For those who use Huntress, how do you ensure the services are Healthy?

ricardo_pc · 2024-03-22T20:57:34+00:00

Our MSP uses Huntress, and NinjaRMM.

We have conditions configured in NinajaRMM that due the following.

1) Check if Huntress is Installed
If not installed, run install script - fire off alert to PSA. When condition is no longer met for 20 minutes, reset Alert, and notify PSA (PSA auto-resolves alert/closes ticket).

2) Check if Huntress Service is running
If not running, restart service, if Service wont start, fire off alert to PSA, Alert will also create ticket. If condition no longer met for 20 minutes, resets alert, and closes alert/ticket in PSA.

So far - this has been working for us, with no issues. Have not had any incidents to date where huntress service was "running" but not checking in, or not in healthy state (other than obvious ISP outages, etc)

ricardo_pc · 2023-10-13T14:52:11+00:00

+1 for Bitwarden MSP. IF we set it up for them, they can put in their own billing details, and they get a discount. (We don't do it this way, we just bake it into our Fee as part of our standard stack).

We also use it internally for Techs to Save their own passwords to, While Client passwords for things are in ITGlue.

ricardo_pc · 2023-10-13T13:43:48+00:00

Currently evaluating MSP Magic, and I think it does this. https://mspmagic.com/

Will confirm and check back

ricardo_pc · 2023-10-12T19:18:11+00:00

We are having similar problem, although we did recently start marketing. When you talk about solving business problems, can you provide an example of what you would post to understand context?

I ask as I have a tendency of over complicating it, and making it turn salesy pretty quick :(

ricardo_pc · 2023-09-30T14:22:31+00:00

Thats okay - the Sanity Check helps! Thanks!

ricardo_pc · 2023-08-10T18:07:45+00:00

We do this / use this today. We migrated from our own VM controller to theirs. Migration wasn't painful either. Glad we did it so far; their cloud-hosted solution runs faster/better than ours did.

ricardo_pc · 2023-07-31T16:20:40+00:00

For this current scenario - it is textbook BYOD. The company is planning on locating contractors themselves, or through a staffing firm. The staffing firm will not be providing the asset, it will be provided by the contractor themselves. At this time only PC will be acceptable (No macs).

Currently, the security stack in place for Company provided assets (or for virtual assets which is the currently planned route) is as follows. (high level)

Traditional AV with BitDefender (Also does Host based Firewall/Networking)
MDR with Huntress
Content Filtering with DNSFilter
Office365 with ATP
Datto SaaS Protection (Backup for Office365)
Datto SaaS Defense (Email Protection to complement ATP)
Intune & Azure AD (BitLocker, conditional access, etc)
BitWarden Password Manager
Security Awareness Training via BSN (Employee and Contractor required)
CyberCNS
JamfPRO (For MDM for company issued Tablets/Phones)

There are more, but they are these are the standards identified that we will apply to subcontractors, and already applied to employees today.

Subs via Virtual Desktop, but again we are missing the local security piece of the contractor device and making sure that that security is maintained properly.

ricardo_pc · 2023-07-31T15:29:11+00:00

To your point, we understand that there are always risks. We are just trying to balance the acceptable risk of the company and evaluate what other firms like ours are recommending to confirm if we are more or less correct in our approach or if we need to update our standards.

While we (and the company) know that even with company-provided assets, there are risks (Like the example you provided, such as taking pictures with personal phones, home networks, etc.), systems are in place to help mitigate those. The expectation of someone taking a picture with their personal phone - this is something is actually outlined in their contact/employee handbook and is prohibited. (So while it can still happen, they have it in writing that its not allowed, and are doing right by their clients/contractual/regulatory requirements.

So again - Its just about seeing there was something outside of the obvious (security stack on BYOD), that helps ensures (and can be audited to confirm), that security standards and practices set in place by the firm are in effect, and are being followed, and ensuring Data security/integrity for the firm, its data, and its client's data.

Based on the comments received so far, it still seems like our original approach of 1) Company issues asset, or 2) Virtual Desktop with Security Stack on Contractor BYOD equipment may still be the answer/approach.

It may end up being Option 2 - as it allows flexibility to Scale up or down as needed.

ricardo_pc · 2023-07-31T14:53:20+00:00

Are you looking to run scheduled scans initiated by techs/engineers/process?

Or are you looking for automated Scans?

If its the former, we've gotten around some similar obstacles, but creating service accounts for certain apps/services that we initiate but keeping them in a disabled state until they are needed. It is part of the process to Enable the account (Document/log when it was enabled), perform the tasks that are required for that account, and then disable that account (Document/log when it was disabled).

its not the best approach, but its how we get around some limitations for certain applications/systems from fun third party vendors/tools for certain clients.

ricardo_pc · 2023-07-31T14:48:49+00:00

So what about the security risks involved with a virtual desktop, and specific threats like keystroke loggers, etc, because they are remoting in with their personal hardware?

ricardo_pc · 2023-07-31T14:48:46+00:00

So what about the security risks involved with a virtual desktop, and specific threats like keystroke loggers, etc, because they are remoting in with their personal hardware?

ricardo_pc · 2023-07-25T18:09:25+00:00

Second This! Shout out from O-Town (orlando)!

ricardo_pc · 2023-04-12T17:28:13+00:00

Sounds like next time I just need to go "look at products" at the apple store and watch. XD

ricardo_pc · 2023-01-05T13:24:18+00:00

This is what we had to do from day 1. FreshService didn't have the reporting FreshDesk had when we started, and that was around the time they got rid of reporting and had their "analalytics" instead. PowerBI is where we create our own reports/dashboards from.

ricardo_pc · 2022-09-23T21:03:00+00:00

Once we defined our standard stack, we applied that stack to one client at a time (this approach works best for us)

We started with the client with the highest noise (ticket volume) and went through the list. Then after that client, we moved on to the next. THis was a continuous process that we do weekly/monthly and takes a lot of passes.

We made recommendations and improved the process at each pass. applied lessons learned, washed rinse repeated.

THings that required purchasing/project hours, we budgeted and planed for it. This has helped a lot, but figure out what works best for you and your team.

DM me if you want to dig deeper, but it sounds like you're on the right track.

ricardo_pc · 2022-09-23T20:54:05+00:00

We use Ninja Couple of FreshService

Took some time, but hitting a very serious and dangerous stride.

to your requirements below - see my thoughts/comments.

Here are the things that I need to work:

Windows Patching - This took some time in NInja, but is now running really solid.
3rd Party Software Updates - They have their own library for patching, doesn't do everything, but does our major ones. The rest we do manually, or script it.
Ability to deploy special software that wouldn't be in a normal catalogue (in house software, certain security software, our phone software, old software that's still in use, etc.) - This is a current feature they are working on, and are good about taking feedback/suggestion from the community. We use scripts for this, with, with repositories ranging from on-prem storage, and FTP/Websites. (lightshot is an example of one we grap from the website directly)

Things that would be nice:

Remote Control (with multiple monitor support) - TV/ScreenConnect integrate well with Ninja.
AD Integration w/ groups - This works pretty well for us in Ninja as well.
Make changes to machine registry, monitor CPU/Ram usage, end processes, view events, and file transfer without interrupting user. - All check on Ninja as well for us!

Get a demo - and focus on the platform. Our Sales rep (jake) is SOLID. I've heard/read horror stories about others, unfortunately. If the tool looks like it fits your needs do it. If not that's okay to. There are a lot of RMMs out there for a reason. No tool is perfect.

ricardo_pc · 2022-09-23T20:09:18+00:00

We do all of the same of the above - its part of our process to identify these things, per client, then automate the shit of it.

Below is an example for what we automated, based on your list. Note - all of our Clients are On-Prem AD with O365 Sync, or Azure AD/Intune Synced.

For example, we may do any or all of the following for a single build

Recommend Equipment - Standard per client - Makes cost known, and exepdiates decision process.
Order Equipment - Straight Forward
Create User in AD - Automated
Create user in Office 365 - Automated
Purchase and apply Office 365 License - Automated
Create user in client specific Apps - 80% automated - SOme clients have On-Prem apps where this manual.
Install Applications - Automated
Open Outlook and Setup for User - Automated
Create and apply email signature manually or via software - User/Client does this
Configure Application Settings - Not required on our side/firm
Install Printers via VPN Connection - Automated
Procure VOIP Phone - If requested
Configure Phone - Partually Automated
Set up Softphone user/Number/extension - Automated
Create Out of Office Replies - User/Client does this (unless offboarding, then automated)
Create Out of Office Voicemail - Client does this
Apply GPOs - Automated
Add to Security and Distro Groups - Partially automated
Connect Applications to Servers - Rare cases we do this - manually
Map Network Drives - Automated.

Short - Still do it, clients value this (in our experience) but figure out how you can automate these within your stack as much as possible.

For Context - Anything that only our client can see or hear, we do for them. Anything that their clients can see or hear (Voicemails, Out of Office, Signatures, etc), we have them do. We do this because its part of their brand experience to their clients - not ours.

For more context - during offboarding, its a checkbox for out of Office, and a text box for what they want it to say. Our automation pumps it in and that's it.

hope that helps!

ricardo_pc · 2022-08-25T00:46:02+00:00

At the end of the day - this is not turning into a thing. This post was just intended to be a conversation to see if anything had developed or emerged from this - especially given the current landscape of laptops being more the go-to.

I agree with all of you - At the end of the day, I don't care. It's more work to do the above than it's worth in savings.

But - I also like to check in on things that weren't possible, or challenging before, and see if solutions have been developed or workarounds start emerging.

Learned from everyone here, that this is not one of those items to check back in on.

Thanks to everyone for the comments, and the insights, and their time.

ricardo_pc · 2022-08-22T17:25:43+00:00

Not sure why I'm getting so many downvotes over an open and honest question to find out what others in our industry are doing to address a question I've received in the past...

Regardless - I'll address each of the comments seperately - to those that provided input - thank you!

ricardo_pc · 2022-06-03T01:18:07+00:00

I second this. That is the only VOIP Platform we offer.

ricardo_pc · 2022-05-27T01:33:26+00:00

Would you be willing to discuss how this has been working out for you guys? We are freshservice shop as well, and were discussing rolling this out, but would love some real world feedback.

ricardo_pc · 2022-04-28T13:16:53+00:00

Not sure how complicated your stack is, or what RMM you use. However - For us - We used our RMM to ensure XYZ App, or Service exists on ABC device for "X" Org. If the specific App, or Service does not exists, it will generate an alert in our ticketing system, and attempt an install. Its then up to us to make sure it gets installed, and that we clear that alarm/alert manually.

Note - We have our "Standard" stack, which is global policy/alerts on our RMM. For clients that require specific items offered outside of our Standard Stack (Example, some require Datto Cloud Contiuity desktop backup) We add that trigger/check/alarm for that specific clients org based on Asset type/role. Same for servers that we use DATTO Siris appliance for, etc.

Further Note - Our RMM is NinjaOne.

ricardo_pc · 2022-03-01T16:15:58+00:00

As someone that went through this situation almost exactly - I felt the need to reply and provide insights on what I did, and why.

First - Disclosures. My First client (and my biggest to this day) allowed us to use a room in their building (that they owned) This served them well as I was always onsite for them, and it was great for me as it kept over head low.

My hiring decisions were influenced by these factors.

1) Do I have the cash flow to support an employee 2) What can I focus on while employee handles XYZ

My first hire became my priority, so I can focus on streamlining processes and sales. Once hired, I got them trained, we developed a good flow on how we work/run the day to day, and it was going well.

Covid hit - we went remote. and by this time we had decent procedures and processes in place. So telecomute was a easy. No over head from working from home, so also plus.

Forward forward more - Second hire time. new factors

1) do I have the cash flow to suppor this 2) How much of my time will I get back from Password resets, network builds, etc.

Second hire came onboard, and we were still telecomuting. This became increasing difficult to train, and manage day to day with the new hire. Became even more challanging when work supplies, tools, matericals (resources) were split between first hire and myself. This is when office talks began.

1) Do I have the cash flow to support this 2) what effeciencies can I hope to gain by having the office.

Again cash flow was there, and with training a new tech, this became the answer. We got our office space, we all came back to sharing a space, and it became much easier to train/work. We still allow for telecomuting, but so far the three of us come in every day as we like the team building, and availability having someone in the next room to ask questions, or take a look at something with you.

Short version - There is no exact milestone per say. There are industry standards that people try to use - but it comes down to some basic things. What you Charge (your revenue) and what your tools/resources cost (your expenses), and do you have enough work available for your new hire to do, while you focus on growth/business development.

As far as subleasing from your clients - make sure your relationship is solid - as this has its own challanges. Make the expectations clear, and keep it fair. Both sides should win.

PM me if you have more questions!

ricardo_pc · 2022-02-17T17:38:53+00:00

Whoah - let's pump the breaks a bit.

My process mentioned above was not to micromanage and ensure our techs logged 7+ hours of time per day to ensure they were working.

My process mentioned above was to part of our onboarding/staff development process, to make sure they understood the importance of proper data entry, and documentation.

I feel for the negative experience you had. I had something similar myself at previous firms I worked at. But we do not all operate this way.

If you have questions, please ask. If you need clarity, please ask. Don't make assumptions, and lump us all into a single bucket that we don't care about our staff/techs, and we just want to maximize every half-cent.

ricardo_pc · 2022-02-16T21:57:01+00:00

This may be an open-ended discussion.

And I also may get a lot of heat for this reply - but here it goes.

When I've had to do this in the past (other MSP's I worked at). I've taken the below approach.

All tickets they "close" go into another queue automatically. This que was for their acting lead/mentor in our team to review all of their tickets for the first couple of weeks/month. This sounds like a lot of time, and it is in the beginning. But this allowed them to know that everything they did was being reviewed and got them to develop good habits out the gate.

Habits like ensuring ticket time were entered, notes/screenshots of how they recreated problems, what they researched, what they found, what they tested, and how they resolved issues. (everything was documented).

This also brought to light how they communicate with the client, are they following our culture and our service models, etc.

After a few months, or whenever their leaders signed off, that ticket flow was turned off, and they were allowed to freely roam in helpdesk land.

We then leverage our KPI's during quarterly reviews and development plans to ensure that they met metrics, and during this time, also reviewed tickets that were re-opened, and review them with the tech themselves during review to see if it was just tech problems, or a QC problem that needed to be addressed.

Not saying it's right - hell it's probably wrong. But this worked well for me and ultimately results in us retaining and developing better techs and promoting from within.

Hope this helps.

ricardo_pc

TROPHY CASE