Security Roundup: AutoElevate, Sophos, Barracuda, ALTR-CAI
Todd Jones knows all about the headache MSPs face when trying to manage and control clients’ administrator privileges mostly to Microsoft operating systems.
It’s this struggle that led him to create an admin privileges solution and co-found a cybersecurity vendor, AutoElevate. The company launched last week and has integrated with ConnectWise Automate and Manage. Jones founded the company with David Sibiski, also the company’s chief technology officer.
Jones, along with Adam Slutskin, former ConnectWise chief revenue offer and founder of MSP Quarterback, gave us the lowdown on this new venture. Slutskin is AutoElevate’s strategic adviser.
AutoElevate’s Todd Jones
“It’s been one week since we lifted the veil off of it and started showing people, and … it’s just exciting to hear that it resonates with everybody as much as it did with me, and not just that I was just this one MSP with this crazy problem or mindset on how it should be,” Jones said. “Everyone I’ve talked with is saying, “Man, this is awesome.”
Jones founded TekJet, which specialized in MSP services for SMBs, and Watchman Computer Services, which provides full-time tech support for small businesses One of the big challenges he always had as an MSP was keeping his clients secure and safe from themselves.
“There’s a fundamental best practice in security of the principal of least privilege, which basically means you give users the minimum level of privileges they need that allows them to do their job,” he said. “The problem with implementing the principal of least privilege is, in Windows, you have an all-or-nothing proposition. You have standard users on their computer, which limits what they can do as far as installing or accessing certain areas or doing certain things, or you give them admin privileges and they can do whatever they want. No user likes to not be able to do whatever they want to do whenever they want to do it.”
The temptation for the MSP was always to give people admin privileges, but then the flip side of that equation as a provider is staying up at night “worrying about what they’re going to do with those privileges and then hop[ing] you’re going to be able to deal with it if they do something they shouldn’t do or that you’ll be held responsible,” Jones said.
It’s this conundrum that led Jones to create his AutoElevate privilege-management system designed for MSPs. AutoElevate has an agent service that runs on each workstation and monitors for Windows requests for username/password events on the client machine. It works in the background to apply rules to each request or to notify a technician via mobile app. Technicians with the notification app can evaluate the request and build rules to either accept or deny the request.
“The key to the whole system is the fact that it has a real-time component, which is something where you don’t have to know what they’re going to do in advance; you don’t have to anticipate a particular version or particular thing they’re going to want to do,” Jones said. “If it’s something that hasn’t been defined, they can simply request the access, the technicians are notified with one click of a button on our notification app, and basically the MSP can approve or deny it. They can approve it for just that one time, they can approve for just that computer, and they can approve it for the location of the company or globally for all of their clients.”
Jones remembers the “heavy emotional burden” whenever he would go on vacation or do anything in his personal life because there was always …
