I had this conversation with an MSP owner last month. His client’s CFO asked about “quantum stuff” during the quarterly review. The owner froze. He knew the term but not what it meant for the client’s VPN keys or the data sitting in their backup vault.

Here’s the thing, that question is no longer rare. NIST published the first post-quantum cryptography standards in August 2024. Federal guidance followed. Your clients are starting to hear the term from their own auditors and insurers. The conversation is already moving from “if” to “when” and “how much.”

Stakes
Long lived data is the real exposure. Healthcare records, legal files, government contracts, and intellectual property often need to stay confidential for ten years or more. If that data travels today over RSA or elliptic-curve links, someone can copy it now and wait for a cryptographically relevant quantum computer to read it later. The attack is called harvest-now, decrypt-later. It does not require the quantum machine to exist today.

Substance
Quantum computers do not replace the servers in your clients’ racks. They break the math behind the public key cryptography we rely on for key exchange and digital signatures. Current expert estimates place a machine capable of breaking RSA-2048 somewhere between 2030 and 2035. That window is short enough that the data being collected today is already at risk.

What to tell your clients today
“Some of the encrypted traffic leaving your network right now is being archived by sophisticated actors. We are beginning an inventory of every place you still use RSA or ECC so we can replace those algorithms on a schedule that matches the sensitivity of the data.”

MSP Action
Your Monday morning move: open your client list and flag the three accounts whose data has the longest confidentiality requirement. Add one line to next month’s QBR deck: “Cryptographic inventory, 30 minute review.” That single line starts the conversation without overpromising.

Next week we will walk through exactly how to run that inventory and what the new NIST standards actually give you to work with.

Stay sharp.

The Quantum Guy