Skip to main content
SolarWinds MSP
  • Login
  • Support
  • Partnerships
    • Solution Provider Program
    • Technology Alliance Program
SolarWinds MSP
  • Products
    • Remote Monitoring & Management Protect your customers with a platform from the global leader in monitoring and management.
    • Backup & Recovery Manage backup for servers, workstations, applications, and business documents from one cloud-based dashboard.
    • Mail Protection & Archiving Protect users from email threats and downtime.
    • Password Management Easily adopt and demonstrate best practice password and documentation management workflows.
      • Passportal Demo
    • PSA & Ticketing Manage ticketing, reporting, and billing to increase helpdesk efficiency.
    • Threat Monitoring Detect, respond to, and report on threats across your managed networks.
    • Remote Support Help support customers and their devices with remote support tools designed to be fast and powerful.
  • Solutions

    I'm looking to...

    I'm looking for...

    • Drive Efficiency with Automation
    • Manage my MSP Business More Efficiently
    • Manage my IT Department More Efficiently
    • Layered Security
    • Data-Driven Insights
    • Cross-Platform Support
  • Resources

    Webcasts & Events

    Resource Center

    • Ask the N-Central Experts
    • Daily Live Demos
    • Backup Foundations Training
    • RMM Foundations Training
    • Upcoming Events
    • Upcoming Webcasts
    • Resource Library
      • Case Studies
      • Product Information
      • eBooks
      • White Papers
      • Infographics
    • SolarWinds MSP Free Tools
    • GDPR Resource Center
    • Security Resource Center
    • MSP Institute Webinar Series
    • MSP Advice Project
  • About
    • Contact
    • Worldwide sales and support
    • Careers
    • Awards and Recognition
    • Get A Quote
    • Newsroom
      • Press Releases
      • In The News
      • Media Contacts
    • Leadership Team
    • Legal
      • Cookie Policy
      • Privacy Notice
      • Software Services Agreement
      • Terms of Use
      • Backup Fair Use Policy
    • Security
      • SolarWinds Security Statement
      • Vendor Data Protection Requirements
    • Support
  • Blog
  • Contact Sales
    • Get A Quote
    • General Inquiry
  • TRY NOW
    • SolarWinds RMM
    • SolarWinds Backup
    • MSP Manager
    • SolarWinds Passportal
    • SolarWinds Mail Assure
    • SolarWinds Risk Intelligence
    • SolarWinds Take Control
Filter Blogs
  • Filter by:
  • MSP Business
    • Automation
    • Backup & Disaster Recovery
    • Security-series
    • Best Practices
    • Business
    • Business Growth
    • Business Risk
    • Cloud Computing
    • Customer Service
    • Cybersecurity
    • Cybersecurity Awareness Month
    • Data
    • GDPR
    • Internet of Things
    • IT Support
    • ITSM
    • LOGICcards
    • Machine Learning
    • Mail
    • Managed Services
    • Marketing
    • Mobile
    • Networking
    • Operations
    • Podcast
    • Product
    • PSA
    • Remote Management
    • Research & Trends
    • Risk Intelligence
    • Security
    • Security Vlog
    • Service Desk
    • Services & Support
    • Tips & Advice
    • Training
Home Blog MSP Business Remote Management Securing Your Remote Access—Are You Managing Logins Effectively?
Remote Management

Securing Your Remote Access—Are You Managing Logins Effectively?

By Gerry O'Donnell
23 October, 2018

As managed service providers (MSPs), you work diligently to protect both yourselves and your customers against compromise by adopting a layered security strategy. But are you taking the level of care you should with your remote access solution? 

Guarding the gateway to your customers' resources

guardingdoor.jpgYour remote access tool—whatever it may be—is a gateway to your customers’ resources: their machines, their IP, and, ultimately, their data. What steps do you take to ensure your remote access tool is working to maintain the integrity and trust you’ve worked so hard to earn? Let’s talk a bit about layered security and look at some of the key areas you need to consider when it comes to ensuring the remote access tool is part of your security armor and not your Achilles heel.

The first area we want to look at is the perimeter of the solution: the login. 

Nearly every web-based application we use today needs a login—usually a username and password—to get you started. In the case of your remote access solution, this login provides you with immediate access to all your client resources, as well as giving insights into your team’s activities. You need to vigilantly protect all of these. 

As a starting point, some form of multifactor authentication is essential. This means, in addition to the usual username and password combination, you should also use something like a time-based, one-time passcode, which can be retrieved via an authenticator app in order to get into your remote access tool. This way (almost regardless of how strong your passwords may be or who may be trying to misuse your credentials if they fall into the wrong hands) your account is still protected. Two-factor authentication is a great way to do this.

You also need to know what safeguards are in place around how those credentials are being stored. SolarWinds® Take Control™ uses the SolarWinds single sign-on (SSO) system, which allows us to store login details in accordance with the best industry standards. Furthermore, SSO enables you to  seamlessly navigate between different SolarWinds MSP applications with one set of credentials. 

Once you feel you have the perimeter of your remote access system secured, you should look at the perimeter security of your clients’ devices themselves, including your list of installed devices. 

Handling your customers' data securely 

handlingdata.jpgHere’s why: The moment a member of your team needs to know a customer machine’s password, or perhaps even the password(s) associated with an escalated account, such as a local admin or even a domain/enterprise admin account (yikes!), it is immediately incumbent upon that person to handle that data with the utmost discretion and sensitivity. A security breach at this stage could not only have devastating consequences for your customer, but could result in you losing their business.

How do your techs tackle these challenges? Do they have robust protocols to follow? If not, this part of your process should take priority. 

Take Control allows you to store anything—from a master password, or a note or set of notes, to username/password pairings—in a Secrets Vault. These vaults are fully managed, and manageable, and your data can only be decrypted using your own key, providing a robust solution for the secure storage of data. You also have full management capabilities—including permissions and device and technician grouping. And with every action logged, you also have great auditability.

The data itself is stored using multiple layers of encryption, the final one a password unique to each technician with access to the Vault. The data is secured using a multifaceted implementation of the AES-256 algorithm and your password is essential to make the decryption. This means even if the Take Control database was compromised, an attacker could not decrypt your data without the correct password. 

What’s more, the use of these keys is strictly limited to the Take Control Viewer application. Other mainstream password management solutions necessitate copying a secured string to your clipboard, but the Take Control vault only delivers the secrets directly to an in-session viewer. This means secure data is delivered with the utmost discretion and integrity directly to the target endpoint with no middleman. Not only is the data more secure, the possibilities of misuse are, by both necessity and design, extremely low. 

So in addition to helping you manage the perimeter of your remote access solution, Take Control also helps you manage the perimeter of your customers’ networks, helping secure their trust—as well as their systems. 

In my next blog, I’ll look at what sort of things you need to consider when selecting a remote access tool.

 

Gerry O’Donnell is the product manager for the SolarWinds Take Control system and RMM products.

 

Other blogs in this series:

Remote Access—Is Security Built into the DNA of Your Solution?

Remote Access—Ensuring Best Practices at Every Turn

 

To find out more about how SolarWinds Take Control can help you secure your and your customers’ remote access, click here.

 

The SolarWinds and SolarWinds MSP trademarks, service marks, and logos are the exclusive property of SolarWinds MSP Canada ULC, SolarWinds MSP UK Ltd. or its affiliates.  All other trademarks are the property of their respective owners.

 

You might also like...

Remote Management

What to Look for When Choosing a Password Management Solution

Remote Management

Remote Access—Ensuring Best Practices at Every Turn

Remote Management

Remote Access—Is Security Built into the DNA of Your Solution?

Remote Management

9 Advantages to using Remote Support tools for an IT Support Company/Consultant

Remote Management

RMM Essentials—What is it and why do you need one?

Managed Services

RMM Survey reveals 3 big insights about delivering better managed services 

Want to stay up to date?

Get the latest MSP tips, tricks, and ideas sent to your inbox each week.

Loading form....

If the form does not load in a few seconds, it is probably because your browser is using Tracking Protection. This is either an Ad Blocker plug-in or your browser is in private mode. Please allow tracking on this page to request a subscription.

Note: Firefox users may see a shield icon to the left of the URL in the address bar. Click on this to disable tracking protection for this session/site

Recent Posts

  • 3 Ways to Say Goodbye to a Problem Customer
  • Taking the Fear Out of Backup and Recovery
  • Find Out Which SEO Keywords Your Competitors are Using
  • Why MSPs Should Team Up with MSSPs
  • Why Properly Documenting Non-Technical Conversations and Decisions is Essential

Categories:

  • Business Growth (421)
  • Security (346)
  • Tips & Advice (334)
  • Managed Services (303)
  • Best Practices (247)
  • Business (214)
  • Cybersecurity (194)
  • Backup & Disaster Recovery (117)
  • IT Support (109)
  • ITSM (78)
  • Data (64)
  • Product (63)
  • Cloud Computing (61)
  • Marketing (57)
  • Mail (53)
  • Networking (34)
  • Risk Intelligence (31)
  • Customer Service (29)
  • Remote Management (27)
  • Automation (19)
  • GDPR (17)
  • Operations (16)
  • Services & Support (16)
  • Service Desk (15)
  • Research & Trends (14)
  • PSA (12)
  • Business Risk (12)
  • Internet of Things (11)
  • Mobile (11)
  • Training (11)
  • Security-series (8)
  • Cybersecurity Awareness Month (6)
  • LOGICcards (4)
  • Machine Learning (3)
Show moreless
SolarWinds MSP

© SolarWinds MSP Canada ULC and SolarWinds MSP UK Ltd.
All Rights Reserved.

Products

  • SolarWinds RMM
  • SolarWinds N-central
  • SolarWinds Backup
  • SolarWinds MSP Manager
  • SolarWinds Mail Assure
  • SolarWinds Risk Intelligence
  • SolarWinds Take Control
  • SolarWinds Threat Monitor
  • SolarWinds Passportal

Solutions

  • How We Help MSPs
  • Layered Security
  • Cross-Platform Support
  • Data-Driven Insights

About

  • About Us
  • Careers
  • Newsroom
  • Leadership Team
  • Upcoming Events
  • Privacy
  • Legal
  • Security
  • Subscription Preferences
  • SolarWinds

Support

  • SolarWinds RMM
  • Solarwinds N-central
  • SolarWinds Backup
  • SolarWinds Mail Assure
  • SolarWinds Take Control
  • SolarWinds MSP Manager
  • Solarwinds Risk Intelligence
  • Solarwinds Threat Monitor
  • SolarWinds Passportal
  • SolarWinds Take Control Downloads
  • Backup & Recovery Downloads
  • Sitemap
  • Service Status