Remote Support
Remote Access
Monitoring and Management
Presentation
Remote Work
Standard
Business
EnterpriseThe SolarWinds incident alone should highlight the risks with any automated tools.
There are risks with all automation. I feel like SimpleHelp has evolved itâs security to mitigate most issues. Provided the end user enforces good policy to back it up.
Never leave the tech console logged in and unattended. ESPECIALLY where the technician app is installed on a mobile device.
Enable MFA.
Never use the primary admin account for day to day.
Enable session timeouts
Make sure the device that is running the technician app is properly protected and secured.
The above is not a comprehensive list of security items but a good starting point.
3 Likes
My main client recently underwent a two-day in-depth security review. 52 action points ranging from an hour to monthsâŚ
Rob: Anything of general applicability that might be good for all to think about? 
Yay! I actually do all those things. The session timeouts are a pain, but I set them like that for a reason.
Another thing we practise: If you are on site, never be tempted to use a customer PC for remote support, just because you happen to be in front of it. Use your own laptop or tablet, or nothing at all.
Yes - MFA must be available and used on all systems where there is reputational, operational and security risks. A right pain as my main client has identified 150 web based systems already where there may be even a little bit of their clients data.
Many of them donât offer MFA/2FA so are at risk of being banned. Worryingly, there are several major systems that donât offer 2FA.
Oh, MFA for sure. Was wondering if anything in those 52 action points were suggestions useful for others in general
- Review all systems from operational, reputational and security POV
- Have a business continuity plan for each and actually test it
- Train and re-train staff - security is a mindset
- Only allow approved software to be installed
- Remove access to systems when no longer needed
- Implement a password manager to allow you to revoke system access for leavers
- Ban USB drives
1 Like