How Secure is your RMM?

In light of recent events, the ever growing need to lock down each and every tool within your MSP’s tool stack has become very transparent. Hackers worldwide are now specifically targeting MSP’s and one of the easiest ways that they have been able to do so, is through the RMM.

This begs the question: How Secure is your RMM? Below is a list of our top 13 points that we believe every MSP should be implementing to stay secure and reduce vulnerabilities within the tool.

Backup your RMM nightly and to a secure location.
Review all user accounts regularly for the last login, permission (Principal of least privilege), 2FA/MFA.
Enable SSO, SSO has great user management capabilities as well as the ability to use other authentication providers like Microsoft Azure.
Ensure all user accounts are valid. Deactivate all invalid user accounts. Access to the Data base is as / if not more dangerous as access to the RMM/Remote Control applications.
If your RMM supports White-Listing, it can be configured at the server level to ensure that all connections are locked down to the whitelist.
Segregate the RMM and Remote agent servers from the rest of the internal network whenever possible.
Regularly review client environments for machines missing agents. An agent not being monitored is very vulnerable and can be used to attack other internal devices.
Limit user access to the servers hosting the RMM and Remote-Control applications.
Antivirus should be installed on the RMM and Remote-Control servers, however, it is important to ensure the proper exceptions have been applied or this can cause major issues for the applications.
Have plans in place to prevent further access into environments in case of a breach. (A method to prevent communication with the RMM if breached)
Do not link scripts to sites like pastebin or other links that can be spoofed.
Keep the RMM and Remote-Control products up to date as there are many security releases for the product.
Keep plugins/extensions up to date. Many plugins/extensions release updates that will also include security-based items.

How Secure is your RMM?

Categories

Labtech

ConnectWise Automate on Linux – Best Practices

ConnectWise Automate Maintenance Mode Explained Best Practice

Uninstalling and Offboarding Automate Agents

How to Set Up Automate users to use ConnectWise SSO

Windows 10 Build Upgrades are Inevitable - Use Kaseya/ConnectWise Automate to Deploy

Best Practice Naming of Patching Groups

Automate 12 Patch 9 Now Available!

5 Tips for using the Report Center

Automate 12 Patch 8 Now Available!

Automate 12 Patch 7 Available for Download

Business Continuity

Proactive Maintenance

Kaseya

Security Best Practices for Kaseya VSA

Kaseya VSA: Software Management vs. Patch Management

Software Management Enhancements

Two-Factor Authentication in Kaseya VSA

Windows 7 & Windows 10 Multiple Builds End of Life – Upgrade Using Kaseya or ConnectWise Automate

Kaseya Network Monitor: Benefits & Features

Kaseya Patch 9.5.0.22 and Future Updates

Kaseya's New State-of-the-Art Contemporary User Interface

Kaseya Product Release - April '19

Kaseya Software Management Module

Datto

Creating & Implementing a Disaster Recovery Plan

Disaster Recovery – Minimizing Impact of Downtime

Updating a Datto Device

Datto Agent Communication Errors

Datto

StorageCraft

Get in touch today for MSP Centralized Services