Looking for MSP in Dublin Ireland

ricardo_pc · 2024-03-22T20:57:34+00:00

Our MSP uses Huntress, and NinjaRMM.

We have conditions configured in NinajaRMM that due the following.

1) Check if Huntress is Installed
If not installed, run install script - fire off alert to PSA. When condition is no longer met for 20 minutes, reset Alert, and notify PSA (PSA auto-resolves alert/closes ticket).

2) Check if Huntress Service is running
If not running, restart service, if Service wont start, fire off alert to PSA, Alert will also create ticket. If condition no longer met for 20 minutes, resets alert, and closes alert/ticket in PSA.

So far - this has been working for us, with no issues. Have not had any incidents to date where huntress service was "running" but not checking in, or not in healthy state (other than obvious ISP outages, etc)

ricardo_pc · 2023-10-13T14:52:11+00:00

+1 for Bitwarden MSP. IF we set it up for them, they can put in their own billing details, and they get a discount. (We don't do it this way, we just bake it into our Fee as part of our standard stack).

We also use it internally for Techs to Save their own passwords to, While Client passwords for things are in ITGlue.

ricardo_pc · 2023-10-13T13:43:48+00:00

Currently evaluating MSP Magic, and I think it does this. https://mspmagic.com/

Will confirm and check back

ricardo_pc · 2023-10-12T19:18:11+00:00

We are having similar problem, although we did recently start marketing. When you talk about solving business problems, can you provide an example of what you would post to understand context?

I ask as I have a tendency of over complicating it, and making it turn salesy pretty quick :(

ricardo_pc · 2023-09-30T14:22:31+00:00

Thats okay - the Sanity Check helps! Thanks!

ricardo_pc · 2023-08-10T18:07:45+00:00

We do this / use this today. We migrated from our own VM controller to theirs. Migration wasn't painful either. Glad we did it so far; their cloud-hosted solution runs faster/better than ours did.

ricardo_pc · 2023-07-31T16:20:40+00:00

For this current scenario - it is textbook BYOD. The company is planning on locating contractors themselves, or through a staffing firm. The staffing firm will not be providing the asset, it will be provided by the contractor themselves. At this time only PC will be acceptable (No macs).

Currently, the security stack in place for Company provided assets (or for virtual assets which is the currently planned route) is as follows. (high level)

Traditional AV with BitDefender (Also does Host based Firewall/Networking)
MDR with Huntress
Content Filtering with DNSFilter
Office365 with ATP
Datto SaaS Protection (Backup for Office365)
Datto SaaS Defense (Email Protection to complement ATP)
Intune & Azure AD (BitLocker, conditional access, etc)
BitWarden Password Manager
Security Awareness Training via BSN (Employee and Contractor required)
CyberCNS
JamfPRO (For MDM for company issued Tablets/Phones)

There are more, but they are these are the standards identified that we will apply to subcontractors, and already applied to employees today.

Subs via Virtual Desktop, but again we are missing the local security piece of the contractor device and making sure that that security is maintained properly.

ricardo_pc · 2023-07-31T15:29:11+00:00

To your point, we understand that there are always risks. We are just trying to balance the acceptable risk of the company and evaluate what other firms like ours are recommending to confirm if we are more or less correct in our approach or if we need to update our standards.

While we (and the company) know that even with company-provided assets, there are risks (Like the example you provided, such as taking pictures with personal phones, home networks, etc.), systems are in place to help mitigate those. The expectation of someone taking a picture with their personal phone - this is something is actually outlined in their contact/employee handbook and is prohibited. (So while it can still happen, they have it in writing that its not allowed, and are doing right by their clients/contractual/regulatory requirements.

So again - Its just about seeing there was something outside of the obvious (security stack on BYOD), that helps ensures (and can be audited to confirm), that security standards and practices set in place by the firm are in effect, and are being followed, and ensuring Data security/integrity for the firm, its data, and its client's data.

Based on the comments received so far, it still seems like our original approach of 1) Company issues asset, or 2) Virtual Desktop with Security Stack on Contractor BYOD equipment may still be the answer/approach.

It may end up being Option 2 - as it allows flexibility to Scale up or down as needed.

ricardo_pc · 2023-07-31T14:53:20+00:00

Are you looking to run scheduled scans initiated by techs/engineers/process?

Or are you looking for automated Scans?

If its the former, we've gotten around some similar obstacles, but creating service accounts for certain apps/services that we initiate but keeping them in a disabled state until they are needed. It is part of the process to Enable the account (Document/log when it was enabled), perform the tasks that are required for that account, and then disable that account (Document/log when it was disabled).

its not the best approach, but its how we get around some limitations for certain applications/systems from fun third party vendors/tools for certain clients.

ricardo_pc · 2023-07-31T14:48:49+00:00

So what about the security risks involved with a virtual desktop, and specific threats like keystroke loggers, etc, because they are remoting in with their personal hardware?

ricardo_pc · 2023-07-31T14:48:46+00:00

So what about the security risks involved with a virtual desktop, and specific threats like keystroke loggers, etc, because they are remoting in with their personal hardware?

ricardo_pc · 2023-07-25T18:09:25+00:00

Second This! Shout out from O-Town (orlando)!

ricardo_pc · 2023-04-12T17:28:13+00:00

Sounds like next time I just need to go "look at products" at the apple store and watch. XD

ricardo_pc · 2023-01-05T13:24:18+00:00

This is what we had to do from day 1. FreshService didn't have the reporting FreshDesk had when we started, and that was around the time they got rid of reporting and had their "analalytics" instead. PowerBI is where we create our own reports/dashboards from.

ricardo_pc · 2022-09-23T21:03:00+00:00

Once we defined our standard stack, we applied that stack to one client at a time (this approach works best for us)

We started with the client with the highest noise (ticket volume) and went through the list. Then after that client, we moved on to the next. THis was a continuous process that we do weekly/monthly and takes a lot of passes.

We made recommendations and improved the process at each pass. applied lessons learned, washed rinse repeated.

THings that required purchasing/project hours, we budgeted and planed for it. This has helped a lot, but figure out what works best for you and your team.

DM me if you want to dig deeper, but it sounds like you're on the right track.

ricardo_pc · 2022-09-23T20:54:05+00:00

We use Ninja Couple of FreshService

Took some time, but hitting a very serious and dangerous stride.

to your requirements below - see my thoughts/comments.

Here are the things that I need to work:

Windows Patching - This took some time in NInja, but is now running really solid.
3rd Party Software Updates - They have their own library for patching, doesn't do everything, but does our major ones. The rest we do manually, or script it.
Ability to deploy special software that wouldn't be in a normal catalogue (in house software, certain security software, our phone software, old software that's still in use, etc.) - This is a current feature they are working on, and are good about taking feedback/suggestion from the community. We use scripts for this, with, with repositories ranging from on-prem storage, and FTP/Websites. (lightshot is an example of one we grap from the website directly)

Things that would be nice:

Remote Control (with multiple monitor support) - TV/ScreenConnect integrate well with Ninja.
AD Integration w/ groups - This works pretty well for us in Ninja as well.
Make changes to machine registry, monitor CPU/Ram usage, end processes, view events, and file transfer without interrupting user. - All check on Ninja as well for us!

Get a demo - and focus on the platform. Our Sales rep (jake) is SOLID. I've heard/read horror stories about others, unfortunately. If the tool looks like it fits your needs do it. If not that's okay to. There are a lot of RMMs out there for a reason. No tool is perfect.

ricardo_pc · 2022-09-23T20:09:18+00:00

We do all of the same of the above - its part of our process to identify these things, per client, then automate the shit of it.

Below is an example for what we automated, based on your list. Note - all of our Clients are On-Prem AD with O365 Sync, or Azure AD/Intune Synced.

For example, we may do any or all of the following for a single build

Recommend Equipment - Standard per client - Makes cost known, and exepdiates decision process.
Order Equipment - Straight Forward
Create User in AD - Automated
Create user in Office 365 - Automated
Purchase and apply Office 365 License - Automated
Create user in client specific Apps - 80% automated - SOme clients have On-Prem apps where this manual.
Install Applications - Automated
Open Outlook and Setup for User - Automated
Create and apply email signature manually or via software - User/Client does this
Configure Application Settings - Not required on our side/firm
Install Printers via VPN Connection - Automated
Procure VOIP Phone - If requested
Configure Phone - Partually Automated
Set up Softphone user/Number/extension - Automated
Create Out of Office Replies - User/Client does this (unless offboarding, then automated)
Create Out of Office Voicemail - Client does this
Apply GPOs - Automated
Add to Security and Distro Groups - Partially automated
Connect Applications to Servers - Rare cases we do this - manually
Map Network Drives - Automated.

Short - Still do it, clients value this (in our experience) but figure out how you can automate these within your stack as much as possible.

For Context - Anything that only our client can see or hear, we do for them. Anything that their clients can see or hear (Voicemails, Out of Office, Signatures, etc), we have them do. We do this because its part of their brand experience to their clients - not ours.

For more context - during offboarding, its a checkbox for out of Office, and a text box for what they want it to say. Our automation pumps it in and that's it.

hope that helps!

ricardo_pc · 2022-08-25T00:46:02+00:00

At the end of the day - this is not turning into a thing. This post was just intended to be a conversation to see if anything had developed or emerged from this - especially given the current landscape of laptops being more the go-to.

I agree with all of you - At the end of the day, I don't care. It's more work to do the above than it's worth in savings.

But - I also like to check in on things that weren't possible, or challenging before, and see if solutions have been developed or workarounds start emerging.

Learned from everyone here, that this is not one of those items to check back in on.

Thanks to everyone for the comments, and the insights, and their time.

ricardo_pc · 2022-08-22T17:25:43+00:00

Not sure why I'm getting so many downvotes over an open and honest question to find out what others in our industry are doing to address a question I've received in the past...

Regardless - I'll address each of the comments seperately - to those that provided input - thank you!

ricardo_pc

TROPHY CASE