Sorenson Ventures: Why We Invested in Evo Security

Although large-scale cyberattacks on well-known companies like Equifax, T-Mobile, and SolarWinds make the biggest news headlines, that doesn’t mean the little guys aren’t vulnerable. In fact, Small-to-Medium Businesses (SMBs), Small-to-Medium Enterprises (SMEs), and the Managed Service Providers (MSPs) who specialize in managing the IT systems on behalf of these organizations, often face more risk than the biggest enterprises and highest-value targets.

The sad truth is that SMBs, SMEs, and their MSPs are now easy prey. They generally don’t have the tools, policies, procedures, and organizational awareness to protect themselves against sophisticated cyberthreats. Not to mention that cybercriminals—just like law-abiding businesses in legitimate industries—are increasingly automating processes to improve efficiency and reduce the costs associated with attacking victims and stealing information. The result is that SMBs and SMEs have become more vulnerable than ever before.

“We’re too small to be a target” has never been a sound security strategy for small and medium-sized businesses and enterprises. But today it’s an almost laughable security posture. Cybercriminals are smart, and hacking has become a highly professionalized business. Hackers know their paydays don’t depend on the size of the targets, but how much the victims are willing to pay to regain access to their data and systems.

According to Switchfast, 51% of small and medium size business leaders think their small size means they won’t be a target, yet 67% of SMBs were attacked in the last year by cybercriminals. Switchfast also reported that 60% of the small businesses which suffered an attack went out of business within six months. Clearly the impact of cybercrime on a small business can be devastating.

Unfortunately, cybercriminal sophistication is increasing much faster than the ability of small and medium size organizations to defend themselves. More and more SMBs and SMEs are relying on MSPs to help secure and protect their systems and personnel. However, MSPs themselves are also under constant threat and don’t have a comprehensive and easy-to-use platform to adequately secure themselves and the dozens, hundreds, or even thousands of client systems they are hired to manage and protect.

Check Point Research reports that attacks on MSPs grew 67% from 2020 to 2021. The rapid growth makes sense from a cybercriminal’s point of view. If a hacker can penetrate an MSP, they can gain access to the MSP’s systems and MSP’s client systems in a single attack. Even more unnerving, because of increased cloud adoption, SMBs and SMEs are often connected or integrated into large enterprises as suppliers and partners, making them both enticing and extremely vulnerable attack vectors from which they can penetrate the enterprise.

Source: Evo Security. Why It’s Time to Invest in IAM for MSPs. August 2022.

That’s where Evo Security comes in. Evo Security is an Identity and Access Management (IAM) cybersecurity company that has built a unified, cloud-based platform with the MSP and their customers in mind. Evo Security’s multi-tenant platform is purpose-built to protect MSPs and their SMB and SME customers at scale. It is easy to implement and makes it simple to manage identity security across internal MSP users as well as client users, while also providing MSPs with a new way to generate highly profitable revenue streams.

Evo’s flagship product, Evo Partner Identity Cloud (EPIC) TM, is an all-in-one Identity and Access Management (IAM) platform that gives MSPs a seamless and highly secure way to protect small and medium-sized businesses and enterprises from the most common cyber attacks that frequently exploit login and access vulnerabilities. EPIC includes multi-factor authentication (MFA), single sign-on (SSO), privileged access management (PAM), technician elevated access, password management, password rotation, unified directory services, and integrations with common MSP tools, among other critical security and administrative capabilities.

The Evo Identity MeshTM provides MSPs a single, scalable, multi-tenant way to simultaneously protect login credentials and apply least-privilege access across common endpoints, web applications, and network devices for themselves and their customers. Equally important, for the first time, it provides MSPs a convenient way to turn Identity and Access Management (IAM) into a highly profitable business center that can immediately produce new revenue with industry-leading margins.

Source: Evo Security. Why It’s Time to Invest in IAM for MSPs. August 2022.

Running an MSP isn’t easy. Managed Service Providers are faced with the constant challenge of simultaneously protecting themselves and their customers. It’s a complex and existential task. If the MSP fails to provide adequate defense, their clients suffer. Not to mention that MSPs need to provide the highest-level of protection while focusing on ways to profitably grow their own revenue and business.

In past years—when hackers were less sophisticated—the traditional MSP point solution-based approach to security might have been sufficient. Force-fitting enterprise solutions on MSP customers was another option that barely worked in earlier times. Today, however, neither of these messy and unprofitable approaches provides the protection or model required by MSPs. To be a successful IT service provider in a world that relies on software, data, and the cloud, MSPs need enterprise-grade sophistication combined with a lightweight IAM solution that is engineered specifically to help manage and secure client systems.

Evo Security has built just that. Their IAM platform provides MSPs, and their SMB clients, exactly what they need to survive and thrive in the modern economy.

We very much look forward to working with Michael Roth and the Evo Security team as it becomes the leading IAM platform for MSPs who are dedicated to building great businesses and protecting their SMB and SME clients.