In this episode, N-able Head Nerd Eric Harless talks to Sales Engineer Will Linthicum about why native Microsoft 365 tools aren’t sufficient for business‑grade protection and why a dedicated backup strategy matters for MSPs and IT teams. The conversation covers the shared responsibility model, the common misconception that “Microsoft backs it all up,” and practical risks ranging from accidental deletion to insider threats and ransomware. They explore core workloads – Exchange, OneDrive, SharePoint and Teams – and unpack where advanced licencing and features (e.g., conditional access, litigation hold) start and stop. They walk through a real‑world scenario of a compromised mailbox, the importance of MFA and geolocation rules, and the subtle ways attackers use mail rules and PowerShell to quietly purge data beyond recycle bins.

Aligning data life‑cycles to compliance needs

The episode also addresses retention policies and offboarding: converting users to shared mailboxes, handling OneDrive content, and aligning data life‑cycles to compliance needs. Listeners hear candid guidance on what backup can and can’t do (it’s not DR or BC in itself), backup cadence and on‑demand snapshots, and known limitations like Information Rights Management and OneNote API access. Finally, the discussion touches on roadmap items such as online archive backup and PST restore, plus performance improvements to accelerate scans and handle throttling—placing emphasis on tabletop exercises and clear customer communication so MSPs sell continuity and peace of mind, not just “backup.”

Who Should Listen to This Podcast…

This podcast is essential listening for MSPs, IT solution providers, and corporate IT professionals responsible for safeguarding Microsoft 365 environments. Whether you’re an IT manager, systems administrator, or technical lead, you’ll gain practical insights into the realities of data protection, backup, and recovery in today’s threat landscape. The episode is particularly valuable for those navigating compliance requirements, managing user offboarding, or seeking to strengthen their organisation’s resilience against accidental deletion, insider threats, and ransomware.

Topics covered

• The shared responsibility model for Microsoft 365 and why native tools aren’t enough
• Accidental deletion, insider threats and ransomware as everyday risks
• Practical mailbox compromise triage: MFA, geolocation and Defender visibility
• How attackers abuse mail rules, nested folders and PowerShell to purge data
• Retention “sweet spots” (1, 3, 5, 7 years) and long‑tail requirements
• Offboarding workflows: converting to shared mailboxes and managing OneDrive
• Backup cadence, on‑demand backups and limits of recycle bins/versioning
• What M365 backup is (point‑in‑time restore) vs. what DR/BC are

Disclaimer: This podcast provides educational information about issues that may be relevant to information technology service providers. Nothing in the podcast should be construed as any recommendation or endorsement by N-able, or as legal or any other advice. The views expressed by guests are their own and their appearance on the podcast does not imply an endorsement of them or any entity they represent. Views and opinions expressed by N-able employees are those of the employees and do not necessarily reflect the view of N-able or its officers and directors. The podcast may also contain forward-looking statements regarding future product plans, functionality, or development efforts that should not be interpreted as a commitment from N-able related to any deliverables or timeframe. All content is based on information available at the time of recording, and N-able has no obligation to update any forward-looking statements. https://www.n-able.com

Intro: Discover why vulnerability management is critical for cyber and business resilience — and how N-able is reinventing the process.

In this episode of Head Nerd Table, Jason Murphy sits down with Jeff Green, Distinguished Product Leader for Vulnerability Management at N-able, to unpack why vulnerability management is no longer optional — it’s essential. Jeff shares insights from his experience as a CTO and MSP leader, explaining how vulnerability management underpins both cyber resilience and business continuity.

The conversation explores why this discipline matters for organisations of all sizes, from SMBs to large enterprises, and how regulatory pressures, cyber insurance requirements, and supply chain risks are driving adoption. Jeff also dives into practical challenges: millions of CVEs, prioritisation, and what to do when patching isn’t an option.

Finally, we look at N-able’s roadmap for vulnerability management, including integration with patching, risk acceptance workflows, and future plans for network and OS scanning. Whether you’re an MSP, IT leader, or security practitioner, this episode offers actionable advice on building resilience and turning vulnerability management into a strategic advantage.

Topics Covered

• Why vulnerability management matters for cyber resilience
• Risk management vs. vulnerability detection
• Regulatory and insurance pressures
• Prioritising millions of CVEs
• Enable’s approach and roadmap
• Risk acceptance and mitigation strategies
• MSP opportunities and co-managed IT
• Practical advice for IT leaders

Disclaimer: This podcast provides educational information about issues that may be relevant to information technology service providers. Nothing in the podcast should be construed as any recommendation or endorsement by N-able, or as legal or any other advice. The views expressed by guests are their own and their appearance on the podcast does not imply an endorsement of them or any entity they represent. Views and opinions expressed by N-able employees are those of the employees and do not necessarily reflect the view of N-able or its officers and directors. The podcast may also contain forward-looking statements regarding future product plans, functionality, or development efforts that should not be interpreted as a commitment from N-able related to any deliverables or timeframe. All content is based on information available at the time of recording, and N-able has no obligation to update any forward-looking statements. https://www.n-able.com

Explore how ransomware became big business, why SMBs are most at risk, and practical steps to boost cyber resilience in this expert-led deep dive.

In this episode of Beyond the Horizon, host Pete Roythorne sits down with Kevin O’Connor, Director of Threat Research at N-able, to explore the shifting landscape of ransomware. What began as opportunistic attacks has evolved into a sophisticated business model, and SMBs are now the most attractive targets. Kevin shares insights from years in cybersecurity – including stints at the NSA and CrowdStrike – on why attackers are scaling down to smaller businesses, how ransomware-as-a-service has lowered the barrier to entry, and why misconceptions about risk still persist.

The conversation covers the economics driving ransomware, the rise of AI-powered social engineering, and the tactics attackers use to stay under the radar. Kevin also offers practical advice for SMBs: from employee training and policy enforcement to planning for worst-case scenarios. Finally, we look ahead at what could disrupt the ransomware economy and restore the balance in favour of defenders.

Topics Covered

• Evolution of ransomware from random attacks to organised crime
• Why SMBs are prime targets
• Ransomware-as-a-service and the crime supply chain
• Declining ransom payments—what’s behind the trend?
• AI-driven social engineering and phishing
• Common SMB security mistakes
• Effective defences and resilience strategies
• The role of law enforcement and global policy
• Future outlook: quantum cryptography and beyond

Disclaimer: This podcast provides educational information about issues that may be relevant to information technology service providers. Nothing in the podcast should be construed as any recommendation or endorsement by N-able, or as legal or any other advice. The views expressed by guests are their own and their appearance on the podcast does not imply an endorsement of them or any entity they represent. Views and opinions expressed by N-able employees are those of the employees and do not necessarily reflect the view of N-able or its officers and directors. The podcast may also contain forward-looking statements regarding future product plans, functionality, or development efforts that should not be interpreted as a commitment from N-able related to any deliverables or timeframe. All content is based on information available at the time of recording, and N-able has no obligation to update any forward-looking statements. https://www.n-able.com