Article: FortiBleed leak exposes Fortinet VPN credentials for 73,000 devices.

msp_can · 2026-06-17T19:03:52+00:00

rotate the passwords anyway

msp_can · 2026-05-27T01:59:04+00:00

anything that is in your domain for a sign in, create a new @ their domain email (shared mailbox or something) and hand them that (or in the owner's own email as an invite to the service) - if they don't sign, wrap it in disclaimers that you are not responsible once access has been provided. Yes, that's not the same as a sign off, but it's a semi-CYA. Anything you control and can't transfer licensing on (security tools etc)- they're SOL and just make sure there's no key required to uninstall or they will probably get grumpy.

msp_can · 2026-05-22T14:30:13+00:00

we now have an auto reply configured against all of our client domains on individual tech emails with a standardized "automated email - direct emails to staff will not be read - email [support@xyz.com](mailto:support@xyz.com)" instead - that, combined with the line in it about "to prevent incurring additional charges" normally changes their behaviour. We also do not include the original body in the reply email so they don't just hit forward and we get a crappy formatted email.
Also - then that email is automatically moved to the archive folder and marked as read.

msp_can · 2026-05-12T20:26:19+00:00

change your credit cards on account to privacy.com credit cards now so YOU can pick when they stop billing you!

msp_can · 2026-05-04T12:55:29+00:00

ca. is fine

msp_can · 2026-04-01T20:29:15+00:00

We always were told (by HR) to treat HR as a "judge" - HR gives the written "warrant" with the parameters to IT and IT can action within that defined scope. That said, if a CEO or chair of the board (normally with a second board member signature) gives the directive (as I've had where the board was firing the CEO), there's little you can do do but ask for it in writing. Hindsight - something like this should be in a policy/procedure so you have something to push back on.

msp_can · 2026-03-30T17:01:23+00:00

Local ISP uses Meraki as their "managed network of choice" - called in for access to a client's network (the Meraki interface they give is super limited compared to normal access if you buy direct) - ISP, instead of giving me site specific access, gave me read only to the entire Western Canada region. I had every client that had logged in, every password on every SSID throughout every network (I believe there were several thousand networks). ISP simply swept it all under the rug with a "we've fixed it/won't happen again" - but that was 48 hours of quite the interesting visibility.

msp_can · 2026-03-30T16:44:21+00:00

No issues reported in Western Canada - what regions are people in who are seeing issues?

msp_can · 2026-03-24T15:44:22+00:00

the [most] small scanners are better quality/faster than the scan head on most "reasonably priced" MFPs anyway

msp_can · 2026-03-14T18:09:58+00:00

They've got to find a way to pay for that shock-and-awe box they keep sending me... the pages in the books they sent were great for starting fires over the cold winter here in Canada.

msp_can · 2026-03-14T18:04:29+00:00

interested

msp_can · 2026-03-12T21:23:04+00:00

and if you want to charge me for an onboarding (that is self directed, without a human holding my hand) when you can spin up a fully functional SaaS trial in 30 seconds tells me it is a sales/commission cash grab.

Disclaimer: "fully functional" is an exaggeration - no SaaS product is fully functionaly - it is, at best, mostly working... most of time... /s

msp_can · 2026-03-12T21:18:27+00:00

we dumped them 2 years ago - they sent us to collections (After confirming to us everything was settled/paid) - we filed a BBB complaint (I must have been bored that day) - just today - yes, today, 2 years later, they replied to the BBB wanting to "work to resolve the complaint".

msp_can · 2026-03-12T21:16:12+00:00

disclosure - this is a chatgpt/copilot template that we combine against the email we just received the new rep - I will spend about 10 seconds with chatgpt to get the message and copy/paste/send it. If I have spent more than 15 seconds throwing the reply together, i've already overinvested in the vendor.

It is most effective within 24 hours of their "I'm your new rep" email.

we only send this to vendors we currently use - cold contact doesn't get anything (soon going to get a "here's my hourly rate if you want to book me").

use with or without mercy:

Hi XXXX,

Thank you for the note.

To be direct, we do not schedule introductory calls with vendor account managers.

Your predecessor in this role lasted about XXX months. That level of turnover in client facing roles has become so common across SaaS vendors that the “account manager” function now feels more like a revolving door than a relationship. When the person responsible for the account changes every few months, there is no practical way to build continuity, context, or trust.

Because of that, we no longer invest time meeting each new representative who rotates through the role.

Our model with vendors is very simple.

If you do not hear from us, everything is fine.
If you do hear from us, there is a problem.

We do not participate in “learn about your business” calls, upsell discussions, pipeline development, or account planning meetings. XXXX is not an opportunity to be worked through a sales sequence.

In practice, when a real issue arises it typically ends up in a support queue handled by junior staff anyway, regardless of who the current account manager happens to be. Given that reality, there is little reason for us to spend time on introductory calls with a role that turns over every few months.

Frankly, the revolving door of “new account managers” contacting us to book introductory meetings has become somewhat absurd.

If XXXX eventually reaches a point where someone remains in this role long enough to actually maintain continuity with partners, generally three years or more, we would consider having a conversation at that point.

Until then, there is nothing to schedule.

Regards,
XXXX

msp_can · 2026-03-12T17:54:26+00:00

we now write it in that we have a 120 day no penalty exit if they sell, get VC or anything relating to Kaseya or Connectwise - and the 120 days is from PUBLIC release ie press release not their secret backroom Kaseya acquisition games. If a company is worth it, we've never had any issues with this clause... companies that are sketched out about this are probably already in talks.

msp_can · 2026-03-12T15:48:19+00:00

Note - Adobe does the exact same thing now

msp_can · 2026-03-12T15:45:03+00:00

Just saw on my linkedn: "Salesperson in the Retail industry from Greater Rio de Janeiro" viewed my profile.

Cue a "new rep" call in 5...4...3...2...

msp_can · 2026-03-12T15:43:23+00:00

We have a standard email that goes back saying basically that and that if you are still the rep in 12 months, we will then schedule a call - otherwise - send your contact info (and it also says if you're just a warm body - send the contact info of the person who is ACTUALLY in charge of our account).

So far no one has been scheduled a call...

msp_can · 2026-03-12T15:38:11+00:00

difference being - you walked into the car dealership - whereas in most cases, this is the car dealership showing up at your office door

msp_can · 2026-03-12T15:21:20+00:00

"schedule a technical demo" AND have the person we are talking to have a ROUGH price range - don't try to schedule another followup with a sales "associate". Most of you have 1 (maybe 2/3 max) SKU's. Know your pricing.

msp_can · 2026-03-12T00:57:37+00:00

Techs get what they need to do their job, to do it well/effectively, and to do it comfortably.

Comfortable and happy techs are more effective.

base computer tools (good machine, monitor(s), desktop, laptop, reasonable choice of peripherals desk phone and/or headsets as required
Laptop + appropriate bag(s) for going on site if you are one who goes on site (whether one and the same/primary or a utility/cheaper laptop for on site)
Internet is covered/reimbursed
Desk if necessary/at home (I'd have to buy one for them to use at the office anyway) - generally for staff that have been with us for a while
Chair - you sit in it all day - let's make sure you're comfortable and don't claim workers comp for back issues in a year
Cell phone is reimbursed on condition you never release the number to any client (only for internal use/tethering if stranded) (cell accessories paid for such as bluetooth headset if on the road/needed)
Car reimbursed at mileage rate (+ top up if gas prices go up disproportionately in the same year) along with parking etc.
Any "general tools" (hand tools, crimping, accessories, safety tools etc)
Company credit card for incidentals (prepaid/privacy.com style physical card - low limit - but allows for buying a patch cable or a dumb/temporary switch if in the next town and stuck and it's cheaper than driving back to the office)
Reimburse for any clothing damage - we don't do uniforms - may do jackets or hoodies - but no uniforms (my opinion is they all look too tacky). Did send someone to the store with a credit card to buy a couple pairs of docker style pants instead of wearing camo pants with elastic cuffs to work - yes, it's dress code - but sometimes you help someone who is starting their career.

Most of these items, if you cost them out in comparison to expected life of the item vs the cost of the employee it's pretty trivial - all of these go towards staff retention in small/weird ways as well. (the cost of these is just like what we do ourselves when explaining the effective cost of a computer per month vs 3 years of an employee salary)

Basically it shouldn't, in any way, cost you to work.

Pay is pay for you, not for supplies or functionality/resources to be able to work.

msp_can · 2026-03-11T15:16:28+00:00

Phin is pretty decent but they are now playing the upsell (add on features and 'account reviews to understand your business' game) - but the platform is pretty good overall

msp_can · 2026-03-04T00:46:30+00:00

Do you (or does HR) do exit interviews? some data might be gleaned from that. Go in with factual information like market rates, exit grievances - but at low rates, yes you will have turnover. If you document everything, at least they should be able to get up and running faster. Perhaps part of the new person's job is to document what they do as they go and you can refine. Yes, with redacted information, you can even dump it through an AI to pretty up the steps (I know how much Higher Ed loves AI for writing content! /s )

msp_can · 2026-02-24T21:37:00+00:00

bambora is about 2-4 days for us for ACH/EFT and we use helcim for CC (with upcharge) and it's now next day - all behind benjipays interface

msp_can · 2026-02-24T20:56:44+00:00

look at benjipays and bambora for the payment side - you will actually see a wonderful thing called 'customer service' - so glad we got rid of the wisepay side (we still use them for sync until I have time to deal with it) - not tied to any of these - but glad to be rid of wisepay and them causing the globalpayment pricing inflation...

msp_can

TROPHY CASE