the military. Thank you for serving. What branch?
It was Army National Guard, 11th Charlie, mechanized.
Were you ever deployed?
I never deployed. During that time, there was nothing going on. It was from ’87 through ’92. Nothing was going on. We didn’t have to go to Saudi Arabia. We were left out of it at the time.
You see a lot of this past years to where the National Guard has been deployed, especially with the George Floyd riot. A lot of the uprisings that we’ve had. I appreciate it because I know a lot of people always think of the military as those that are overseas fighting our battles for us, but we never forget about sometimes the unrest at home.
Even during the pandemic too. It wasn’t just keeping the peace during the riots that took place. It was also assisting in building these makeshift hospitals and making sure the traffic was flowing with them and everything was set up. It’s amazing. It’s a different branch that doesn’t get a lot of attention or conversation, but it’s equally as important because it’s everything that we need here at home from our military, where the National Guard is.
They had us volunteering doing certain things. These are the things that you never hear about that the National Guard does. There was a lot of rain and flooding and we went out and saved a bunch of farm animals from being stuck out. It’s funny when I think back, treading through the mud with a big pig in your arms. The things you do for people, that’s not what the National Guards but we were there, it was raining. The farmer called and was trying to find somebody to help him out because his animals were starting to go underwater, so we were there.
National Guard, it’s an extended branch in the military. There are guys that are at the ready. They volunteered. When taking the oath, we’ve sworn that we would protect our country and do whatever we need to do, and that’s exactly what we’re ready to do at any time. There are a lot of guard members out there, Air Guard and Army Guard. They’re at the ready. A lot of them you may work with, you may not even know it or they may be in your office building. Have some conversations with these people and you’d be surprised what you can learn.
I love your heart and I love the heart of our military too. I envisioned as you were talking about, I just imagined in my head, you carrying this big old muddy pig. It’s hilarious and it’s an interesting memory you have, but it’s the same thing. It’s like you’re doing whatever you need to do for society. I know it’s different because it’s a pig versus a human being, but some of the images that are coming out of Afghanistan, one that stuck out in my head was someone from the Marine Corps who was giving water to this worn-out Afghan child. She was a girl. Seeing that image both crushed my heart and filled it up at the same time.
That’s the heart of our military. You see these photos come out. I understand why people don’t want our nation to go to war or want us in any conflicts, and at the same time, stuff happens because there are bad people out there, and our military doesn’t exist to police the world. We exist as a lighthouse as a country, in my opinion, to show what humans are supposed to be and how to treat other humans. I’m very grateful when things happen, like you where you’re saving animals and where there are these images coming out of a place like Afghanistan in the middle of turmoil, it’s where we’re giving water to children.
It tugs at your heart.
It does. You were in the military as a guardsman and then you transitioned into the computer tech. How did that first ten years go for you? You said this was many years ago now. You weren’t owning it in the first ten years, weren’t you?
No. I was working as a tech. I lived in a small town and you could either work for a farm or you could work at the factory. I tried the factory work, third shift and I was like, “This is not for me.” I joined the army. I got the GI Bill and put myself through school here in Nashville. With that, they had a placement department and the company was looking for a part-time person.
I convinced them instead of letting me work in the mornings, I could work at the end afternoon. That was my first thing of convincing somebody to step out of what they wanted and allow me to step into a position. With that, I learned how to build machines and how to install operating systems. From there, it got into the network. You got to remember this was 1991. You were still running on the DOS system.
No internet. There was no email back then. That’s where I got started. The first ten years were getting in there, understanding how hardware works and troubleshooting IT. We started getting into networking and sharing of files and sharing of systems. Having started at the beginning, I have a big advantage over a lot of these young guys that come in where everything’s already automatically connected.
I worked with Novell. Many years ago, Novell NetWare was Zero Trust. In our world of technology, Microsoft came out with their Windows Server and it was like, everybody has full rights and we trust everyone, and then the admin would have to lock it. Novell had it several years ago when they said, “Trust no one coming into your network,” and have each person their own privileges.
I look back at that and I’m thinking, “We’ve gone full circle.” From the old AS/400 machines that were the main big brain sitting back in somebody’s office, and you walk up to the counter and it’s a dumb terminal. It’s a computer that does nothing except connect back to the mainframe. Many years later, we’re at cloud computing where you need nothing but a dumb terminal, a laptop or something that doesn’t perform, and you’re connected into the cloud where all the horsepower is.
When you think about how technology has evolved over the years, it’s cool to see that the guys are back and then we’re already forward and thinking about what things should look like in the future. Some of these big companies came in and they’re like, “We can harness that energy locally.” Technology took a sideways step for a long time and now we’re back on that trajectory to get back where there’ll be devices.
You’ll be able to walk into the airport and go to a kiosk by a machine connected to Wi-Fi and then have access to all of your files back to the office or in the cloud. When you think about where technology has been and how it’s evolved and where I’ve evolved as an engineer, it started out with the old AS/400 and Novell Zero Trust. It’s come a long way.
It didn’t have many cycles on it too. It completely comes back around because of Zero Trust. There’s a general entrepreneur audience that reads and Zero Trust is what Charles is saying. You literally don’t trust anything to come into your network unless you authorize it first. That was one of the points that I was making even on Bloomberg with the whole Kaseya Breach that took place.
There are software issues that are always present. They’re always going to be there. There’s no way that you can ever code perfect software right off the bat. There are always patches. There are fixes, corrections, updates and upgrades. All the way down at the bottom of this, in a supply chain delivery scenario, which this was but wasn’t, you’ve got the end-user that’s there, that’s using the software, but in the middle of these breaches were the MSPs.
That’s on all the global and national media that I did around this breach. That’s where I was placing the responsibility because MSPs still left their clients completely wide open, and to me, the MSPs are not even doing for themselves the things that they’re trying to sell to their clients. They’re leaving the doors wide open on themselves and not having the proper right protections in place. We’re a Kaseya user.
Even though we’re an on-prem user, we were a target for this. We saw the right things in place to where things like Zero Trust, with application whitelisting and those kinds of things. I’m getting a little technical for people here, but that’s like saying, “Only this stuff over here is allowed to do anything.” That’s Zero Trust. That’s how we were so safe.
Even to the point where our Kaseya server, which is completely separated from all of the other stuff that we have, whether it be cloud or on-premise, it’s completely separate, so it doesn’t interact whatsoever with our internal systems. It’s one of the best practices that was put out after the fact by Kaseya saying, “This is how you should structure your on-premise setup.”
It’s like it wasn’t Kaseya. They got breached. They had a hole in their software. That happens. The response was amazing, but then that middle layer, the MSPs is what you’re talking about that are missing out because of many years ago, the experience that you had to where you said that these guys with Novell got it right many years ago.
Look at Novell and BlackBerry. When you had a BlackBerry phone, there were no applications that you could install. Think about when you get a new computer. You get a new phone straight from the provider and Apple is really locking this down. They’re like, “You have to say whether or not you’re tracking their location.”
If you’ve got the latest update on your iPhone, it will ask you that. Imagine getting a brand-new Apple iPhone, and installing updates on it, and now any new app that you put on there, they’re going to ask you, “Do you want to allow it to listen in on your mic?” There’s a reason they’re asking these questions. You need to be thinking as a consumer out there, “Do I want to be doing that?”
For MSPs, if you want to protect your house, just jump on Amazon and buy the MSSP Playbook. The reason I wrote the book was because I had seen over 30 MSPs getting hacked. I told my guys. I went to the team and I was like, “How do we not be one of those 30 people?” The numbers kept growing. We work on trust. We worked with MSSPs.
I had interviews with people. I created a checklist for my own IT company to go out and harden our network security and trust nothing and set up two-factor authentication on everything. We looked at making sure that no password was ever duplicated on any device on any network anywhere. It took us six months to go through that.
As we were going through that process, I started documenting it. I started creating a checklist because I said, “This is a checklist that we need to use, not just for ourselves, but we need to go to every single client and make sure that they are not using passwords.” We’re making sure 2FA is on everywhere for every single client.
I use the analogy when you get on a flight and you put your oxygen mask on first before you put it on your child. For an MSP, you need to put your oxygen mask on. Get a SIM. Get advanced threat detection. Get a firewall this next-gen with DLP, Data Loss Protection in place. If somebody does try to send credit card information or social security numbers out of your network, the firewall is going to block it for you. There are so many things that you can do to better protect your business that you want a trusted advisor and an MSP. If you’re out there shopping for an MSP, ask them how do they protect their own home.
It’s like asking a carpenter. “What house do you live in?” If you’re building a home from a general contractor, it’s like, “Can I see photos of your house? Not just the outside. I want to see photos of the interior. Let’s see how this thing looks like. Can I tour your home and see how you do things for yourself?”
If they don’t have those policies and procedures in place, if they don’t have a runbook and the business continuity plan, not just a disaster recovery plan, but that continuity plan, if they don’t have those in place and they can’t show you what those look like, how are they going to better protect you? What’s going to happen when you get a breach?
If you didn’t catch it and you’re a Managed Service Provider, the MSSP Playbook is Charles’s latest publication. It’s on Amazon and you need to go pick it up. It’s a fantastic foundation and an amazing blueprint to help you. Years ago, we were making a huge transition because this industry cybersecurity is ever-evolving. Threats change, methods change, types of ransomwares change and there are just different threats that take place all the time.
When we enumerated this out years ago, back in those days, it was like, “Let’s just throw in some anti-virus and you’re good.” That’s obviously not the case. We looked at this at all the different attack vectors and all the different areas that need to protect a small and medium-sized business and comparing that to what the enterprise level stuff does like Big Boy and Walmart, to protect their systems.
We came up with something like 27 different layers that have to be in place just because of how things can get in. Some of that too who that is forgotten about, and this is something that I talk about all the time. There is the human element to this. No matter what you do, no matter how much prevention, protection, and all these tech tools that you have in place and install on the network, firewalls and applications, there’s still some dude in any organization that will click on any freaking link that he or she receives. That’s like, “Whatever. Why do we even care?” This person Johnny, over here or Susie over there, blew up our entire security by opening the gate, by lowering that drawbridge for somebody to come in.
That’s where the breach happens. I’m sure you address this in the MSSP Playbook, too and I use this phrase all the time. “The inevitable breach will always happen.” After that, “What’s your plan for when that does happen?” It’s an incident response plan. You’re talking business continuity in the world of cybersecurity. If you hire somebody that doesn’t have a clue as to what an incident response plan should look like, that’s not someone you want to do business with.
I’m just going to be blunt. Quite frankly, if you’re an MSP that’s trying to provide, “Cybersecurity services,” you’re going to be out of business because your self is going to be sued for everything, for loss of revenue and for business downtime, all of that, because you were negligent trying to provide a half-assed solution.
It’s overwhelming and this is where my heart kicks in. Stuff does change so fast and it’s very overwhelming for MSP owners, for people in our shoes, because there’s so much to keep up with. Especially, if you’re a smaller MSP, it’s very difficult if you’re just a one- or two-man shop. If you’re doing less than $1 million in revenue a year, there’s so much you have to try to cover. That’s where you can pick up your book or partner with somebody like my company because both Charles and I, everyone has good things going on for all MSPs that are out there.
There’s a lot of help out there. There’s a lot of noise out there too. There’s a lot of vendors that you can reach out too and everybody wants to sell your product. Find a partner that’s going to work with you and teach you. One of the things, and I’m not plugging Huntress here, but I absolutely love Huntress because they have their training for MSPs.
They set you up with a demo, they show you how to hack Windows, they show you how to think like a hacker. I’ve done demos and put them on LinkedIn using the tools that Huntress supplies for you because they’re a partner. They’re out there educating the MSPs on what’s out there. Not just, “Come buy our tool.” It’s not about buying their tools. It’s about educating the MSP space, and those are the kinds of partners you need to find out there.
Let’s give people a little inspiration because we just broke them down a little bit. Give them a glimmer of hope, too and that there are ways that you can build up and try to scale with the MSSP Playbook. There are ways that you can be a part of something bigger, like with my play trying to build a nationwide brand, with reach out, with the acquisitions we’re doing to give people a good home, their clients or customers.
I know this because we talked about this too. You were here for an event and that’s where we caught up like, “You need to come on my show. This will be awesome.” As we’re talking, this is a stage that I’m not in yet that you are, that you started diving into some real estate investments. From your success over the years, you’re now diversifying and setting yourself up for success after your success. Tell me a little bit about that.
At the time, my wife and I were about to get married and we were looking for a home. My father-in-law and mother-in-law were like, “You guys aren’t going to pay rent. You’re not just going to waste your money and pay somebody else’s property. We want to help you get that first home as soon as you get married.”
We’re driving around and the real estate agent shows us this property. You got to remember this was back in 1991. We looked at this property and it was $24,000. It was a middle unit of a quad and we’re looking at it and we’re like, “I don’t know if I like this. You got neighbors on each side. It’s almost like an apartment living.”
I remember my father-in-law telling the real estate agent. He said, “If they don’t buy it, I’m writing a contract.” I was like, “Why would you buy this house? You already own a house.” He said, “I can make rent off of this.” In 1991, he bought the house for $24,000. At the time, it was rented for $550. I think it rents for $1,250 now. Think about that ROI.
One of the things that happened was it made me start thinking. He’s right. I’ve always paid rent. I’ve always paid somebody else. They helped us buy our first rental property. Back then, it wasn’t the best neighborhood, but it was in a decent neighborhood. We bought the house for $72,000 at an estate sale. I spent $13,000 fixing it up and it’s worth over $500,000 now.
That thing is available for people if they’re willing to take that risk. What we did is we ended up going with a 15-year mortgage instead of a 30-year because we wanted to get it paid off sooner. If you fast forward, we owned up to seven units at one time. We went back down to four because some condos that I bought at a sweet deal using owner financing. That is a thing and it is available out there for people to have a conversation about. You can do owner financing and set up a note with the people that own the property and then you can rent out that property. That’s exactly what I was doing and I was cashflowing that monthly rent.
You got to set aside the funds for when the HVAC goes out, when the roof needs to be repaired when the plumber needs to be called or the locksmith at 3:00 in the morning because somebody is drunk and broke the key. There are things that you have to look at, but there are so many advantages. I can tell you, owning real estate for years, I’ve had very few of those calls. Everybody always thinks the worst. You set those funds aside and you set your money aside for when that rainy day is there, when that system breaks and when you need to do some upgrades in the house. I have a rule of thumb. It’s that we do 1 to 2 upgrades between every tenant.
If a tenant’s moving out, we’re upgrading the bathroom, kitchen or replacing some flooring. We’re doing some upgrades to make it a better property. Two things happen there. Number one, you’re maintaining your property. It doesn’t get old. You don’t become indebted for all the stuff that has to happen after you’ve not been doing maintenance. Number two, you can charge more rent because now it’s been updated and it’s newer.
I have a deal that I’m working on. It’s in Michigan and the guy is doing owner financing. I’m working with a title company to set the closing date, and I’m going to be flying up to Michigan. I’m going to sign the papers and he’s doing owner financing on it. I’m going to rent that property out and it’s going to be paying that mortgage. It’s going to be paying somebody else’s.
If you don’t think that this can happen, I can tell you that the house that I’ve bought for $72,000, I made one and a half mortgage payments on it. That was because it was empty while I was doing some renovations for one of those months. The other one just didn’t rent for a couple of weeks. Those are the one and a half mortgage payments I paid on that property.
When you think about the ROI that you can get from investing in real estate, it’s huge. I will tell you just as a tip, that a single-family home is not as good of an investment as a multifamily. I would much rather own more of the duplexes that I own than the single families, because for a duplex, if one side goes empty, the other side is still generating money.
When the house is empty, the house is empty. There’s no money coming in. That’s my real estate tip for you. Get out there, take the risk, take the chance and get you a mortgage. If you’re not comfortable with a 15-year, get the 30-year and then do your due diligence on paying more and paying it off early. I’ve never had a mortgage loan go full-term. Why would you? Just go out there and pay it off as quickly as possible. Add money to it and you’ll be surprised how soon you can pay one-off.
You’re saying set aside money for when the HVAC goes out or when there are maintenance repairs that have to happen. Do you set a specific percentage? What’s the average amount of rent? We’ll just say $2,000 a month, so it’s $24,000 a year. How much would you set aside for those 1 to 2 upgrades if a tenant stays 1 or 2 years?
This is the way I run it. I leave all the money in the account. When the rent is coming in, just pretend it’s not even cash. It’s not even your money. You can’t spend that. That goes toward the rental properties. At one time, I remember the first quadruplex. The new roof for that thing cost $10,000. I remember having $25,000 in the bank going, “That’s half the money, but I won’t have to do this again for another 25, 30 years.”
It’s a big expense, but it only happens every X number of years. My advice, especially if you’re getting started out, is to treat this as a business and don’t let that money mingle into your daily life. Don’t take that money out of the account. Set up a separate bank account. All rents and deposits go in there so that you have that so that you can give it back to them, and all your repairs get paid out of that. It’s a tax write-off as well.
I’ve had real estate experts on the show and they’re all gung-ho. I’m talking about building multi-million-dollar portfolios and all this. That’s their life. I love your approach to this because you don’t even have to be like a real estate tycoon or even a 1%-er or to do exactly what you’re doing. It’s an approach that anybody that structures and manages their finances appropriately can dive into. Rather than all these frivolous things that money is spent on, you can invest in real estate and start to build up a rental property, maybe one every two years or so.
I’ve always had this 401(k) Dad program that I’ve done with my kids is. If they want to buy a new gaming system, I’ll meet them halfway. If they want the money, they got to get there. If they want a car, I’ll meet them halfway. What I did when it came to them ready to move out was I helped my daughter get a duplex.
The way the duplex works is she lives on one side and the tenant lives on the other. Guess who’s paying the mortgage? The tenants. My daughter has upkeep. She has other things that she needs to do, but I’m setting my kids up to where they don’t have to step in and immediately be in debt. They don’t have to go out and struggle the way that I did.
If I don’t work the full 40 hours, I’m not going to be able to eat and pay my rent. I want to make sure that I can do that. Think about what you could do to help your kids, even if you bought a duplex and rented it out, and then use that cashflow to pay for their room and board while they’re going through college. Once they get out of college and they’re getting ready to start their career, maybe you turn the house over to them.
It’s an income producer for them too.
I get my kids involved to make sure that they’re paying the taxes, so they know what needs to be done, and then also making sure that I’ve asked the questions of, “If I gave you this house today and you could sell it for $250,000 or make $2,500 a month, which would you rather do?” They always say, “I’d rather have the $2,500 a month because I can keep making money on that thing for years.” I’m like, “Great answer.” It’s a great opportunity to educate and talk to your kids about this stuff as well.
Before we sign off, I appreciate your insights on that because it’s a father’s advice. My kids are involved in pretty much everything that I do. My kids even get a salary from the company because of the work that they do. My son learned Adobe Premiere, which is what CyberCrime was edited in. It’s made to edit full-length Hollywood feature films. It’s completely professional, and he’s the one that’s doing all the editing in Adobe Premiere and is working for the organization doing that.
He’s learning and he’s got more money than any of his friends. It’s cool, but then it’s teaching him financial responsibility. It’s allowing him to be able to build something for himself. He was like, “When I’m 18, I can buy a house.” I’m like, “Yes. You can.” He’s already thinking ahead like you. You’re getting them involved in things that are going on and showing them what life can be. You’ve got something else that I want to bring up before we finish here. It’s Password Guardians. We’re talking before and you’ve got so much that you’ve got going with the MSSP Playbook and Password Guardians. What are you doing with that and what is that exactly?
Password Guardians is pretty simple. I joke about this. Somebody said, “I can’t remember my password,” and I said, “Let me go look on the dark web and see if I can find it for you.” A lot of times, the passwords were out on the dark web. It’s no fault of our own. We went to LinkedIn and we signed in. We used the password and LinkedIn let that leak.
It’s the same thing with Facebook, Dropbox and all these different programs out there. These platforms out there, they’re giving away your password. What Password Guardians does is it ensures that you are practicing good password hygiene. It’s monitoring the dark web for your passwords. It offers email phishing. We can test your company and your employees to make sure they’re not going to click on links they shouldn’t, and then there’s on-demand training.
It’s ongoing training to make sure that your people can and do get the cyber training that they need. If somebody does pick up the phone and call, then they’re not going to click on that link. The way I like to look at it is two things. If you take your car to the mechanic and you hand them all of your keys, don’t you want to know that they duplicated your keys before they walk into your living room? They made a duplicate of your house key or your office key. They have that information because they know where you live because you fill it out on the paperwork. Password Guardians is going to look on the dark web to see if anybody has a duplicate of your password out there.
Number two is the phishing and the link clicking, the on-demand training we talked about. You said we could put all these firewalls in place, advanced threat detection and all this stuff, but if a user clicks on a link or they get a phone call and the hacker tells them which website to go to, it allows them to remotely control that machine.
The way I see that is, it’s like your kid opening up the bedroom window and letting a friend come in. They may not be a foe, but it’s somebody that you didn’t invite into your house. With that, we want to make sure that you were teaching the employees not to open those windows and not let somebody come into the house. Don’t click on those links.
It’s a great tool to be able to better protect your business and make sure that you know that your employees are getting the training. Test them to make sure that they’re watching and listening to the training, and then know if or when your passwords are compromised so that you can make a change immediately before somebody else is in your system.
The awareness and education part are so huge now. If you’re reading, here’s the brutal truth about this. There’s a movement now with insurance companies that will not provide organizations cyber liability insurance anymore, which means if you get breached, you’re up a creek. You have no financial reimbursement for the damages that you’ve suffered from that breach.
If it’s money taken out of your bank accounts, if it’s some intercepted wire transfer that one of your people fell victim to, they were gullible enough to click on the link and think that they needed to send $250,000 to this fake vendor that doesn’t even exist. They sent it to the hackers. Someone gets in your network. You’re down for business. You have ransomware. These insurance companies are starting to say, “If you do not train and educate your employees on not to click on these links, which is cybersecurity awareness training, if you don’t have that in place at your organization, you are not eligible for the cyber liability policy.”
There will be audits that are coming up, too, where they will go back and ask these questions for those who have it. It’d be like, “Are you doing this? When’s the last time you completed it?” Just like something with HIPAA, but that’s government regulated, but now insurance companies are saying, “If you don’t train and educate your people in cybersecurity awareness, we will not cover you.”
If you have a conversation and you talk about cyber liability, they’re going to send you a questionnaire. Depending on how you fill that out and the regulations or the Checkmarx did you use, underwriting may not approve you if they do a preview. At the end of the day, insurance companies want your money. They want you to pay them.
They’re not going to be able to payout. Here’s the thing, let me ask you. Do you think if you pulled up to a gas station and you left your car running and you went inside to get a drink or use the bathroom while you were filling up and you came out and your car was gone, do you think your car insurance would cover that theft? Do you think they’d say that was negligence on your part?
That becomes the choice of the underwriter. I would feel it would be negligence.
It would be, and that’s the same thing going to happen. You get cyber liability insurance and you’re not doing the training. You’re not putting the proper tools in place. You’re not putting the proper firewalls in place. They’re going to say, “You didn’t lock down your system the way you should have.” You aren’t using 2FA. Your IT provider is the one that’s at fault here, not you. We’re not going to have your back on this and we’re not going to pay your claim, and then the MSP is looking at, “I didn’t do my due diligence, so now maybe I’m the one getting sued.”
It’s going to trickle down the line because, at the end of the day, somebody pays. Whether the insurance company or it’s the company that was breached or it was the MSP that was servicing this company. One of those three is going to pay. I appreciate you being on. We can find all the information about the MSSP Playbook and Password Guardians in NashvilleComputer.com.
MSSP Playbook is on Amazon and then Password Guardians is at PasswordGuardians.com. Nashville Computer is the IT company here in Nashville and in Michigan.
You bought that after you started working there as an entry-level IT person. That’s amazing. Charles Henson, thank you for being on the show. I appreciate you.
Thank you, Rick. I appreciate you.