DattoCon Now points to profit in SaaS defense, continuity

Datto Holdings this week unveiled SaaS threat protection and Microsoft Azure business continuity products for MSPs, emphasizing an opportunity for higher revenue and margins in such cybersecurity offerings.

The company's SaaS Defense product, which stems from its March 2021 acquisition of BitDam, aims to protect Microsoft 365 endpoints. Datto said the product detects and prevents malware, phishing and business email compromise attacks targeting Microsoft 365 components such as Microsoft Exchange, OneDrive, SharePoint and Teams. Datto will offer SaaS Defense as an add-on to its SaaS Protection backup and recovery product, with availability slated for November. An extension to Google Workspace is planned for 2022.

At DattoCon Now, an online event that ran Oct. 13, Datto CEO Tim Weller cited email as the No. 1 attack vector and Microsoft 365 as "the cyber attackers' inbox of choice" given the product suite's market share.

Datto views its SaaS security offering as a first-line-of-defense technology.

As an addition to its last-line-of-defense product portfolio, the company also showcased Datto Continuity for Microsoft Azure (DCMA). Speaking at DattoCon Now, Tyler Bryson, corporate vice president of global partner solutions, U.S., at Microsoft, said DCMA marks the first step in new partnership between Datto and Microsoft.

The product will open doors for MSPs as customers migrate from on-premises Microsoft applications to Azure, Bryson added.

"In the U.S. alone, we have tens of thousands of customers who still rely on Windows Server and SQL Server applications who have yet to experience even a single Microsoft Azure service," Bryson said. "We see, over the next year, an incredible business opportunity as thousands of these businesses begin this migration."

DCMA is available to partners through an early access program.

Weller, meanwhile, highlighted the security of Datto's remote monitoring and management (RMM) software, which he claimed has "never been breached."

Datto RMM added a ransomware detection feature in December 2020. The ransomware detection feature will be offered for free through the end of January 2022, Weller noted.

MSPs can boost their margins through cybersecurity, according to Weller. He said MSPs have reported doubling their margin from Microsoft 365 seats after adding Datto SaaS Protection to their offerings. "Now we aim to triple your margin by adding SaaS Defense to this bundle," Weller added.

Continuity, meanwhile, may represent MSPs' largest margin opportunity in security, Weller said. He noted that companies use BC/DR technology to recover from ransomware attacks.

Cybersecurity offerings also boost an MSP's revenue per customer. Weller described a "journey to higher dollars" in which an MSP that adds antivirus could expect to generate an extra dollar or two in revenue above its standard RMM services. However, adding ransomware detection and endpoint detection and response products results in a more meaningful upsell, while managed response could net an MSP an additional $10 to $20 per seat. Increasingly advanced offerings could eventually generate an extra $100, he suggested.

Weller pointed to partnering as the way forward for most MSPs to grow their cybersecurity businesses, especially when it comes to acquiring human talent. Few MSPs will be able to hire in-house staff to offer customers 24/7 access to security experts and ready-to-deploy incident response teams, he said.

"I think it is more likely that most of you will end up outsourcing to an MSSP [managed security service provider] for those particular needs," Weller said. "It seems fairly unrealistic that more than a tiny fraction of MSPs will ultimately succeed in building full-fledged MSSPs."

More security developments are expected to emerge from Datto's acquisition of BitDam, which will run a cyber hub for Datto in Tel Aviv, Israel. That hub will provide MSP and SMB technology with features such as ease of installation and management as well as analysis and reporting capabilities, said Liron Barak, co-founder of BitDam and senior director of product at Datto.

SaaS Defense, for example, provides basic features such as spam filtering in addition to more advanced security to combat phishing and ransomware, Barak said. As a result, MSPs can consolidate tools and reduce management tasks. SaaS Defense also offers threat analysis and reporting that lets MSPs observe trends across their customers, she said.

The product covers Zoom's communications platform as well as Microsoft 365, Barak noted.

Datto CISO Ryan Weeks said BitDam supplies a base of cybersecurity skills. BitDam can continue to hire security expertise to drive not only the company's product strategy but also its internal security program.

As for the latter, Datto now allows its internal red team to pursue "gloves-off pen tests" to emulate attackers, Weeks noted. "We have let them entirely loose," he said. "Nothing is off limits."

Partners expressed interest in several technology developments at Google Cloud Next 21, an online event that wrapped up Oct. 14.

Among those developments is BigQuery Omni, a multi-cloud analytics offering. Google said the product will be available to all customers on AWS and for select customers on Microsoft Azure later in October.

"We know that data is created and consumed in multiple locations by hundreds or thousands of applications," said Paul Lewis, CTO at Pythian, an IT consultancy and MSP based in Ottawa. Pythian is a Google Cloud Premier and Specialization Partner. "The difficult part of creating organizational insights is to discover and mobilize the data that might be closely coupled with those applications, hidden within the cloud services."

BigQuery Omni, however, lets Pythian's clients use a single API, command-line interface or user interface for cross-cloud analytics, Lewis noted.

Miles Ward, CTO at SADA, a Los Angeles-based business and technology consultancy and Google Cloud Premier Partner, cited the PostgreSQL interface for Google's Cloud Spanner database as "hugely impactful" technology coming out of Google Cloud Next.

Organizations with applications that talk to PostgreSQL can now link up with Google's self-healing, globally scalable database, Ward said. The interface saves developers from having to rewrite interfaces in order to have their PostgreSQL applications communicate with Spanner. The development is particularly helpful for companies with thousands of PostgreSQL applications, which would prove prohibitively expensive to migrate to Spanner, he noted.

In sustainability, Google Cloud Carbon Footprint reporting "will be an essential part of a CIO's ESG [environmental, social and corporate governance] program," Lewis said. In addition, Carbon Footprint, launched at Google Cloud Next, can serve as an extension to Pythian's FinOps capability, he said. With that augmentation, "clients will be able to identify the environmental impact of out-of-control user-initiated consumption," he added.

Lewis also noted security integrations and partnerships featured at Google Cloud Next, such as Google's relationship with Cybereason. Google and Cybereason will collaborate on an extended detection and response service. Investment in integrations becomes a critical requirement for data loss prevention, detection and response, and even corporate education "as we see more bad actors … becoming much better at what they do," Lewis said.

Partners also pointed to Google Distributed Cloud as a key technology unveiled at Google Cloud Next. The offering addresses customers with low-latency demands and strict regulatory requirements, according to Google Cloud.

Crayon, an IT services company based in Oslo, Norway, moved closer to completing its purchase of Rhipe, a cloud and licensing specialist.

The acquisition became legally effective this week, with Crayon scheduled to pay the purchase price on Nov. 3. Crayon's CFO, Jon Birger Syvertsen, called the Rhipe transaction a "massive opportunity" for Crayon. Sydney-based Rhipe focuses on wholesale provisioning of subscription-based cloud licenses and infrastructure.

"Cloud is already integral to the services we provide our customers," Syvertsen said.

Customers' maturity in shifting to the cloud has improved alongside the continuing improvement of cloud platforms' capabilities and cost efficiencies, he noted. "This results in growth that shifts spending away from traditional on-premises hardware and software sales models into software and cloud-based models," he added.

Additional reporting by Spencer Smith.

Market Share is a news roundup published every Friday.