Remote Access Security Gaps: How Zero Trust Could Have Defended Your Fleet

The role of IT Asset Management in cybersecurity

In the evolving landscape of cybersecurity, Managed Service Providers (MSPs) face increasing threats that target their remote monitoring and management (RMM) tools. The 2023 SMB Threat Report by Huntress highlighted that 65% of attacks on small and medium businesses exploited RMM tools to gain unauthorized access. To combat these risks, adopting a Zero Trust approach has become essential.

Earlier this year, a pair of significant remote access security-related events have reignited concern and drawn considerable attention from cybersecurity specialists and users alike. These events highlight the need for strong security protocols within remote access tools, as well as demonstrate the potential risks that come with less secure tools.

To summarize, while the root cause of the security issues varied – one a result of critical vulnerabilities within the software and the other a cyberattack that led to a compromise of production systems – both could have resulted in unauthorized users gaining access to and seizing control over connected devices resulting in data breaches, system compromises, such as ransomware injection, and other harmful activities. In the case of the code vulnerability, there is additional concern as on-premise instances also exist requiring patches to be applied at the individual account level – potentially leaving many organizations at risk.

Security issues like this could (and have) result in supply chain attacks. For MSPs, whose clients trust them with their ecosystem and, in turn, the tools they use, these security incidents could result in costly resolution efforts, lawsuits or even bankruptcy.

These remote access security issues underscore the vital need for robust safety measures within any form of remote access or remote monitoring and management (RMM) software and infrastructure, which is why GoTo took additional security measures with GoTo Resolve. While no software can claim to be 100% bullet proof from cyber threats, we built GoTo Resolve unlike any other remote access or RMM software. We built it on zero trust access control foundation to add an additional, stronger layer of protection.

So, what is this zero trust approach and how would it have secured devices even in scenarios like the recent problems? Think of it as a “never trust, always verify” approach where zero trust assumes that even if a user is behind the login wall, the system should not automatically trust that they should be there. Zero trust requires that anyone and everything trying to connect to deployed GoTo Resolve hosts verify identity and authorization before performing a sensitive task, such as remote controlling a device or running a PowerShell script. It works like this:

  • All users who want to access or run commands on hosts are required to create an individual signature key (separate from their login password), and before each sensitive action must reauthenticate with this key.
  • The signature key is unique to that user, and it is not stored anywhere, not even by GoTo, and cannot be compromised online.
  • Verification of commands are conducted at the host with it only accepting commands from reauthenticated, authorized users.
  • Even if a malicious actor hacks into backend systems or phishes login credentials, the attacker cannot change or create new automations or commands for endpoints without the signature key.

This level of protection essentially locks down your clients’ IT environments from malicious actors. Conversely, other remote access solutions allow unlimited access once someone is “in the system” either through the front door or backdoor, which opens ample opportunities for malicious actors to create havoc.

Of course, in addition to scrutinizing your technology’s security and selecting secure remote access software like GoTo Resolve that has next level protection, there are other core security steps all MSPs should continue to take:

  • Ensure software is patched and updated to fix known vulnerabilities.
    • Side note: if using on-premise technology, reevaluate the benefits and risks of it versus a cloud-based solution where providers can deploy security updates and patches quickly across all systems.
  • Enforce strong password policies and use multi-factor authentication.
  • Conduct regular security audits of your tools and infrastructure.
  • Educate support staff and end users on security best practices and phishing awareness.
  • And finally, have an incident response plan to quickly and effectively respond to any security incidents.

Given today's state of remote and hybrid work and increased reliance on remote access and support solutions, ensuring the security of these tools and your processes is paramount to safeguarding sensitive data, protecting systems from unauthorized access, and mitigating the risk of cyberattacks. By selecting zero-trust RMM solutions and maintaining these practices, MSPs can confidently position themselves as leaders in client protection.

Learn more about GoTo Resolve’s all in-one remote IT management and support software, built with security measures including zero trust architecture.


Related Posts

  • Tackling IT security in a hybrid-work world

    By Joanne Chu
    Read Article
  • What is network level authentication? And how to enhance it with zero trust.

    By Mike Gutierrez
    Read Article
  • GoTo Introduces GoPilot for GoTo Resolve, the First AI Assistant for End-to-End IT Management and Support

    By GoTo
    Read Article