Page 93 - Cyber Defense eMagazine forJune 2021
P. 93
· Rethinking Unattended Access
Day-to-day desktop support in client environments should not require unattended access. What
if user support were instead conducted as attended support, with the end user requesting and
authorizing remote access at the time of need? By requiring user consent (that cannot be
overridden by checking a box in the RMM) to connect to or execute commands on user desktop
environments, the ability of an attacker to leverage an RMM platform to breach many customers
at once is greatly hampered. For endpoints that truly require unattended access, MSPs could use
privileged access workstations (PAWs) to connect to dedicated “jump boxes” within customer
environments. By segmenting and protecting the vectors for remote access into a client
environment, an MSP demonstrates their understanding that with great power comes great
responsibility.
· Utilizing Just-In-Time Access
Minimizing the number of always-on administrator accounts is a key component of managing
privileged identities. As stewards of their customers’ security posture, MSPs should insist on
reducing the attack surface of always-on, unattended remote access into customer environments.
As Dan Ritch explores in the Thycotic cyber security blog, The Lockdown, Just-In-Time (JIT)
access seeks to authorize privileged access only when it is required, protecting against
compromised administrator accounts and providing an audit trail for privileged access. A future
RMM built on JIT principles should include a mechanism for the customer to review, authorize,
and log requests from the MSP before granting privileged access to the environment.
· Managing Single-Tenant Customer Environments
Do MSPs really need consolidated access to customer environments through a single pane of
glass, or could they administer customer environments individually without much of a trade-off
with efficiency? When it comes to the cloud, MSPs are already doing this. Today’s RMMs do not
support meaningful management of cloud-native environments such as Microsoft Azure and
Office 365. Emerging tools such as Microsoft 365 Lighthouse aim to bridge the gap, but MSPs
may be wise to reconsider the necessity of aggregating all customer environments and seek out
different styles of management.
3. Modernizing IT Service Operations Through DevOps
It’s not just a problem of tooling. As an industry, MSPs are overdue for an upgrade of their internal
processes and practices. Observing enterprise trends in IT operations over the last 5-10 years may prove
useful for breaking out of the “locked-in” mindset that RMM ecosystems can perpetuate. Specifically:
Cyber Defense eMagazine – June 2021 Edition 93
Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.