In Response to US-CERT Alert TA18-276B Issued October 3, 2018, DataCorps recognizes that clients who outsource their IT services to a Managed Services Provider (MSP) can experience certain risks due to the tools and systems used by the MSP to provide services. These risks can be mitigated, and the alert identified above issues some reasonable safeguards that should be discussed and implemented between MSPs and their clients.

Not all recommendations are reasonable for every environment as some carry cost and operational burdens, however, each should be evaluated and thoughtfully considered.

DataCorps already implements many of the recommendations outlined in this document and is prepared to discuss them and their impact with each client, individually and confidentially.

Due to the sensitive nature of the methods and processes used to secure DataCorps’ systems and connectivity between its services and clients, they will not be disclosed except as necessary upon a client’s request, and in any event, will be disclosed only privately after receipt of reasonable assurances of confidentiality from our client.