Complexity, capacity and security can all be addressed by MSPs – let’s talk priorities and challenges
MSPs, while providing for the business needs of multiple sectors, must also balance efficient management of cybersecurity processes to protect their clients. Achieving this via improved access and management, as well as improvement in both infrastructure and process, is the best way to address the growing onslaught on MSPs by hackers. This increased pressure means closing gaps while simultaneously upgrading the capacity to manage clients’ endpoints and addressing their own cybersecurity. (Read more about: MSPs: Who, what, why?)
An especially important piece of the cybersecurity capability of MSPs are professional services automation (PSA) tools or remote monitoring and management (RMM) tools, which grant a single-pane-of-glass view into all the endpoints of a client that need to be managed remotely. These tools scale and/or combine to allow MSPs of many sizes and maturity levels to offer their services and expertise to clients, extending security and other IT infrastructure provision to them beyond what most clients could manage internally. According to a 2019 poll conducted by ESET, a significant 79% of MSPs use RMM tools.*
ESET RMMs – integrating for ease of use and improved security
ESET currently offers the widest selection of direct endpoint management (DEM) plugins in the industry, enabling MSPs to get the RMM look and feel they want without the need for any additional servers or intermediate consoles. That means fast deployment and easy integration with ESET security products on endpoints.
ESET’s family of direct management plugins provides integration to Datto, SolarWinds, and ConnectWise, with the fourth and newest plugin being ESET DEM Plugin for NinjaRMM.
ESET RMM integrations are created to be robust in terms of both security and functionality. The plugins allow the MSP administrator to perform these tasks with ESET Security products:
The available solutions include ESET Endpoint Security, ESET Endpoint Antivirus, ESET File Security for Microsoft Windows Server, and ESET Mail Security for Microsoft Exchange Server. MSP administrators can also employ RMMs to manage endpoints with the macOS operating system.
For those MSPs whose integration is not on the ESET list, there’s the special eRMM functionality that is part of ESET endpoint solutions. In that manner, many MSPs have the potential to switch to an ESET-supported RMM, and can connect endpoints to their RMM agent with a bit of settings tweaking.
With leadership comes responsibility
Signing clients to your MSP, especially when providing security, is serious business. In many cases plugins have met requirements so well as to enable rapid and remote security provision, such that, security-wise MSPs have had to raise their maturity in-line with the role they’ve cemented as gatekeepers to business continuity.
On the back of this success, hackers have increasingly targeted the MSP model as a direct route to perceived digital riches. This trend is in part evidenced by a recent exploit of a vulnerability in a leading MSP’s plugin for a popular RMM tool. Certainly, MSPs should be increasingly wary, and guard their “keys to the kingdom.” If hackers infiltrate an MSP, they can take advantage of the many tools that provide a privileged look into clients’ IT networks or “manage” systems as would an MSP administrator. Therefore, it is crucial for MSPs to maintain a tighter watch even over their favorite RMMs.
(Read: More signs that MSPs must master cybersecurity)
If hackers infiltrate an MSP, they can take advantage of the many tools that provide a privileged look into clients’ IT networks or ‘manage’ systems as would an MSP administrator. Therefore, it is crucial for MSPs to maintain a tighter watch even over their favorite RMMs.
ESET’s DEM plugins are built with security ingrained in the code. A recent exploit revealed that hackers conducted an SQL injection attack to send unauthenticated remote commands to a database. That’s why ESET’s plugins allow only parameterised SQL queries, which hinder such SQL injection attacks. In addition, other essential security features in the backend include protection against cross-site scripting and password encryption.
* ESET polled 488 MSP partners in 14 countries during July 2019 via an online questionnaire.