Building MSSP Customer Resilience With N‑able N‑sight

The IT security landscape has been fundamentally transformed with the advent of cryptocurrencies, which have enabled hackers to easily monetize their activities without being tracked. This is one of the key drivers behind ransomware attacks becoming more numerous and more frequent.
At the same time the options for the attacked companies are limited—they can restore data from backups, decrypt data if backups are lost, or in the worst case pay a ransom. This is why companies need to deploy a defense in depth strategy, using a range of security solutions to detect vulnerabilities/suspicious activity and remediate any potential issues before they become a problem. However, simply installing these solutions is not enough, the need to be properly configured, and ensuring this is the case is one of the most effective tools MSPs can offer to help protect their customers.
The integrity of individual solutions should be tested using simulated attacks, which will help to validate them and ensure they can face real attacks. Only once this has been done should they be rolled out to customers. A fundamental problem in many organizations is there is often a mismatch between what companies would like to have set up and what is actually set up.
“It doesn’t work to think you can just buy a security tool and that will solve all your customer’s security problems once and for all. If it’s not confirmed that the solution is working as requested and they are attacked by a hacker anyway, you’re going to face some serious questions. We try to warn our customers against too high expectations and help them set up their IT security solutions correctly, so they work in the real world,” says Martin Melich, Executive Director and Co-Founder of Czech Republic-based PATRON-IT.
For this reason, PATRON-IT has been building a monitoring system for many years that not only tracks traditional data such as disk space or server performance, but also monitors how well security measures are being executed within the customer‘s environment. To do this, they use the cloud-based N‑able N‑sight RMM platform, supplied by Zebra Systems, and their own advanced scripts built on top of it, which together form a comprehensive monitoring tool. In this way, they have essentially created a continuous auditing solution, where the most common exploits and current threats detected are tested, and the customer’s entire environment is automated.
Monitoring the customer environment
The primary function of the entire solution is monitoring. PATRON-IT tries to monitor everything that will help with the prevention or early detection of vulnerabilities. The system monitors the whole IT infrastructure including servers, workstations, storage, UPS, switches, routers, cameras, and wi-fi APs as well as checking for unknown device detection. If this was to be done manually it would potentially take days, however the company’s automation policies mean the system can do a sweep of an entire environment approximately every five minutes.
Since the company’s main business is to prevent existing customers from attacks, the modified RMM solution is deployed at all customers for monitoring and auditing. Additionally, antivirus, backup, management tools, etc. are also part of the protection.
Update and asset management
As N‑sight RMM has an integrated patch management feature, it is also used for regular updates. And because everything is in one console it is quicker to learn, and requires fewer “agents” on the endpoints. On top of this, there are local caches at the customer sites (so the network is clogged by multiple computers downloading the same update separately), and software updates are performed both from Microsoft and other software vendors.
The PATRON-IT monitoring system also handles asset management, with the system providing a report on all a customer’s servers, PCs, laptops (including configuration), and network devices (routers, switches, cameras, phones, Wifi APs and other boxes). It’s useful to have an overview of the equipment a customer has, and it doesn’t cost any extra time or work. If a customer wants to know what their IT environment is like, what machines might need replacing soon, or is just looking to see what PCs have certain software installed, this report quickly provides that insight.
“N‑sight RMM is a great start, but installation was just the beginning. To use its monitoring capabilities to the full, you need to be clear about what is going to be monitored, how it is going to be monitored, and how the system is going to alert for errors. We have been using the system since 2013 and we are among the top users in the Czech Republic and Slovakia. During that time, we have gained a lot of experience with the system and have modified it quite significantly, and increased satisfaction of ourselves and our customers,” adds Martin Melich.
PATRON-IT is one of the most respected Czech companies specializing in IT security. Its main business activity is the delivery of SaaS (Security as a Service) services helping to guard customers against attacks. The company also solves urgent ransomware attacks, when provides data decryption, crisis management or ransom negotiations. PATRON-IT procures security tools available on the market, customize and enhances them and delivers to its customers in the form of MSSP.
Find out more about how N‑able N‑sight can help your MSP business.
© N‑able Solutions ULC e N‑able Technologies Ltd. Todos os direitos reservados.
Este documento é fornecido apenas para fins informativos e não deve servir de base para aconselhamento jurídico. A N‑able não oferece nenhuma garantia, expressa ou implícita, nem assume qualquer responsabilidade legal ou responsabilidade pela precisão, integralidade ou utilidade de qualquer informação nele contido.
As marcas N-ABLE, N-CENTRAL e outras marcas registradas e logotipos N‑able são de propriedade exclusiva da N‑able Solutions ULC e da N‑able Technologies Ltd e podem ser marcas legais comuns, registradas ou de registro pendente com o Escritório de Marcas e Patentes dos EUA e com outros países. Todas as outras marcas comerciais mencionadas neste documento são usadas apenas para fins de identificação e são marcas comerciais (e poderão ser marcas registradas) de suas respectivas empresas.