Positioning your cybersecurity investment for a remote workforce: Tier 2 - Remote management of endpoint security

Next story
Rene Holt

In my previous blog, I discussed the first tier of a three-tiered risk assessment that can help small and medium-sized businesses (SMBs) better position their security investment against the cyber risks they face. Businesses that reach the first tier are using business-grade endpoint security to protect their employees. In the second tier, I turn to the remote management of the security of endpoints.


The remote management pitfall – RDP

When you’ve finally made the jump and purchased subscriptions for reliable, business-grade security software, your next step is to set up a managed network. You should keep on top of the security of devices located not just in your office, but also outside of it. Perhaps you’ve heard about Remote Desktop Protocol (RDP), a handy tool for admins to connect to employee notebooks over remote networks.

But beware: RDP is as much a temptation and risk as it is a solution for remote management of endpoint security. Using RDP exposes your business to serious security risks. Hackers are known to probe for RDP ports exposed over the internet that they can attack via brute force. Therefore, turning RDP off and using a more resilient management solution that provides better security brings us to the solutions offered in Tier 2.

Tier 2 – Visibility into employee devices is established via robust endpoint security remote management tools

For remote management of endpoint security, it is best to leverage tools like ESET Cloud Administrator (ECA) or ESET Security Management Center (ESMC). These tools are secure and provide real-time visibility, reporting and other important management features.

For SMBs that need to remotely manage 50 seats or less, the most agile and pain-free solution is to use ESET Cloud Administrator. ECA helps SMBs easily manage their employees’ devices by allowing ESET to do the hard work of maintaining servers and infrastructure in the cloud, while allowing businesses to focus on the continuity issues that they need to face.

Businesses that need more advanced capabilities can choose to build their management infrastructure on-premises and install ESET Security Management Center. Managing devices located outside your corporate network via ESMC is possible with some setup.

See this knowledge base article for remote management setup in ESMC.

Alternatively, it is also possible to deploy ESET Security Management Center in Microsoft’s Azure Cloud infrastructure. This solution allows businesses to leverage the full might of remote management – all from the cloud.

How does remote management improve security and efficiency?

Especially in a remote work era, remote management tools are crucial to help businesses ensure that patches are being installed, configurations can be made and malware is being blocked on endpoints – all in a timely and secure manner.

For IT staff, remote management provides at least three distinct advantages:

  1. Security solution software can be pushed out to each endpoint remotely from the IT admin’s dashboard, rather than having to be installed with the admin physically present.
  2. Subsequent configuration, updates and monitoring of the security of endpoints becomes centralized, making it possible for IT staff to work far more efficiently than if they had to manage each endpoint separately.
  3. IT admins can connect to all individual endpoints, whether they are located inside or outside your corporate network – a game-changing advantage for adapting to conditions brought about by COVID-19 regulations.

The risks of not setting up a managed network come from making it difficult for IT staff to work efficiently and more easily maintain the security and compliance of your business with data privacy regulations. There are considerable risks from putting too great a trust in individual employees to cope with the myriad tricks, malware and vulnerabilities that hackers are leveraging every day.

You don’t want your employees opening up their RDP ports, downloading from torrent sites, using cracked applications or failing to update their devices. Make sure that doesn’t happen by using a secure remote management solution.

Mobile device management

In an increasingly mobile world, one of the key capabilities of ESET Security Management Center is managing mobile devices, including iOS. Remember, Apple mobile devices, unlike Android ones, cannot be protected by antivirus apps. Businesses need to use a management solution capable of deploying configuration profiles that will enforce best security practices on iOS devices. Available as an extra module in ESMC, that’s exactly what ESET Mobile Device Management offers to businesses.

Of course, the remote monitoring landscape is much more complex, including possibilities to use remote monitoring and management (RMM) tools – popular with managed service providers. ESET provides a variety of RMM plug-ins to allow managed service providers to administer ESET security products remotely from their favorite dashboard, whether that is NinjaRMM, ConnectWise, Datto or SolarWinds.

In the next article, I will explore the Tier 3 business add-ons designed to help businesses address specific risks pertinent to high-sensitivity/highly regulated data or other digital assets.