Endpoint Security Done Poorly!

I recently had a conversation with a 5-year veteran of Kaseya.  A year ago their firm decided to test the Kaseya Endpoint Security add-on to see if they could free up some of the manual management of the current company recommended solution.

Here is what happened:

  1. Purchased 100 nodes of KES (Kaseya Endpoint Security)
  2. Wrote antivirus application removal scripts to automate the uninstall process (KES won’t install if another AV solution is on the machine)
  3. Installed 100 nodes, of KES, on their own network and a few customer networks.  (time required: less than 1-day.  KES is pushed out from within Kaseya)
  4. Ran their first scan
  5. Got RESULTS
  6. Found viruses on both their internal network and customer network (over 100)
  7. Found computers that were not getting virus updates
  8. Found machines that had been missed and DID NOT have AV software

Basically, their current delivery of endpoint security was being poorly implemented and maintained.    The problem wasn’t their processes, but rather the number of machines they were supporting.  The current strategy had become unmanageable and terribly inefficient.

I don’t typically write “sales oriented” blog posts, but this is a no-brainer.

Here are some thoughts to consider:
  • Most antivirus solutions are domain based and with end-users working virtually, more often, for longer periods of time, you need a solution that can reach out across the Internet.
  • KES is priced so well that we have customers making a couple thousand dollars extra a month without charging their customers anymore than the previous solution.
  • It is easier to manage a single console than a bunch of decentralized consoles.
  • Eminent threats can be mitigated instantly.

One thing I don’t want this post to breed is the typical “this AV software is better than that one”.  I am not claiming that KES is the best AV solution on the market.  I don’t care how AWESOME another AV solution is at finding viruses.  The point I am making is that you can’t insure 100% of your AV agents are working properly 100% of the time without a centralized way to install, run, update, alert, and report back to you. I know some of you may disagree, but if you would rather work on technology than work on your business, well I don’t have a rebuttal for that one.  I do know that the guys working on their business play with their “gobs” of money more than their technology.

Bottom line, I am making a business case, not a technology case here, so please comment accordingly.

Don’t forget to follow Kaseya on Twitter.

10 thoughts on “Endpoint Security Done Poorly!

  1. Chad,

    I disagree. It seems they’re process did break down. If they other system provided the central management and they read their logs they would have known. If the product they had missed the malware, thats another story and a more technical one. AVG does pretty well in tests, but no product is perfect.

    KES definitely would save you time since you already are in that console to manage your clients and you don’t have to another application on a server in their environment to manage it. Ultimately you save your client some money, you save yourself another application to have to manage in their environment. sounds like a win win win. I’m looking forward to the next client that has their AV up for renewal to switch them over.

  2. Raffi, Thanks for the comment. I always try and look at “scale”. What if you had 2,000 machines under management and over 100 customers? Could you build in the processes to insure 100% of those machines had AV software on them? Perhaps. The business argument for me, is that IT departments and IT service organizations should build their management with scale in mind. Any efficiency gained today will pay off tomorrow.

    If you read the boook “The Toyota Way”, it talks about this type of thinking/culture as the foundational basis for Toyota’s success.

    Thanks again for your input.

  3. Hi All
    I welcome this debate as it’s very close to my heart. Unless you fully manage the computer assets of a customer, with a Kaseya agent on every server and workstation, the headaches surrounding endpoint security are neverending. Poor implmentations of a particular vendor suite(which you may have inherited) coupled with a mismanaged Active Directory and inaccurate asset list makes it an expensive and thankless task with an end result of poor protection. This all comes down to one fact. No matter what you use, if you cannot guaratee 100% compliancy, then you cannot guarantee a good service. Getting a client to sign up for agents on all workstations and servers(even if we have had to discount the workstation agents) has allowed us to start using KES, and the early results(if you ignore best of breed arguments) are that finally you can herd some of those cats that were so elusive. So yes, AVG isn’t the best, but the best is useless if you have daily compliancy issues.

  4. Great point Damian. Which leads to a great reminder: When was the last time you scanned the client’s network for new hosts to protect? You’ve gotta get them all if you want to be effective!

  5. Well that question leads me to my next point. Managed services is just sales talk, unless when you mean “partner” with a customer, you both understand and commit to what that demands. Our most successful managed services type customers are those that have fully embraced the outsourcing and rightsourcing of as much of their IT as is practical. We have excellent trust relationships with those and allow open book on the money side to maintain that trust. Customers where the definition of partner means much less, tend not to invest in the relationship which leads to you being outside of the business processes that directly affect IT services. This leads to a slow drive to a 3 year end of relationship if not fixed. I am a firm believer that to get maximum managed services penetration, you have to get the financial decision makers on their own and make your business case without the IT department. It may sound harsh, but whether you mean to offer economies via reducing IT personnel or not, you often get a hostile reaction from middle rank IT managers who equate all managed service with an attempt to right size the IT salary bill. It has taken us a few years to start understanding how to sell managed services, and the one thing that is apparent, is you either have to get an engineer to do it, or completely retrain a traditional IT sales person to a new way of thinking.

  6. By the way, looking forward to the new updates on the AVG/KES. Definately would like a bit more muscle behind its development. Any thought on whether you would sell KES with a free agent, upgradeable to a fully managed agent in order to get over the problem of having to sell a managed services agent plus KES. If mu “in” is end point security, it would be nice to sell just KES, and offer an upgrade to fully managed services off the back of that success instead of the traditional way around.

  7. Well, Managed services is more than just marketing, its an approach or methodology that serves in-house IT departments and MSPs in the same way. It’s about packaging what you deliver with the best tools out there. Kaseya has done a great job with the packaging ESPECIALLY, it seems in the new version!

  8. Couldn’t agree with you more here….actually wrote something up just recently on tullibo.com with similar sentiment, didn’t realise you had something similar!

Leave a Reply

Your email address will not be published. Required fields are marked *