Treat Wave alert! That’s right, it’s July and it’s time for another MSP Summer Treat Wave. This is Auvik’s third summer co-sponsoring the event so some of you know the deal but for those of you who are new, the MSP Summer Treat Wave is where 10 sponsor companies get together to give MSPs a whole bunch of very cool, very free items. This year, we’ve giving away several e-books, a conference pass, gift cards, a free sales training course, and a few other goodies.
Plus, when you join the Treat Wave to grab the free gifts, you’re also entered into a draw to win a $1,400 grand prize, which includes a Coolest cooler, a Kindle e-reader, an ice cream maker, Bose audio sunglasses, and lots more. To learn more and join, just hop over to auvik.com/treatwave and fill out the form.
or find us in your favorite podcast app
Today on the show we’ll be talking about more cool things. My guest is Ryan Orsi, Director of Product Management at WatchGuard. Ryan is a former MSP who also spent time at a wireless tech startup called DockOn.
Now he’s with WatchGuard and he’s been working on a very interesting framework for looking at Wi-Fi security. So we’re going to talk about what that framework looks like — it’s called the TWE, the Trusted Wireless Environment — and how you can use the framework to stand out as an MSP and generate more revenue from your client base.
But first, our 1 Thing segment with Canadian MSP Tim McBride, who leads Logos IT Solutions in Alberta.
1 Thing (#MSP1T)[02:22] Pick your tool stack very carefully including your PSA, RMM, and even bookkeeping software. Choose the tools you’d want to use when you’re big.
[03:04] If you start cheap, your tools will be inadequate and it will be difficult to scale.
[03:26] Listen to the big guys. Don’t have a small mentality. The big guys choose the name brand tools for a reason.
This New Wi-Fi Security Framework Brings Opportunity for MSPs: Interview With Ryan Orsi[04:33] The TWE is the Trusted Wireless Environment Framework.
[04:49] Ryan and a team of researchers at WatchGuard created the TWE as a technical definition.
[05:20] To date, there hasn’t been a standard way for devices to be secure with Wi-Fi.
[05:50] The framework defines threats we have to worry about. There are six threats we have to worry about and there’s a very black-and-white way to detect them and handle them.
[06:09] The framework was launched the last quarter of 2018.
[06:46] Industry feedback has been positive. People are generally interested in getting clarity on Wi-Fi security.
[08:27] WatchGuard is focusing their energies on getting the word out to MSPs. Businesses will be adopting this technology through the MSPs out there.
[09:22] WPA3 and the TWE are two different universes.
[11:06] The evil twin access point is a hacker changing their device’s name to a legitimate Wi-Fi access name and having people connect into it instead of the legit Wi-Fi.
[12:44] There are people doing evil twin attacks to themselves to test if a building or business has proper security. Search #TrustYourWifi to find examples. A high number of business are susceptible to this type of attack.
[13:49] That’s an untapped opportunity for MSPs to offer a service that can mitigate that threat and differentiate themselves.
[14:32] A Wi-Fi security audit can be done by checking for the six threats.
[15:15] Wireless intrusion prevention systems or WIPS can detect and prevent these threats.
[16:53] Threat number 2 is rogue access points where someone cables into the network. In these cases, you need to be able to see every device that’s on a network to know whether it should be there or not. Auvik is really good at this.
[18:24] Neighbor access points is threat number 3. This is where someone bypasses the legit business Wi-Fi and connects through an alternate SSID, perhaps to access an app that the business has banned.
[19:17] Rogue clients are victim devices infected with malware that are waiting for the device to connect back to the network.
[20:01] Threat number five is ad hoc connections. This is where someone connects through something like AirDrop to share files. Network admins lose visibility when filers are shared computer to computer.
[20:45] Threat number six is a misconfigured access point. Someone sending out a broadcast that’s supposed to be encrypted but it isn’t would be an example of a misconfigured access point.
[21:37] Get more information at TrustedWirelessEnvironment.com
[23:13] TWE should be part of a network assessment you run. Deploying one access point is all that’s needed to run the assessment.
[24:28] The TWE assessment is a wealth of valuable information for your clients and something you can monetize.
[25:32] Rogue access points are surprisingly common and not always malicious.
[26:25] Evil twins also happen all the time. Misconfiguration that could lead to security problems are common.
[27:18] MSPs should get educated on Wi-Fi security. There’s a huge gap—and a huge opportunity—in this area.