Acronis Launches GenAI Protection, Giving MSPs Control Over AI Usage and Data Risks
What Happened — Acronis introduced GenAI Protection, a new module that lets managed service providers (MSPs) monitor, policy‑enforce and secure generative‑AI usage across their customers’ environments. The solution detects shadow‑AI tools, inspects prompts for PII/PHI, and blocks malicious prompt injection.
Why It Matters for TPRM —
- AI‑driven data leakage and prompt‑injection attacks are emerging third‑party risks for SMBs that rely on MSPs.
- Lack of visibility into consumer‑grade AI tools creates compliance gaps (e.g., GDPR, HIPAA).
- MSPs can now offer AI‑security as a managed service, turning risk mitigation into a revenue stream and reducing supply‑chain exposure.
Who Is Affected — MSPs serving SMBs across all verticals; indirectly, any organization that outsources IT or security to an MSP and uses generative‑AI tools.
Recommended Actions —
- Review contracts with MSPs to confirm they have or plan to adopt GenAI Protection or equivalent controls.
- Require MSPs to provide AI‑usage inventories, policy enforcement reports, and evidence of prompt‑inspection.
- Update your third‑party risk assessments to include AI‑related data‑exfiltration and prompt‑injection vectors.
Technical Notes — The solution is delivered via a centralized console integrated into the Acronis Cyber Workspace platform. It does not require additional point products. Core capabilities: shadow‑AI discovery, sensitive‑data prompt inspection, and malicious‑prompt detection. No CVEs are disclosed; the offering is a preventive control rather than a vulnerability. Source: Help Net Security