It comes down to two things:

1. That security events WILL inevitably impact virtually every software product and what’s most important is the RESPONSE PLAN of the provider and their WILLINGNESS TO ENACT it despite consequences to their own business interests.
2. That a breach enhances business resiliency leading software companies to double down on security and come out stronger after a breach.

The July 2, 2021 cyberattack on Kaseya’s VSA product resulted in the rapid implementation of a documented incident response plan that effectively shut down the attack almost as quickly as it began, protecting 99.99% of the entire Kaseya customer base from direct impact.

In addition to Kaseya’s response plan, the compartmentalized design of its IT Complete platform protected the other 26 modules from any impact.

While IT Complete offers deep workflow integrations between its individual modules, it compartmentalizes each module by maintaining separate code bases, development teams, and data storage for each. This ensures that if a compromise was ever to happen within a single module, the other 26 would be insulated from impact. It also ensures seamless business continuity and complete data security when utilizing the compartmentalized endpoint and network backup functionality.

Each IT Complete module has been forensically tested by 3rd party security experts to validate its isolated, compartmentalized structure. Official reports from each module test can be found here:

• IT Glue
• Spanning
• Unitrends
• RapidFire Tools
• Graphus
• ID Agent
• Passly
• Rocket Cyber
• Kaseya BMS
• Traverse