Back to Blog

Avoid dangerous MSP practices!

business security Sep 09, 2022

Fixing how you manage your passwords as an MSP is only part of the solution to a big problem that I see throughout our industry. It’s a big part of fixing that problem, but it’s not all. Therefore after discovering the Keeper MSP Password Manager recently, I thought I’d dig a little into the other services that Keeper offers.

 

I came across an interesting one called Keeper Connections Manager, which looks like a fix for a problem that typically follows after solving the password problem. One I and pretty much every MSP, IT business I know will have or will have been through at some point. That problem is to provide access to your clients’ devices securely. Now I know the ways around this; it’s pretty much what most of us have been doing for the last decade.

  • Create unique user accounts
  • Provide access via remote access tools, or perhaps TeamViewer, through a VPN or direct RDP access.

I’ve even seen remote desktop shortcuts saved into a central folder with pre-saved usernames and passwords - PRE-SAVED! That’s about as dangerous as it gets. These ways of connecting are inherently insecure, with a whole company using the same admin account to log in without knowing who’s connected.

Still, in 2022, I’m hearing companies get hacked because some poorly trained IT company has left port 3389 open to the world - there needs to be a better way of managing and securing these clients. That is precisely where Keeper Connections Manager comes in. So firstly, what does Connections Manager do? In a nutshell, it lets you and your team securely connect to remote resources, like your clients’ services and other infrastructure, via RDP, SSH, and other protocols.

 

You can also configure this to sign in, where your staff won’t even know what username and password are being used. This feature alone helps avoid those moments where one of your team leaves, and now you have to go back through and change all the passwords on systems they’ve recently connected to. KCM can pull those passwords from Keepers MSP Password Manager to ensure passwords are still kept safe and secure within your business. So please, please, please, if you are running a business, whether it’s an IT or MSP Business, or any other business, and you are opening up firewall ports for 3389 so that you or your customers’ servers and services are directly accessible over the web, stop before you get that company hacked, it’s literally only a matter of time.

 

I still hear this happen right now, YEARS after I thought we’d all learned that was a bad thing to do. Bad thing! This is exactly what Keeper helps solve. Firstly, you can install Keeper Connections Manager locally on your network, or probably nowadays; it’s best secured in the cloud as a virtual machine - as long as you properly secure this device with strict firewall rules.

 

Keeper Connections Manager lets you set permissions around who can access what resources. More importantly, it allows you to track who has connected and when and even enables you to record their sessions. This checks a big box for specific regulations and compliance, let alone allows you to run a tighter ship regarding your business’s security. No longer do you need to worry that a disgruntled employee will do something damaging, intentional or not, because it’s all logged, all recorded, and with more information comes a better overall service.

 

This system also runs without installing any agents or clients installed onto your customers’ devices as it connects with the standard protocols into each system, and all of this is accessed via the web browser. Another good piece of news for MSPs is that all of this can be tied in with SAML Authentication, so you and your team can sign in with your Azure credentials, which means no messing about with managing yet another set of accounts for your team. You can set restrictions on these accounts to prevent them from using resources outside of regular working hours to secure those accounts even further.

You can also add users to groups to provide access to only the resources they need and not - as I see all too many times, give junior staff access to critical infrastructure that should only be accessed by more senior staff. For those times when your techs get stuck on something, you can use the session collaboration features in Keeper Connections Manager to let multiple people work on an issue whilst one person takes the lead and the other watches. For those interested, you can sign up using the link below.

If there’s something that all tech companies need to take more care of, it’s their internal security.

You must be using some form of a password manager - not an excel spreadsheet, not a shared OneNote document, but a proper password manager, like Keeper’s MSP Password Manager.

Once you’ve done that, I’d recommend you check out Keepers Connection Manager to protect your business from the ever-evolving threats we face.

 

🛒 Get Keeper Connection Manager now!: https://geni.us/KeeperCM

This. But in your Inbox!

Get the latest Blogs, Resources, Templates and Courses straight to your Inbox. 

We hate SPAM. We will never sell your information, for any reason.