As the creators of TrueCrypt swiftly and unexpectedly pulled their hat from the data encryption software ring, managed service providers (MSPs) that had monetised the free software as part of their portfolio were suddenly left scrabbling about for a replacement.
With one abrupt announcement, the no-cost and highly respected TrueCrypt product - which many MSPs had installed and managed on clients' systems - was labelled insecure by its own makers in the wake of the end of Microsoft XP.
Thus far the channel has seen no mad scramble by MSPs to supply a TrueCrypt replacement; no one is flocking to any one alternative. While the TrueCrypt rug was pulled out from under them, MSPs have kept steady feet.
And because whatever vulnerabilities the software may have are at this point still unknown and unexploited, MSP clients have been largely content to continue using TrueCrypt in the short term.
This has mostly been to the benefit of MSPs, positioning them to make wise and considered choices, beyond an environment of panic-pushing bad options, overcome by a wave of desperation. But make no mistake, MSPs must determine their successors in the near future, and plan how they will move clients to the new software.
If the cloud now looming over TrueCrypt were to darken dramatically - for example, if hackers were to demonstrate command of TrueCrypt's announced vulnerability and exploit it in a massive and public security breach - clients running TrueCrypt would indeed be worried, and MSPs unprepared for the event would see their collective hands forced.
But crisis can be another word for opportunity, and MSPs should recognise TrueCrypt's waning viability as one. If there is no good-quality free alternative, MSPs should compare the lower-cost options and select a more powerful one. MSPs should be able to easily justify any increased cost, both to themselves and to clients, with improvements in simplicity and security.
Managed encryption services are easy to make compliant - which the non-validated TrueCrypt could not. Encryption can be enforced and managed easily across every kind of device, from PCs and Macs to phones, tablets, and USB storage, whereas TrueCrypt required cumbersome technical activity to deploy and maintain across an entire enterprise.
Also, remote monitoring and management (RMM) is an essential offering, available from more robust services. With RMM a single admin tool can view and control access permissions for every device in an enterprise remotely, maximising visibility and simplifying management.
When a device is lost, stolen, or a contractor or employee leaves an enterprise on bad terms, RMM can rapidly remove access to compromised devices, and even remotely eliminate sensitive data when there is no better solution.
The remote management capabilities of these systems also ease remote assistance; support staff can access a user's screen and walk them through an issue. The RMM marketplace has grown a lot and consolidated of late, so there are more tools offering more remote delivery of services with more capabilities.
For MSPs and their clients, a wise investment may pay dividends. MSPs will also find that managed encryption services are in the business of making them look good in the eyes of their clients, with support, technical reports, and service packages designed to meet their needs and benefit everyone in the ecosystem.
Cam Roberson is director of marketing at Beachhead Solutions
Highlander MD Steve Brown tells CRN about the skills he learned on the pitch and brought to the boardroom
Reports suggest Dell is pursuing a straightforward IPO, contradicting existing plans to buy out tracking stock holders
Analysts predict upturn in PC market next year, but 2018 to remain plagued by components shortages
Neil Sawyer claims he has 'never seen so many conversations about a new method of investing in workplace technology'