Before MSPs can secure end-customer systems, they need to safeguard their own IT management and business automation software platforms. With that reality in mind, Perch Security has launched threat monitoring services specifically for RMM (remote monitoring and management) software.
The new Perch Security service initially supports ConnectWise Automate, with additional RMM platform support in the pipeline. (ConnectWise is an investor in Perch.)
"For the first time, you can now monitor for threat activity directly inside your RMM. Detect, visualize, and report on threats in your ConnectWise Automate instance with support from Perch’s 24/7 Security Operations Center (SOC)."
Added Perch Security CEO Aharon Chernin:
“Enterprises, and MSPs, should be monitoring all the products they use to run their business for threats. There is a security monitoring gap in the MSP market for monitoring most of the tools that they use to run their business, including RMMs. We selected ConnectWise Automate as the first RMM to monitor, however we have a pipeline of other RMMs that we are currently working on to monitor as well.”
This new service surfaces after a recent ConnectWise Automate vulnerability (CVE-2020-14159) that led to some MSPs getting buffalo jumped (i.e., an incident where an MSP is compromised for access to multiple customers).
Threat Monitoring for RMM: Early MSP Reaction
Perch has previewed the new service to MSPs. Early adopters include CPI Solutions of Camarillo and Pasadena, California. In a statement shared with MSSP Alert, CPI Senior Partner James Oberhaus said:
“Our partnership with Perch Security just got that much better! With Perch Automate monitoring we now have visibility and insights into our RMM and customer systems that we have never had before. Perch gives us the ability to correlate agent activity and alert on potential outside threats targeting our Automate system. Perch’s 24/7 SOC gives us the peace of mind that we have always hoped for knowing our systems are being monitored by their top-notch team.”
MSPs seeking RMM threat monitoring can help Perch Security to prioritize RMM platform support here.
Hackers Target MSPs, IT Consulting Firms
Hackers are increasingly targeting MSP solutions and using them to attack service providers’ customers, according to a U.S. Secret Service security alert issued June 12. The FBI issued a similar warning roughly two years ago.
Recent attacks have hit such major MSPs, telecom service providers and IT consulting firms as:
- Telecom SA, Argentina's largest telecom service provider;
- Orange, the European telecom, MSP and MSSP giant;
- DXC Technology‘s Xchanging subsidiary;
- IT consulting giant Cognizant; and
- business process outsourcing (BPO) specialist Conduent.