The recent attack on Kaseya’s VSA product shows again the important role that IT support organizations play in selecting, deploying, managing and monitoring the technology stacks of their clients. Kaseya is not the first to be attacked, nor will it be the last. Kaseya is just the latest.
Remote Management is Not Going Away
RMMs or other applications such as Microsoft’s Intune that provide management of remote servers and endpoints are essential in providing affordable and efficient service. Without these tools, per seat pricing would either be considerably more expensive or leave systems exposed to other vulnerabilities such as out-of-date operating systems, browsers or applications.
Stacks are a “Balanced Portfolio” of Risk Management
A proper technology stack combines tools that work together to minimize risk and include processes and procedures to follow if problems occur. The better the stack is designed, the less the impact from attacks or the faster recovery if it occurs. In financial terms, these multiple layers would be called a “balanced portfolio”. In a balance portfolio, if there are problems in one area, there are offsetting areas that step up to fill those gaps.
No Vendor Tells You the Whole Story
Unfortunately, IT service providers must create their own stack based on incomplete information from vendors. For example, Kaseya does not spend much time discussing the complementary strategies and tools that you will require given the inherent risks of the RMM. But it’s not just Kaseya - we have yet to see any RMM provider lead with the marketing message “Don’t worry about our tool until you have a good backup strategy in place!”
“Dumb” Stacks Often Look the Same to Clients
It is the intellectual property (balance, research, testing, procedures, etc.) included with a stack that makes up the value of an MSP’s per-seat pricing. Unfortunately, “smart” stacks and “dumb” stacks often look the same to the average client until problems occur and then it is too late to opt for the smarter solution.
Get Value for Your Stack
Given that clients and end-users are not that interested or noticeable of all the details of a smart and well-researched stack, IT providers must find other ways to showcase their approaches including:
- Transparency – Exposing more of the internal operations and reporting to showcase the daily efforts to minimize risk.
- Compliance – Compliance has often come to mean government compliance, but for IT service providers it should be much deeper including: 1) Complying with contract terms; 2) Complying with internal policies; 3) Following best practices and recommendations; 4) Ensuring adequate user training; 5) Documenting everything.
- Products – Stacks will change over time with better techniques and new threats. Selling solutions rather than technologies helps keep clients focused on their business. Think “secure desktop” vs. Webroot.
CloudRadial helps you with all these key pieces to make sure that your stack and your intellectual property is valued by clients.
Understand CloudRadial’s Security
In discussing a “smart” stack, it is important to understand what CloudRadial does to minimize risk in its own product and how it complements other tools in your existing stack.
Data Agent Security
The most frequent question that comes up is “If agents are the threats, why deploy another agent?” The simple answer is that we are not an agent like an RMM. The CloudRadial data agent can only do three things:
- Collect and send data.
- Uninstall itself.
- Update itself. In high-security environments, this last option can be disabled through a command line switch during install.
The data agent is designed for report-only. As a reporting tool it helps you see:
- OneDrive protected folder backups – This is critically important in recovering from data loss from hardware issues, endpoint loss or theft and ransomware.
- Antivirus protections in place.
- Operating system versions and major updates.
- Application versions installed on different endpoints.
The data agent helps you (and your clients) see that your core protections are up-to-date and engaged.
Desktop Application Security
Like the data agent, the desktop application has no functionality to make changes to the system and runs a separate browser instance of the CloudRadial website. All other websites and URLs are run through the endpoint’s default web browser where those URLs are controlled by the latest browser security and endpoint controls.
All of the CloudRadial infrastructure is hosted in Azure utilizing Azure’s exceptional security framework. We limit access internally as needed and restrict access through multiple layers of security. More information on our security is available at https://www.cloudradial.com/security
Document and Engage
Security is no longer the responsibility of only vendors, partners and clients. Security is something all three groups must actively work together to achieve. Vendors to improve their security and enhance security offerings, partners to deploy their stacks correctly, and users to understand how their own actions can both prevent and identify threats.
CloudRadial’s information collection and archiving as well as its training tools help bring all the parties to the table to help shape strategies for the successful prevention, identification, and remediation of future breaches.
Security is too important to leave to any single entity. It takes everyone working together to create a workable solution. The MSP or IT provider role is more important than ever to create and manage this valued solution for clients.