Endpoint security is nonnegotiable and critical. Kaseya Chief Technology Officer Dana Epp made this clear in his advice to MSPs on how to secure their clients’ endpoints at Kaseya’s Connect conference earlier this year.
Referring to the authoritative annual Verizon Data Breach Report, Epp explained that a mere 10 vulnerabilities were responsible for 85 percent of all successful exploits. The crazy part is that six out of these 10 vulnerabilities should have been known, understood, and fully defended against – that is because these six were disclosed between 1999 and 2003!
According to Epp, to truly protect endpoints against these and other vulnerabilities IT, MSPs need to “approach the problem with a different way of thinking.” A good place to start is with the NIST Cybersecurity Framework, which you can see in the graphic below.
Kaseya has a security framework and set of tools that is in line with the NIST approach. The solutions here are part of Kaseya IT Complete, an integrated set of solutions that make IT infrastructure safer, more secure, and far easier to manage. Here is the Kaseya take:
Epps walked through key aspects of Identify.
Discovery: Find authorized and unauthorized devices and software across your client’s infrastructure, and categorize them more reliably into a robust asset inventory system.
Audit: Continuously scan workstations and servers looking for changes in hardware and software to maintain an up-to-date asset inventory.
Monitor: Watch for changes found by audit within your client’s infrastructure, and take action to remediate problems or apply technical processes and policies to manage changing assets effectively.
Once you know what you have, and can keep tabs on asset changes, you need to protect them.
Here is Epp’s take on how Kaseya, and IT Complete, provides this protection:
Identity and Access Management: Ensure that the people who need access to sensitive systems and information are actually who they say they are, and they are accessing information securely.
Antivirus and anti-malware: Defend against the vile and villainy of the internet with complete protection on networks and beyond from potentially dangerous programs and network attacks.
Software management: Maintain the health of your servers, workstations, and remote computers with the latest installations and patches of the operating systems and applications you manage.
Backup and recovery: Implement real-time automated local or remote backups for files, folders, and virtual and physical machines to ensure business continuity in the most dire of times.
When it comes to Detection, Epp suggests that you “tune for silence and watch for noise.” He recommends performing compliance profiling for your antivirus and anti-malware software and patching.
Next on the agenda is responding. Here are some items to consider:
Policy-based automation: Set up policy-based profiles that can be automatically applied when certain conditions are met.
Workflow automation: Execute predefined workflows that meet your defined best practices based on alarms and triggers.
Alert management: Configure alerts to activate the processes you use for incident response, including script automation.
Agent procedures: Defend against the nefarious side of the internet with complete protection on networks and beyond from potentially dangerous programs and network attacks.
When it comes time to recover, a picture from Epp is worth a thousand words, as he outlines five steps to good recovery.
Kaseya VSA and Endpoint Protection
VSA delivers the industry’s fastest, most reliable and functionally complete remote monitoring and management to reimagine the technician experience through:
- Real Time Visibility: Live Connect module delivers immediate, comprehensive, and real-time visibility into every aspect of an endpoint such as CPU utilization, application processes, services, disk utilization, activity metrics, and service tickets — without interrupting the end user’s system.
- Fast Remote Control: VSA’s remote control is accessible within Live Connect to enable rapid resolution of complex device problems by technicians.
- Reduced Site Visits: New Kaseya VSA and Intel vPro integration enables non-responsive PCs or kiosks to be repaired remotely without the cost or delays associated with a site visit.
- Extensible Automation: Technicians can leverage an extensible library of automated procedures to address common issues, such as rebooting, disk cleanup, service restarts, or clearing registry problems.
- Improved Technician Multi-tasking and Efficiency: Technicians can simultaneously monitor multiple devices, quickly toggle between remote sessions, and quickly zero-in to resolve issues.
- New Technician Experience: Live Connect employs Google’s Material Design guidelines to deliver a modern, clean, and intuitive interface, which further increases efficiency and dramatically reduces staff training requirements.
Learn more about VSA here.