Have you ever stopped to think what would happen if someone stole the keys to your castle and gained access to your entire RMM platform, and therefore all of your client’s devices!
Everyone has been talking about Kaseya’s VSA product and how it fell victim to the single biggest global ransomware attack on record.
This particular attack appears to have been the largest ever ransomware attack orchestrated by the cybercriminal group REvil, (I think that’s how you pronounce it) hitting almost 40,000 computers worldwide.
It wasn’t that long ago that SolarWinds was also attacked, the cybercriminals used the platform to breach into a Managed Services supplier to then deliver Ransomware onto thousands of end client PCs.
In an effort to help MSPs globally, Inbay would like to share with you some top tips to protect your RMM platform.
For those of you that would rather read ‘The 5 top tips to protect your RMM platform’ please see below.
Despite MSPs having numerous vulnerabilities, there are measures that you can take to prevent a cyberattack. Here are 5 security steps MSPs should consider taking:
- Activate and Enforcing Multi-Factor Authentication (MFA/2FA).
Let’s start with something that is super easy to implement and will make your platform instantly more secure. You need to implement and enforce MFA for everyone that accesses your RMM. Most of the top RMM now enforce this however plenty still don’t.
By enabling MFA you are adding a second layer of security to your RMM platform and anyone accessing it will need a username, password AND unique key that is generated at the time of access. That really is adding a stronghold to your castle.
- Restrict Access
It may seem easier to allow your tech’s administration access to your RMM platform however this really is a bad idea! I once worked with an MSP who did this to find that he had a disgruntled level 1 service desk tech who used the RMM platform to wipe out customer backups, and then resigned!
I strongly recommend you take the time to define security levels and assign to the right techs. For example if your level 1’s don’t create new scripts then don’t allow them the access level to deploy them.
- Patching your RMM
Some RMM platforms are on-premise and rely on one or more physical servers. Make sure you take the time to fully patch your RMM server and of course the RMM software. I appreciate this can be a pain as you need your RMM ‘always on’ however if you don’t then you are massively opening yourself up for a security breach.
Add this to your customer contracts if needed. Say that your monitoring service will be available 99.9% of the time. This will give you almost 9 hours a year for patching:
- Secure your staff Endpoints
Sometimes we forget to “eat our own dogfood” – make sure that all the security you advise and recommend for your customers you also apply in house as well.
We all know that tech’s like to download and use ‘third party tools’ that they may have randomly found with a “quick google” – but are these safe?
Your tech’s machines should be fully protected, secure AND checked frequently.
- Audit your RMM
Take time out to review your RMM configuration, usage and security. If you don’t have the time then contact a company like us who will review it for you.
If you have concerns that your RMM platform isn’t secure or configured and optimised correctly, and want to get the most out of your investment, get in touch with Inbay today.