Debate over the term “zero trust” notwithstanding (critics of the term correctly argue that “zero” is
            a misnomer, and today’s implementations might be more accurately described as “policy-based adaptive

            risk” or similar), MSPs should look for opportunities to onboard customers into ZTA concepts and seek
            to apply zero trust principles like defense in depth, microsegmentation, and just-in-time access to how
            they manage customer environments.


                   To enable MSPs to employ these practices when managing client environments, a future RMM,
            built on zero trust principles, might include features like:

               ·         Zero trust network access to client environments, with a central policy engine authorizing each

                   connection to a client environment as a substitute for today’s unattended remote access

               ·         Conditional access rules to protect key RMM functions like remote access and remote code
                   execution. Trying to connect to a client environment outside of an MSP’s normal business hours?
                   Prompt for multi-factor authentication before authorizing the connection. Trying to connect from

                   outside the U.S.? Block the connection request.

               ·         An allow listing mechanism that only runs scripts that are cryptographically signed by the MSP

               ·         Segmentation of other MSP assets from the RMM platform. Do we really want to integrate
                   credential managers with remote access tools?


                   Zero trust is more than just a marketing buzzphrase; it is a security philosophy that reflects the
            reality that users routinely access corporate data from outside the traditional corporate network, often
            including  third-party  cloud  services,  and  increasingly  on  personal  devices.  Future  iterations  of  RMM

            platforms must build these assumptions (and their attendant security considerations) into the platform.

                       2.  The Right Amount of Remote Access

                   Perhaps the most-used feature of RMM platforms is unattended remote access (screen sharing,
            file  transfer,  remote  code  execution).  The  ability  to  seamlessly  hop  on  screen  with  a  customer  to

            troubleshoot an IT issue is considered a fundamental capability for an MSP. Particularly among small
            businesses, customers “just want things to work” and don’t want to be burdened with security processes
            or protocol.Today’s security realities warrant pushing back on these  assumptions, at least until more

            secure iterations of RMM platforms are available. In the interim, the following practices for managing
            remote access may be justified to protect an MSP’s client base, even if there are some trade-offs with

            convenience.










            Cyber Defense eMagazine – June 2021 Edition                                                                                                                                                                                                92
            Copyright © 2021, Cyber Defense Magazine.  All rights reserved worldwide.