Industry Incident Highlights Importance of Key Security Policies
ConnectWise recently confirmed a cybersecurity incident involving unauthorized access to its ScreenConnect cloud infrastructure. While the breach reportedly affected a limited number of customers and was swiftly addressed, the situation is another clear reminder of the ongoing risks facing Managed Service Providers (MSPs).
Read the full article via CRN: ConnectWise Confirms Cyberattack Targeting ScreenConnect Cloud
Although this event does not directly affect us here at Impact, it reinforces several longstanding security policies that we believe are critical to protecting both our customers and ourselves.
We regularly audit our vendors. Performing organizational and security audits on our critical vendors and configuring the products and services we use from those vendors in a ‘secure by default’ manner helps to ensure the risk to us and the customers we serve is minimized.
We do not publicize our customer relationships. The MSP sector is frequently targeted by cybercriminals seeking access to customer environments and data through us. By keeping client associations confidential, we limit the potential attack surface that could link our customers to us publicly.
We do not disclose our internal toolset. While vendors and third parties may ask about our use of specific products—for backup, endpoint security, email protection, and more—we do not share this information. Revealing details about our stack increases the risk of a targeted attack and compromises our operational integrity.
This recent incident, while contained, underscores a broader industry truth: even well-resourced vendors can be vulnerable. Vigilance, discretion, and disciplined security practices remain essential. We will continue to operate with the level of care and confidentiality these times demand.
If you have any questions about how we approach security or want to discuss how Impact Business Technology can help safeguard your business, contact us today.