03 Jun Google Chrome Record Breaking Vulnerability month of May proves why we can no longer offer an “Reactive” based I.T. Solution
Happy June! School is out and summer is officially here (Figuratively and literally). Please welcome Summer Robinson as our new Service Dispatch Coordinator! Today is Summer’s 3rd Monday, and there’s a good chance you have already talked to her! Her primary role is to be your advocate – to make sure we are assigning our technical resources to your tickets in a timely and efficient manner – and to make sure your immediate concerns are heard. She comes from a role at another company doing a very similar position, and we are excited about the boost in client service she brings!
Our Hybrid plan is no longer offered – and Chrome just proved why…
In Feb and March, I indicated that due to the issues of 3rd party vulnerabilities, effective June 1st we will no longer be offering the $20/month per endpoint Hybrid plan. This plan has been the staple of SOS Support since 2004! We have boasted the benefits of a mix of “reactive/proactive” support that the SOS Hybrid plan brings. However, Google and Forbes proved to us in May why we were ahead of the game in getting AWAY from this business model.
“For Google Chrome and its 2 billion-plus desktop users, May will go down as a month to forget: four zero-days and emergency update warnings inside 10 days launched a tidal wave of wall-to-wall headlines that were hard to miss.”
Full Forbes article copy/paste this link:
In a nutshell: We all love Google Chrome. It’s fast and integrates perfectly with our Google accounts, YouTube, and more. It makes logging in to apps via Google easy. It’s the most popular browser on the planet with a 65% market share across all device types.
Don’t think for one second that Firefox, Edge, or Safari are safe… They are not w/o their concern. BUT, the biggest fish gets the most attention. For example, even though Apple MacOS attacks are on the rise, you hear about them less because Windows still owns ~73% of the market share, and likely much higher for business computers, as this number takes into account tablets and portable devices in general (and most agree iPad’s are superior to Android tablets in a business setting).
But never in 20 years have I seen a statement issued by the US government mandating a 3rd party application such as Chrome to be “updated or removed.”
There were FOUR “Zero Day” emergency updates for Chrome in May.
This is 6x the average compared to the prior two years. CSOOnline.com puts it this way:
“Four actively exploited flaws in a single month is an unusually high number for Chrome, a browser that’s known for its solid security engineering and exploit mitigations. For comparison, eight zero-day flaws were found and patched in Chrome over the course of 2023 and nine in 2022.”
To loop back to WHY our Hybrid plan is not safe for YOU or US… We are only as strong as our weakest link (this is why phishing attacks are out to find the weakest link staff members of every organization!)… Because Operating System patches for Windows have been so effective at preventing breaches, attackers are looking for ways around – and this would be 3rd party applications.
At SOS Support we monitor all 3rd party applications for vulnerabilities in all of our Proactive plans (including the Hybrid plan)… But we can not remediate vulnerabilities without actually “doing work”… For this reason, we have rolled out the “MSP IT Unleased Lite” plan a few months ago, and several businesses have already adopted it who were previously on the Hybrid plan.
This is NOT a way to just “charge more money” – after all, if we were remediating all 3rd party vulnerabilities and billing for the time, we would likely be billing MORE dollars. We estimate with this plan ($50/month per endpoint vs $20/month) we are building in approximately 10-15 minutes of remediation support per month per system proactively. If we exceed 15 minutes, we do NOT charge more. This plan does NOT include reactive support – strictly PROactive support of the Operating System and all monitored applications on the computers.
If you are on the Hybrid plan and wish to migrate to the IT Unleashed Lite plan right away, Email me back and I’ll pass it on to make the proper adjustments or email sos@sossupport.net to schedule a Technology Business Review and our Business Review Consultant @Nick Wight will schedule a meeting with you to go over the details.
It is worth noting we are not “End of Life-ing” the Hybrid plan yet… But what we are doing is attaching waivers to invoices should you not choose to add the extra 15 minutes per endpoint to upgrade to the Lite plan. This is also a good time to consider moving to our currently/now most popular “IT Unleased 9-5” plan which includes unlimited support for all issues both PROactive and REactive!
Replay from Feb/March about these updates & the hourly price increase for Hybrid/Lite plans:
As your I.T. partner, our standpoint for the past 5+ years has been security first whereas for the first 15 years, we were efficiency/security equally balanced. This Security First approach only DEEPENS on the heels of the promises from China that they will become the world’s superpower by leading the way with cyber-terrorism.
What are we doing:
For this reason and others – SOS Support is altering some of our service offerings. Our Hybrid clients can stay grandfathered into that plan for the time being. However, there is an element of proactive support that every business needs (and the Hybrid plan doesn’t include unless billed hourly rates). This Proactive Support involves keeping applications up to date and monitoring for any, and all Operating System and 3rd Party Application vulnerabilities.
To accomplish this goal, moving forward we will no longer offer the “Hybrid” plan as it currently sits. This plan will be replaced with our “IT Unleashed Lite” plan which is $50/month per endpoint. This plan includes ALL proactive security remediation of endpoints managed and monitored without question. Any requested “Reactive” I.T. support will simply be billed at the hourly rate – but all proactive security remediation will be included in the plan.
As of June 1st, 2024, our hourly rate will increase to $175/hr. and the discounted rate will be $155/hr. for Hybrid/IT Unleashed Lite clients.
If you are an existing “Hybrid” client ($20/month per system) – you can stay in this until we “End-of-Life” (EOL) the plan. The EOL is not yet determined – but what WILL determine this is the more clients we have that are being affected by a lack of proactive remediation, or the more that refuse proactive remediation. NOTE: Moving forward you will start seeing a waiver on invoices for this plan that we recommend upgrading to IT Unleashed Lite or better.
My big-picture vision is to move all clients from any hourly-based support plan to any of our IT Unleashed plans, with the Lite plan being ONLY Proactive Remediation and the higher tier plan being all-inclusive for every I.T. need (proactive and reactive, onsite and remote).
——————————————–
Mailing Address Change:
Please send all mail correspondence to the following address and no longer to the Draper PO Box.
SOS Support
1098 W South Jordan Pkwy #106
South Jordan, UT 84095
——————————————-
For the latest cyber-attacks reports, follow these links:
https://www.cisa.gov/uscert/ncas/current-activity
https://www.csis.org/programs/strategic-technologies-program/significant-cyber-incidents
Thanks,
——————-
Jason Kidman
President
SOS|Support
801-563-9700
