Welcome back! If you haven’t read part 1 about “Defence in Depth” please check it out, otherwise let’s look at the next stage of defence in the cyber security theatre of war.
Remote Monitoring and Management (RMM)
RMM is a toolbox of programs, a swiss army package, taking care of lots of tasks which historically would have been taken care of by onsite IT staff. Not only does it allow IT support easy access to resolve issues, it monitors networks for suspicious activity, keeps track of updates for many programs and integrates with lots of common platforms for easy deployment. An engineer doing these tasks manually (i.e. the old way) would take many hours, bouncing from PC to PC running updates and installing programs. This was very disruptive for the poor users. RMM does away with this, sitting patiently while ensuring everything is up to date and protected as much as possible.
Quicker Assistance
RMM allows for remote assistance, remote control and communication. In many cases the user does not need to do anything, and can potentially keep working while RMM works in the background. In cases where this is not possible, it is vital to get the problem in front of the right person, and RMM allows engineers instant access to any computer it monitors.
Damage Control
RMM monitoring looks for suspicious network and computer activity. In the event of ransomware infiltration which was not otherwise prevented, RMM will segregate a PC from the network to prevent further spread. Since this is automatic, a human would find it hard to perform as efficiently.
We recommend this to all of our clients. It is the second line of defence against ransomware, the first is not to get hooked in in the first place. See Defence in Depth part 1.
Ben Parker – byline and other articles
Photo by Pixabay
