Author Archives: Megan Carnes

Welcome back to another installment of our “Thrive Spotlight” blog series.

Our featured employee is Matt Chabot, EVP of Technology. He oversees the technology that optimizes clients’ business application performance with Thrive’s NextGen Platform of Cloud, Security, Networking, and Business Continuity services powered by ServiceNow’s automation and self-service capabilities.

Matt lives in Andover, MA, with his family. In his spare time, you’ll find Matt exploring the outdoors, hiking and biking in the summer and snowboarding in the winter.

Hi Matt! Can you tell us about your background and how you came to Thrive?

I started in IT by joining the Boston College help desk during my Sophomore year and then started assembling and selling computers out of my dorm room a year later. After graduating, I began working full-time at Innovative Networks and, shortly thereafter, became a founding partner and eventual CTO of Tier1Net. Over the next 20 years, I helped build Tier1Net into one of the most well-respected MSPs in Boston.  In 2019 Tier1Net was acquired by Thrive and now I have the pleasure of helping to build the most well-respected MSP in the world!

What do you most enjoy about working for Thrive?

Every day I learn something new from the talented and dedicated teammates I have at Thrive and truly love working with them to help scale Thrive’s processes to meet our rapid growth rate.

Any recent exciting projects at Thrive that you can tell us about?

I geek out over automation and was excited when we recently automated a critical step in Thrive’s process to onboard new customers into our Endpoint Security and Response service offerings.

Are you interested in learning more about Thrive? Click here!

And don’t forget to follow us on Twitter and LinkedIn for the latest news and continue checking our blog for more in our “Thrive Employee Spotlight” series. Until next time…

Perimeter 81, the rapidly-growing converged network security, Zero Trust Networking Access (ZTNA) and Secure Access Service Edge (SASE) leader, named Thrive its Top Q1 Partner for 2023.

Thrive received the award at Perimeter 81’s recent Summer Partner Kickoff.

Thrive partners with the industry’s best-of-breed channel and technology companies, including Perimeter 81, allowing us to build, deliver, and support NextGen managed services that our clients can rely on.

Perimeter 81’s robust and scalable Zero Trust security stack is part of Thrive’s deep and comprehensive portfolio of cybersecurity and NextGen managed services that protect clients in an increasingly dangerous cyber landscape with its reliability and resilience.

Thrive seeks partners that push the limits of security innovation and who help us continue to best serve our clients today and beyond.

We are thrilled to be recognized by Perimeter 81 for unlocking new opportunities and driving positive change throughout the IT channel.

Congratulations to all the fantastic partners who received their well-deserved awards for being the MVPs of the first half 2023. Click here to see a complete list of those recognized.

Recent news of a massive cyber ransomware attack on a significant UK business has created one of the largest known impacts on UK businesses and consumers.

This attack by a notorious ransomware group on the major UK outsourcing company Capita continues to impact hundreds of thousands of people three to four weeks after being first reported.

This blog details the attack and its consequences and offers thoughts on how smaller businesses can prepare for these risks.

What happened?

In March, Capita publicly admitted that it had become another large organisation that was the victim of a targeted ransomware attack. Capita is a business that runs core services worth billions of pounds for government and high-profile private industry, including local councils, the NHS, the military, the BBC and pension funds. It operates the UK’s largest pension fund and private schemes for many large organisations. This cyber attack compromised Capita’s most profound IT systems and threatened the personal details of hundreds of thousands of pensioners whose data was stolen.

More than 90 large organisations have reported breaches of personal information from this attack. The victims include companies such as the Royal Mail and Axa, which have millions of policyholders, and the UK’s largest pension fund, the Universities Superannuation Scheme (USS). The USS alone has gone on record to publicly confirm that the cyber breach has affected over 470,000 individual policyholders, with serious data breaches of their names, birthdates, and National Insurance Numbers. This type of personal data breach can result in identity theft or at least enormous inconvenience and concern.

The nature of Capita’s business support structure means that by accessing Capita’s systems, hackers potentially could access many of their suppliers, business customers and individual consumers whose data is processed daily by the company. As the impact continued, The Pensions Regulator (TPR) advised over 300 of its pension funds of this potential data theft and then other pension schemes administered by Capita. This included hundreds of private sector pension schemes belonging to employees of Marks and Spencer, Diageo, Unilever and Rothesay, who had to step in and take preventive and emergency action in warning their members that their data was likely to have been stolen.

Rumour of a £15million ransom

After being made aware of the attack, Capita decided that the best course of action was to pay the hackers a ransom fee to protect the data, which the company needs daily access to so they could carry out business.

Creating a responsible business repatriation plan must have been a significant risk for the business, whose core business is the processing of other companies’ personal and private data relating to individuals. This took longer than hoped with many people feeling angry that there was a lack of speed and transparency. Capita did not publicly acknowledge the extent of the attack until April, having initially denied that any customer data had been compromised. The magnitude of the impact caused the Times to call Capita’s response a “crisis.” The CEO of Capita, Jon Lewis, then confirmed it was “a sophisticated cyber attack.”

Who was behind this?

Responsibility for the attack was publicly claimed by a known cyber threat group called Black Basta, who started to sell Capita’s data via the dark web. This included the bank account details of 152 businesses, scanned images of passports, application forms from individuals for teaching positions and security vetting data. By proving they had this type of data, Black Basta clarified how much valuable information they had managed to steal. Other data allegedly listed for sale included a Capita Nuclear document, the internal drawings of building floor plans and documents marked confidential.

This data implies that the cyber attack had penetrated deep into Capita’s internal IT systems. With customers that include the NHS and the Department for Work & Pensions, the data breach will likely have included highly sensitive data that would greatly benefit criminals.

Black Basta/ BlackBasta

These cybercriminals are a known ransomware group that has only been around since 2022 but have rapidly become one of the most active threat groups, targeting 19 large businesses with over 100 confirmed victims. Targeting companies in multiple countries, but typically in the US, Japan, Canada, UK, Australia, and New Zealand, they use a double extortion technique. This means that once stolen, they encrypt the stolen data before threatening to publish or sell the data for a ransom of millions of pounds.

The implications of the Capita cyber attack highlight the urgency for organisations to prioritise robust cybersecurity practices to safeguard sensitive information and mitigate the damaging consequences of data breaches.

Businesses holding personal data, mainly where they conduct processing on behalf of their clients, must have a clear cyber assurance strategy. Planning and rehearsing against such attacks in real-life simulated cyber attack training, using real-world examples and multimedia inputs to create a real sense of urgency, is something that businesses in the critical national infrastructure have been doing for years.

It is now time for small to medium businesses to take the risks of cyber attacks seriously and to plan and protect against them. Thrive can help design, plan, rehearse, and test your cyber attack strategy and make sure that your staff are put to the test. Hence, they are as prepared as possible for a cyber attack that might look insidious on the surface but could have a material, significant impact on your business.

Talk to Thrive. We are a trusted cybersecurity expert and an accredited Managed Service Provider and can offer your business the Next Generation of Managed Services.

Contact Thrive today to learn how we can help your business stay secure in today’s digital age.

Thrive, a premier provider of Cybersecurity, Cloud and Digital Transformation Managed Services, announced today the acquisition of IT Freedom, a technology managed services provider based in Austin, Texas. The acquisition extends Thrive’s NextGen Managed Security & Services Platform into Texas and will enable IT Freedom’s clients to securely accelerate their Digital Transformation journey to the Cloud.

Thrive has been seeking companies in Texas to build out its presence in the southern part of the country after it bought MSPs in Florida a few years ago, said Rob Stephenson, CEO of Foxborough, Massachusetts-based Thrive, which has about 29 offices across the U.S., as well as in Singapore; Sydney; the Philippines; and the U.K.

Your state, local, or educational (SLED) organization may be operating on borrowed time if you don’t have a business continuity and disaster recovery plan in place. Natural catastrophes have never been more threatening than they are right now. According to the US National Oceanic and Atmospheric Administration (NOAA), 20 separate weather and climate events caused at least $1 billion in damage in 2021.

At Thrive, we understand you require an IT infrastructure that is strong, secure, and resilient. That’s why our solutions provide customers with several advantages, including safe, dependable business continuity and data recovery.

A disaster recovery plan (DRP), in its simplest form, is a collection of guidelines, tools, and processes designed to change how critical technological systems and infrastructure are restored or maintained following a natural or man-made disaster.

The terms disaster recovery planning (DRP) and business continuity planning (BCP) are frequently used interchangeably.

Disaster recovery plans focus on the steps that must be taken before, during, and after a loss. In contrast, BCP is the preventive process set up before managing a disaster.

Unplanned downtime examples include:

• Cyberattacks
• Hardware failure
• Software failure
• Power outages
• Data corruption
• External security breaches
• User error

At Thrive, we keep your infrastructure operational.

The following are five advantages Thrive can provide for your BCP:

1. Minimal Data Loss, Fast Recovery. For protection against incidents that could completely disrupt regular business operations, Thrive offers NextGen IT business continuity solutions that minimize data loss and offer quick, automated recovery of essential systems. Thrive’s Cloud-based Enterprise-class business continuity solutions are ideal for organizations of any size. They are tested and proven DR solutions to meet demanding recovery objectives.
2. Priority Restoration Approach. An essential part of an effective business continuity plan is identifying your company’s mission-critical deliverables, prioritizing restoration, and conducting a proactive risk assessment to determine key risk factors that can disrupt processes. To guarantee that the response tactics and data security techniques stay relevant, Thrive’s disaster recovery plan, which includes a BCP framework, is most successful when updated and tested regularly.
3. Cost Savings. Developing and executing a DR plan is often limited due to budget, technology, resources, or the availability of skilled professionals onsite. That’s where Thrive comes in. Our Disaster Recovery-as-a-Service (DRaaS) offering is a cloud computing service model that allows an organization to back up its data and IT infrastructure in a third-party cloud computing environment. This makes it possible to regain access and functionality to IT infrastructure after a disaster.
4. Rapid Deployment.. Thrive’s Disaster Recovery-as-a-Service (DRaaS) provides virtually no data loss and costs less than increasing the recovery speed of the current provider. The Thrive team can virtualize physical web servers and set up shadow servers in a Virtual Private Cloud.
5. Monitoring 24x7x365. Thrive offers complete access to our Network Operations Centers (NOCs), which are staffed by senior technicians and disaster recovery experts and accessible 24x7x365 to implement your DRaaS plan in the event of a disaster or an emergency. Our specialized monitoring and alerting procedures safeguard your vital systems and data.

Thrive’s business continuity and disaster recovery (BCDR) solutions assist our clients in being prepared for the worst.

Contact our team today to learn more.

Welcome back to another installment of our “Thrive Spotlight” blog series.

Our featured employee is David Minkoff, Executive Vice President of Corporate Operations. David oversees Thrives centralized services that help support clients 24×7.

David calls Bucks County, Pennsylvania, home. He’s an avid Philly sports fan and rarely misses a game! In his spare time, he enjoys spending time with his wife of 24 years, his 21-year-old son, and three dogs.

Hi David! Can you tell us about your background and how you came to Thrive?

I’ve been working in IT since the mid-’90s, starting off doing technical work for a few years before moving into management. I have been working in the MSP space since 2008 where I have been ever since.

In a previous company, I worked with some of the Thrive leadership team and other employees, so I was familiar with Thrive before joining the company in January 2022. When I received a call to work at Thrive, I jumped at the opportunity to work with this amazing team again.

What do you most enjoy about working for Thrive?

That’s an easy one, everyone at Thrive! There are no egos, and everyone has the same goal, to do what’s best for our employees and clients. Everyone is willing to roll up their sleeves and help when needed, which is why we have the best clients, many of them long-term.

Any recent exciting projects at Thrive that you can tell us about?

One of the highlights throughout my career has been the ability to help and support bringing in entry-level IT employees and allowing them to grow and advance their careers within the company. So recently, when Thrive announced that they wanted to launch an Apprentice Program, I was excited to be part of this project.

In this program, Thrive works with colleges in the areas near our offices to bring in full-time apprentices for entry-level jobs in technology. The apprentices work onsite with Thrive mentors for training, support, and certification guidance to help them reach their career goals.

Are you interested in learning more about Thrive? Click here!

And don’t forget to follow us on Twitter and LinkedIn for the latest news and continue checking our blog for more in our “Thrive Employee Spotlight” series. Until next time…

Thrive has again been named one of the world’s best-managed service providers in the prestigious 2023 Channel Futures MSP 501 rankings.

The 2023 Channel Futures MSP 501 list honors the world’s top managed service providers for their growth via recurring revenue and innovation while in a volatile economic and unpredictable business environment.

This year’s list is among the most competitive in the survey’s history. Thrive ranks #21 on the 2023 Channel Futures MSP 501 rankings, up from #50 in 2022.

The MSP 501 ranking doesn’t award MSPs solely on their size and revenue. It evaluates organizations based on annual sales, recurring revenue, profit margins, revenue mix, growth, innovation, and supported technologies during the previous year. The study also acknowledges the business acumen, best practices, and trusted advice they deliver daily to customers.

MSPs worldwide considered 2022 a key year with increases in SMB investments, cloud computing for the hybrid workforce, automation, AI development, M&As, and MSPs who excelled as frontline employees became trusted business and technology experts. The providers on this list demonstrated a commitment to moving the MSP and the entire channel forward while driving a new wave of innovation.

Winners will be recognized on the Channel Futures website and honored during a special ceremony at the Channel Futures Leadership Summit on Oct. 30-Nov. 2, in Miami, Florida.

Congratulations to all of the 2023 winners!  Click here to see a complete list of those recognized.

44% of government agencies have said they experience cyberattacks daily, with the pace of breaches accelerating, according to researchers.

While cybersecurity remains the biggest IT challenge and area of investment for government agencies, cybercriminals are leveraging the vulnerabilities and targeting poorly secured systems to attack critical services.

Essential public services like 911 operations and police and fire departments, could be shut down if a ransomware or malware attack occurs. Additionally, even if you pay the ransom, you may not get your files back, and if you’re an agency in a state that prohibits paying a ransom, then you won’t even have that option. This can hinder the accessibility of vital emergency services that communities rely on.

The following are the main risks to government agencies:

• Lack of affordable cybersecurity talent
• Outdated legacy IT systems
• Malware attacks
• Phishing and social engineering attacks
• Regulatory compliance requirements
• Lack of basic cybersecurity training

Cloud security can help combat these threats with a set of policies, controls, procedures, and technologies that work together to protect cloud-based systems, data, and infrastructure.

Thrive has experience helping agencies and organizations in the SLED sector mitigate critical threats.

• Thrive’s 24x7x365 Security Operations Center is staffed with cybersecurity engineers to protect your mission-critical infrastructure.
• To avoid data loss, Thrive advises your organization to back up its data to an impartial third party.
• To reduce susceptibility, Thrive collaborates with your organization to detect security flaws.
• To identify cybersecurity threats, Thrive builds a long-term strategy by learning about your organization’s goals, people, procedures and technologies.
• Thrive delivers tailored security-managed services to protect your organization while reducing cyberattacks.

At Thrive, we have 700+ technical resources and IT experts with a cumulative 3,000+ years of experience managing security for educational institutions of all sizes, using the best technology to safeguard your network from online threats.

Don’t wait, contact us to learn more.

Did you know that 81% of healthcare executives say the pace of digital transformation for their organization is accelerating? In addition, 93% report they are innovating with a sense of urgency and call to action.

More Healthcare organizations are using the Cloud to process enormous amounts of healthcare data with real-time access to medical information.

However, despite the growing popularity of Hybrid Cloud deployment, many hospitals still use outdated software systems that have been patched repeatedly.

That’s why healthcare providers are turning to Thrive to tap into the full potential of the Cloud while maintaining compliance and security and reducing costs..

Take your healthcare organization to new heights with Thrive.

1. Reduced CapEx Spend  When partnering with Thrive, your healthcare organization won’t need to pay upfront costs for expensive infrastructure and hardware. Thrive also helps you eliminate hidden operating costs and reduces downtime to keep your business running.
2. Efficiency Hybrid Cloud delivers flexibility and can be engineered to meet all HIPAA and HITECH compliance requirements. It reduces overlap in processes and provides a necessary update to legacy infrastructure.
3. Enhanced Regulatory Compliance Healthcare organizations need to meet reporting and risk assessment requirements, and Thrive’s experts can help your organization be agile without sacrificing safety or compromising compliance. Thrive performs a risk assessment and provides strategic IT consulting services to ensure a fully customizable Cloud migration plan is designed and executed.
4. Advanced Cybersecurity As healthcare business systems grow in complexity, there is an increased risk of vulnerabilities, exploits and security breaches. Thrive’s comprehensive Cybersecurity solutions protect your business, uncover, and mitigate risks and meet stringent regulatory requirements. Our security-first Cloud approach is flexible and economical, provides specific, actionable information and is backed by a 24x7x365 Security Operations Center.
5. Disaster Recovery
   Hospitals, health systems, and doctor’s offices cannot afford critical infrastructure failure, security breaches or human error. Data backup and security are essential, as well as a disaster recovery plan (DRP). When networks go down, or cyber-attacks occur, Thrive provides Cloud-based recovery so your healthcare organization can resume IT operations rapidly with minimal or no data loss.

Thrive gives healthcare organizations peace of mind with a comprehensive, proactive security strategy with technology solutions. Read more in our recent industry brief here.

Click here to contact us today to solve and manage your healthcare organization’s Cybersecurity and Cloud needs.