This is some text inside of a div block.
Glitch effect
HomeBlog
Don't Get Your Security from Your RMM Provider: The Risks You Should Know
August 5, 2024

Don't Get Your Security from Your RMM Provider: The Risks You Should Know

By:
Dustin Ray
Wes Hutcherson
|
Contributors:
Glitch effectGlitch effectGlitch effect
Glitch banner

Imagine you’re playing in the big game. With only a minute left in the fourth quarter your team is one yard away from sealing the win. Your fans are already celebrating. Mere seconds away from hoisting the championship trophy, you just need to move the ball three feet, and victory is yours. Fortunately, you're the best running back around, a wrecking ball of a human known for your ability to charge through anyone in your way. But then, your QB throws the ball. Too bad your receiver can't catch.

Security through your RMM provider is like dropping the ball.

And just like that, victory has slipped through your hands. Worse yet, the crowd has turned on you, with many angrily asking, “What just happened?!?”   

That’s what it feels like when you get your security solution through your RMM (Remote Monitoring and Management) provider. Sure, they're great at keeping your IT systems running, but when it comes to protecting your data, they might just drop the ball.

The RMM Middleman Mess

The issue with getting security tools through your RMM provider is it adds in another layer of complexity which can lead to communication failures and increase risk in a cyberattack. Basically, teams can't decide who's in charge—the RMM provider or the security provider. Imagine a cyberattack is imminent, and alerts are sent. Instead of a coordinated response, the RMM and security providers argue over responsibilities. You're left in the dark, unsure who’s handling the threat while precious time slips away.

Meanwhile, you're stuck with no idea what's going on, all while pressure mounts from the system users. The RMM provider says, "Not my job. Talk to the security provider!" The security provider fires back, "Nope, that’s your responsibility!" And while they play hot potato with your urgent alert, you just need someone to step up before it’s too late. It’s a mess, and your response time goes from "manageable" to "full-blown disaster."

The Scenario

Take, for instance, the tale of an up-and-coming RMM provider offering the security products of a well-established solution. A client thought they had the dream team for endpoint security and management. But they ended up in a nightmare. When a Lorenz ransomware attack hit, the client expected swift action from their security team. What they got instead was radio silence from both the RMM provider and the security solution provider. Three days in, the client had to roll up their sleeves and deal with the mess themselves by onboarding an Incident Response firm. It was like ordering a pizza and being told to bake it yourself—with no ingredients.

Why RMM Companies Are Not Security Experts

RMM companies are fantastic at what they do—provide the solutions utilized by MSPs to monitor IT policies and usage. But expecting them to provide top-notch security is like expecting your plumber to fix your car. They both might understand the basics, but when push comes to shove, they lack the specialized knowledge and quick response needed for security incidents.

The Hidden Costs of RMM-Managed Security

Opting for security solutions through your RMM provider might seem like a cost-saving measure, but it’s often a false economy. The hidden costs come in the form of extended downtime, mishandled incident reporting, and the potential loss of customer trust. Plus, the time you spend chasing down answers and coordinating between your RMM provider and security vendor could be better spent on actual security measures.

Real-World Example: The Common Conundrum

One MSP found this out the hard way. They bought a leading security solution to be managed by their RMM provider, only to discover that their alerts were being marked as "true positive" without proper investigation. The MSP had to repeatedly call and seek clarification on issues, wasting precious time and resources.

RMM-managed security can lead to loss of customer trust.

The Bottom Line: Choose Dedicated Security Providers

Simply put, security is too important to be an afterthought. You need dedicated security experts who can respond in real-time, without the middleman delays. Think of it as hiring a top-tier chef to cook your meals instead of relying on the guy who fixes your refrigerator. Both are crucial, but you need the right expert for the right job.

What Huntress Brings to the Table

At Huntress, we focus solely on security. We don’t just alert you to issues—we help you resolve them quickly and efficiently. Our 24/7/365 monitoring and response team ensures that your data is always protected, without the runaround.

So, next time you're tempted to get your security solution through your RMM provider, remember the waterboy. He’s important, but you wouldn't let him take the game-winning shot, would you? In other words, stick with experts who can keep your data safe and your business running smoothly. 

Huntress social logo

Call to Action
Blurry glitch effectGlitch effectGlitch effect
Categories
Cybersecurity Education

See Huntress in action

Our platform combines a suite of powerful managed detection and response tools for endpoints and Microsoft 365 identities, science-backed security awareness training, and the expertise of our 24/7 Security Operations Center (SOC).
Share
Glitch effect

You Might Also Like

Blank icon

Detecting Malicious Use of LOLBins

Learn More
Blank icon

Deceitful Tactics and Honest Mistakes: Remedying Human Error Amid the Rise of Social Engineering Across Healthcare

Learn More
Blank icon

A Day in the Life of a Security Researcher

Learn More

Sign Up for Blog Updates

Subscribe today and you’ll be the first to know when new content hits the blog.

By submitting this form, you accept our Privacy Policy
Huntress at work
Cybersecurity Education