Would an RMM Audit remediate the damage that has been made?

Yes, an Audit would help optimize your RMM Tool. All your patches would be updated, backups will be managed and loopholes that endanger your data would be spotted and remediated.

But what can you do if the issue is from the source itself? What if you have your tool audited and everything is top-notch, yet due to a ransomware attack on the tool, your data is getting compromised? 

This fast-paced digital world has all sorts of benefits but like a coin having two sides, there is a risk too. You can never run away from this, the question is, what preventive measures have you taken to remediate potential threats? 

How safe is your data on the RMM Tool that you use? 

SolarWinds and now Kaseya. The news was doing the rounds last week because of a ransomware attack that led the tool to get compromised. And with it, so did the MSPs and the customers that used it.  

 

Would an RMM Audit have saved your data from being compromised? 

The answer is NO. An Audit of your RMM Tool would not save your data (especially in this case, where it is a problem from the source and not from the customer’s end) but yes it can give you an assurance and a breather that you have everything sorted out from your end. This time around, the breach was from the source itself but at least we, as users, can maintain the tool hygiene from our end.

So, as users, what’s the best we can do? 
Have a backup plan for when things MAY go down the hill.  

 

RMM Audit: What you need to review

We recommend you get your Servers set up and have a backup of all your data present in the RMM tool. 

Here are 8 areas that you should review to check if you have them configured or not: 

  1. Active Issues & Alerts 
  2. Patch Management 
  3. Security Manager- AV 
  4. Backup Management 
  5. Onboarding device and Client 
  6. Automation 
  7. Integration 
  8. Monitoring and Reporting 

 

1) Active Issues and Alerts 

  • Categorize alerts and make a custom dashboard for each category.  
  • Review alerts by categories and confirms error statements.  
  • If possible, create alert solutions by automation or self-healing. Remove false alerts. 

Goal: Your goal here should be to minimize active issues/alerts. Eliminate noise in order to have better visibility of the IT infrastructure. 

 

2) Patch Management

  • Review applied rules, filters, service templates, and profiles for servers
  • Windows Server Patching: Categorize patches, create a patching group, change management, backup important servers prior to patching 
  • Schedule patches and reboot

Goal: Patch compliance report should be optimum 

 

3) Security Manager-AV

  • Check the number of rules created and try to minimize it to a few
  • Review all filters, rules, or templates that have been applied
  • Security update servers must be enabled for customers

Goal: Security – AV compliance report should be optimum

 

4) Backup Management

  • Suggest backup configuration as per best practices
  • Need to review restore plan if any or suggest restore plan as best practices 

Goal: Ensure device backup & restore working properly before facing disaster 

 

5) Onboarding Device and Client

  • Network discovery job must require with recurring option and for all IP Network individually. 
  • Must select appropriate probe device while creating discovery job to fall device under correct customer 

Goal: End goal is that devices fall under respective sites to avoid a messy environment. 

 

6) Automation

  • Add and automate scheduled tasks depending on the usage frequency
  • You can also automate repetitive alerts so that they get automated and resolved as and when they arise

Goal: Reduce active issues & alerts by automating tasks and utilize man-hours to their optimum capacity.

 

7) Integration

  • Review device class mapping on PSA & RMM, billing, and ticketing profile
  • Based on the current PSA configuration, we can suggest any false settingTicketing profile must generate a ticket for configured alerts whose priority can be set 

Goal: Ensure PSA configuration accurate to avoid false ticket generation and use man-hours proactively and Accurate Billing 

 

8) Monitoring & Reporting

  • Review assigned service template as per device classes.
  • Create a report for Asset & Software Inventory, license software inventory

Goal: Identify critical issues based on the nature of the application on the device by creating a custom dashboard and submit reports daily, weekly, or monthly to the client for the RMM activities. 

 

How can we help? 

If you are planning to get your RMM tool audited, we’ll be happy to be of service. 
Owing to the recent threats, Infrassist has decided to help MSPs like yours have a smooth ride. An RMM Audit will show you all the loopholes present in your tool. We will have your systems and network checked and give you actionable recommendations on what you can do to ensure data safety. 

Should you want us to act on the given recommendations, we can do that for you too. But don’t worry, we promise we won’t burn a hole in your pockets.  

You can approach us if you want to have your RMM audited. Feel free to contact us or write a mail to us at partners@infrassist.com

 

 

Nirav Shah
Nirav Shah

Nirav leads technical initiatives at Infrassist that supports MSPs business and crafts services/solutions that help customers improve their overall service quotient. He enjoys working and knowing about technology while handling all the customers with a great level of business acumen.

Thanks For Reading