Many managed IT providers believe that, no matter how hard you train the end users, they will still click the links, download the malware, provide account information, or simply send corporate money to the malefactors. End-user training is, indeed, not a panacea. However, it aims to decrease the chances of a successful attack or intrusion.
Every MSP wants to grow their business. One of the best ways you can do this is by expanding your services with existing clients. You have the advantage that they already know you and are comfortable with your support. The cost of upselling your current customers is lower than acquiring new business. Continue reading
Single sign-on, or SSO, helps companies improve business efficiency, while also providing security benefits. However, many companies -- especially those without large in-house IT staff -- lack the resources to implement an SSO solution themselves. Continue reading
In this video, we will review the functionality of administrators - entities that can be created to help you manage the MSP360 Web console securely.
Creating an Administrator
The email and password in the Settings / General tab form a root account for your MSP360 Managed Backup Service. They allow full access to all resources and settings in the MBS Web console and, for security reasons, we do not recommend you to share these credentials.
Instead, you can create an administrator account for anyone who needs access to your MBS Console. To do that, click the Users tab and find the Administrators section. When creating a new administrator, you should enter the email address and set a password. The email address of each administrator should be unique across all Managed Backup Services database.
As you can see, you can give an administrator permissions to control any aspect of your Managed Backup Web console. An administrator also can be limited to working with one or several companies. We recommend to give the minimum appropriate set of permissions to your administrative accounts.
Note, that administrators cannot be used as users. You cannot assign any licenses or endpoints to them. If you want a user with a similar email address to the administrator’s, create such a new user in the Users tab.
For security purposes, we recommend enabling two-factor authentication for all administrative accounts in the tab Settings, section General. Click the “Enable 2FA” switch and follow the instructions. This should be done for all administrative accounts separately.
Audit log allows you to review actions of your administrators and users. You can find this feature on the tab Users, in the audit log section.
That’s it. Now you know how to add Administrators to your MSP360 Managed Backup Services. If you have any questions, feel free to contact our pre-sales team.
User management in the MSP360 Managed Backup Service includes three entities - endpoints, users and companies. In this video, we will overview them.
Once you have installed and started the MSP360 backup software on the computer, it becomes an endpoint and is now visible in the Remote Management section of your MSP360 Web Console. However, to start a backup or a recovery process, you need to associate the endpoint with a user.
There are three ways to assign the given endpoint to the user:
- Go to the Remote Management tab, find the endpoint, and click the button “Add user”.
- Go to the computer where the backup software is installed and enter the username and password.
- Assign a user by using a command line interface.
To learn more about MSP360 MBS CLI, check out the web help section.
The user is a central entity in the MSP360 Managed Backup Service.
It contains credentials, information about storage destinations, storage limits, and settings for license availability. Here are facts and best practices about this entity:
- A user account can be any unique string or the email address of a person associated with the given account. It should also be unique across your MBS account.
- A user password can be reset at any time. However, if you reset your password, you will have to enter it on all endpoints associated with this user.
- When you create a user, you can select one storage account and one bucket. Later on, you can add more storage accounts and buckets when modifying the user.
- If set, storage limits will not allow the user to perform backup over the given limit.
- To perform backup and recovery, a user needs a license for each endpoint. When you buy licenses, they are gathered in your global pool. Your users, unless limited to the user pool, will activate licenses automatically from this global pool, which is more convenient from the management perspective.
- For security purposes, we advise you to create at least one unique user per client.
The email with instructions that can be enabled upon the creation of a user contains the username, password and links to the builds for the MSP360 backup software.
- One user can be associated with an unlimited number of endpoints.
- You can move an endpoint from one user to another. To do that, go to the Remote Management section, find the relevant endpoint, click the gear icon for settings, find “Edit”, and edit the account. Note that backups that have already been done won’t be moved to the new user and will remain with the old one. You will need to move or delete them manually.
A company allows you to gather one or several users into one entity and manage it. To create a company, go to the tab users, section companies. If you manage lots of users, it is convenient to group them into companies to simplify reporting, billing and license management.
Endpoints, users and companies are a hierarchical trio that serve to simplify user management and provide security to backup and recovery operations.
One company may contain many users, one user may contain many endpoints, and each endpoint should be assigned to only one user.
That’s it. If you have any questions about user management in the MSP360 Managed Backup Service, feel free to contact our pre-sales team anytime!
In this guide, we will cover security best practices for the MSP360 Managed Backup Web console and the backup software.
Web Console Security
We will start from the best ways to safeguard the Web console, since it allows you to fully control backup and recovery jobs, and your backup storage.
The root administrative account that is set in the tab Settings / General has full access to all resources of your MSP360 Managed Backup. We do not recommend you to share this account.
Instead, if you need to give access to the Web console to anyone from your team, go to the Users tab and, in the Administrators section, create additional administrative accounts with limited functionality.
There you can create accounts with granular permissions for various features of the MSP360 Web console. We recommend to give the minimum appropriate set of permissions to your administrative accounts.
In MSP360 Managed Backup you can enable two-factor authentication for all administrative accounts. To do that, go to the tab Settings, section General, and click the “Enable 2FA” checkbox. You will need to install Google Authenticator in order to be able to use it. This should be done for all administrative accounts separately.
Another security feature, IP whitelisting, allows you to narrow the range of IP addresses that can get access to your Web console. To enable it, go to the Settings tab and click “IP Whitelisting”. This feature is especially useful if your team works in the same area or you have noticed suspicious activity from a given range of IP addresses.
The end-user MSP360 Backup software allows users to manage their files and backups, and needs to be secure. Here are the best tips and tricks.
Update the Software
The latest versions of the MSP360 Backup software contain new and enhanced features, stability, and security updates.
Once the new version of the software is out, you will see a message on the main screen of your Managed Backup Web console, and on the Downloads slide-in. You will then need to create a new custom build.
To do that, click “Get newer version” or “Get More” and select the needed builds in the slide-in. In a couple of minutes, your builds will be ready.
Use Unique User Accounts
User accounts serve to authenticate your customers’ computers with the Managed Backup service. It’s best to use one or more user accounts per customer. You can set up user accounts by going to the Users tab. Don’t forget to secure them with a strong and unique password.
Encrypt Your Backups
MSP360 Backup software supports several data encryption options, including:
- Backup data encryption
- Backup file names encryption
You can enable these options from the Remote Management tab of your MSP360 Web console. Select the machine in question, add a new backup plan and find the section “Compression and encryption”.
You can also modify existing backup plans and add the encryption. If encryption options are changed, the user will be asked to choose whether to re-backup all files or not.
Alternatively to remote management, you can set encryption options on the endpoint software in the step “Compression and encryption” of the backup plan wizard.
Be aware that if the encryption password is lost, it cannot be restored.
Don’t Modify Backup Storage Manually
Don’t make any changes to the backup storage directly or using any third-party solutions. Any manual changes to the lifecycle settings or the storage, file modification or deletion may lead to the corruption of your backups. If you need to create a retention policy, backup, recover, or delete any files, use either the MSP360 Web console interface or the MSP360 endpoint backup software.
That’s it. Now you know how to maximize the security of your MSP360 Managed Backup Service. If you have any questions, feel free to contact our pre sales team.
Every sales process runs into objections from prospects, so you need to be ready to address a variety of questions and concerns. In this free whitepaper, David Galiata, an MSP sales representative, overviews some common MSP sales objections and shows how MSPs can deal with them. Continue reading
There are two main ingredients for building a successful managed backup service: a reliable backup software platform and a flexible, cost-effective backup storage solution.
Read our guide to find out how MSP360 Managed Backup and Wasabi Hot Cloud Storage can help you build a reliable and profitable managed backup service. Continue reading
A picture is worth 1,000 words, but when it comes to pictures that represent your MSP, they are worth so much more than that.
Here is the package of 17 MSP marketing graphics that you can brand with your logo and use to promote your services in social media, paid advertising, email, and other channels. Continue reading
The key to success as an MSP is to grow your customer base without increasing your operating expenses. Here’s the story of how a medium-sized MSP achieved that goal by leveraging the efficiencies of MSP360 Managed Backup and Wasabi cloud storage to power its managed backup services. Continue reading
When you’re choosing software to build a managed backup service, be sure to look out for hidden fees. That’s the takeaway from the story of LAN Systems, a midsize MSP based in the Atlanta, Georgia area that struggled with unexpected costs in its initial backup solution, prior to switching to MSP360 Managed Backup.
CloudReso provides managed backup services to hundreds of businesses. Given that the MSP was founded in 2018, turning to the cloud for its backup storage needs was an easy decision. Yet the company faced a more difficult challenge in finding managed backup software that fits its needs -- especially when it came to white-labeling its backup services in order to offer them under its own brand. Continue reading