Customer Story
How NinjaOne Enables a Zero-Trust Environment for AspireHR
with Jeremy Ailes, Director of Technical Platforms and Operations
See NinjaOne in action!
Customer Story
with Jeremy Ailes, Director of Technical Platforms and Operations
Endpoints supported
With NinjaOne since
Company
AspireHR is the market leader in solutions that empower the most critical part of organizations - their people. They deliver human experience management solutions and consulting to top organizations globally with a focus on engaging employees and managers in a meaningful way that improves business outcomes.
Headquarters
Dallas, TX
Website
https://www.aspirehr.com/
As a consulting firm, AspireHR has a highly distributed workforce that doesn’t lend itself to traditional on-premises IT management. “Employees spend more time on-site with clients than they do in our office, so a traditional Active Directory / Group Policy management structure didn’t give us the visibility and control we need to provide effective IT service management. Even adding an MDM solution like InTune didn’t allow us to fully manage our distributed employee network in the way we needed,” says Jeremy Ailes, Director of Technical Platforms and Operations at AspireHR.
“We regularly faced challenges supporting consultants in the field. They were often unable to connect to our network for long periods of time due to client security constraints,” explains Jeremy. “With employees off site with clients for weeks, devices could get out of compliance very quickly.” In addition to the security challenges, being blocked from AspireHR’s network made most IT service tasks more difficult. To address these constraints, AspireHR consultants were given administrative access on their laptops when out of the office. This allowed them to run updates, install software, and make configuration changes as needed without requiring IT intervention. Giving end users administrative privileges posed a security threat but was needed for consultants to do their job efficiently.
To address these issues and manage a fully remote workforce during the COVID pandemic, Jeremy rolled out Ninja agents to all employee endpoints. “Ninja gives us patch automation capabilities, an anti-malware solution, a robust scripting engine, and software deployment capabilities that work for our distributed employee network in single pane of glass,” explains Jeremy. Aspire was able to get full visibility and control over their employee endpoints from day one.
Almost immediately, Jeremy was able to remove all users from their local admin group and create a custom local administrative account on all endpoints. When users need to perform an action that requires administrative privileges, Jeremy creates a random password on the local admin and shares it with the user. The password is then reset within 12 hours so the user no longer has access.
Direct remote support sessions are also more efficient as Jeremy no longer has to roll out patches or install software via remote control. Those functions can be shifted to a Ninja automation or script so remote support sessions can focus on solving more pressing and complex concerns.
Aspire is a small firm that’s growing rapidly. “We’re small but work with some of the world’s largest companies,” says Jeremy. “While we might not be a high priority target for a cyber-attack, when we interface with large clients we become a much more attractive attack vector.”
As a consulting firm working with sensitive data, clients often have strict security and compliance requirements that Aspire HR must attest to. For example, some clients require signed affidavits that all devices used by Aspire HR employees working on their account have been fully patched and compliant with security policies. Other clients require that all devices on-site have no access to removable media. “Ninja gives me the ability to easily push patches out to all of our devices and get them compliant not only with my standards, but with client standards. Making device configuration changes – like blocking removable media – is also easy to do across individual or multiple devices with Ninja’s scripting engine. Everything I do in Ninja is tracked, auditable, and reportable, so I can send clients a report showing them that our devices are secure and compliant with their standards and that our endpoints do not constitute an increased security risk,” says Jeremy.
By adopting NinjaOne, Jeremy has been able to move AspireHR from a high trust environment to a zero-trust environment without the limitations of a traditional domain infrastructure. “Our employees need to be able to do their work both securely and efficiently. I’ve seen what malware can do when someone gets compromised. We’re not big enough to withstand an event like that. If everyone’s drive were encrypted by malware and it takes a week to get up and running that’s a week we cannot do business and lose income. It’s too risky,” explains Jeremy. “Being a zero-trust environment allows our clients to confidently work with our consultants knowing that we are not adding to their attack surface.”
“Ninja has helped AspireHR pursue a zero-trust IT strategy that strikes a balance between security and usability while simultaneously reducing the administrative burden of these tasks,” says Brian.
Get 5 bite-sized ways to grow your business or career every week!
Never Miss Out - Subscribe to the NinjaOne Newsletter
Cookie | Duration | Description |
---|---|---|
_vwo_ds | 3 months | This cookie is set by the provider Visual Website Optimiser. This cookie is used for collecting information on how visitors interact with the pages on website. |
_vwo_sn | 30 minutes | This cookie is set by the provider Visual Website Optimiser. This cookie is used for collecting information on how visitors interact with the pages on website. It collect statistical data such as number of visit, average time spent on the website, what pages haves been read. |
_vwo_uuid | 10 years | This cookie generates a unique ID for every visitor and is used for the report segmentation feature in VWO. Also, this cookie allows you to view data in a more refined manner. If you have the campaign running on multiple domains, you will notice campaign-specific UUID values. |
_vwo_uuid_v2 | 1 year | This cookie is set by Visual Website Optimiser and is used to measure the performance of different versions of web pages. |
cookielawinfo-checbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-advertisement | 1 year | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
ninja | 1 month | No description |
ninja_added | session | No description |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
Cookie | Duration | Description |
---|---|---|
__cf_bm | 30 minutes | This cookie is set by CloudFlare. The cookie is used to support Cloudflare Bot Management. |
_vis_opt_test_cookie | session | This cookie is set by Visual Website Optimiser and is a session cookie generated to detect if the cookies are enabled on the browser of the user or not. |
geoData | First-party cookie. Stores geoIP data in order to display appropriate phone numbers and content for your region. |
Cookie | Duration | Description |
---|---|---|
_biz_flagsA | 1 year | This cookie is set by Bizible. A single cookie that stores multiple information, such as whether or not the user has submitted a form, performed a crossdomain migration, sent a viewthrough pixel, opted out from tracking, etc. |
_biz_nA | 1 year | This cookie is set by Bizible and is used to store a sequence number that Bizible includes for all requests, for internal diagnostics purpose. |
_biz_pendingA | 1 year | This cookie is set by Bizible. Temporarily stores analytics data that has not been successfully sent to Marketo Measure server yet. |
_biz_sid | 30 minutes | This cookie is set by Bizible. The cookie is used to store the session ID of the user. |
_biz_uid | 1 year | This cookie is set by Bizible and is used to store the user ID on the current domain. |
_hjIncludedInSessionSample | 2 minutes | This is a Hotjar cookie set to determine if a user is included in the data sampling defined by the site's daily session limit. |
YSC | session | This cookie is set by YouTube and is used to track the views of embedded videos. |
Cookie | Duration | Description |
---|---|---|
__utma | 2 years | This cookie is set by Google Analytics and is used to distinguish users and sessions. The cookie is created when the JavaScript library executes and there are no existing __utma cookies. The cookie is updated every time data is sent to Google Analytics. |
__utmb | 30 minutes | The cookie is set by Google Analytics. The cookie is used to determine new sessions/visits. The cookie is created when the JavaScript library executes and there are no existing __utma cookies. The cookie is updated every time data is sent to Google Analytics. |
__utmc | session | The cookie is set by Google Analytics and is deleted when the user closes the browser. The cookie is not used by ga.js. The cookie is used to enable interoperability with urchin.js which is an older version of Google analytics and used in conjunction with the __utmb cookie to determine new sessions/visits. |
__utmz | 6 months | This cookie is set by Google analytics and is used to store the traffic source or campaign through which the visitor reached your site. |
_BUID | 1 year | This cookie is used to store a universal user ID to identify the same user across multiple clients' domains. |
_dc_gtm_UA-100000610-1 | 1 minute | This is a Google Analytics cookie used to store the number of service requests. |
_fbp | 3 months | This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website. |
_ga | 2 years | This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors. |
_gat | 1 minute | This cookies is installed by Google Universal Analytics to throttle the request rate to limit the colllection of data on high traffic sites. |
_gat_UA-100000610-1 | 1 minute | This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites. |
_gd_session | 4 hours | This cookie is used for collecting information on users visit to the website. It collects data such as total number of visits, average time spent on the website and the pages loaded. |
_gd_svisitor | 2 years | This cookie is set by the Google Analytics. This cookie is used for tracking the signup commissions via affiliate program. |
_gd_visitor | 2 years | This cookie is used for collecting information on the users visit such as number of visits, average time spent on the website and the pages loaded for displaying targeted ads. |
_gid | 1 day | This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form. |
_hjFirstSeen | 30 minutes | This is set by Hotjar to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by Recording filters to identify new user sessions. |
_hjid | 1 year | This cookie is set by Hotjar. This cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID. |
_uetsid | 1 day | This cookies are used to collect analytical information about how visitors use the website. This information is used to compile report and improve site. |
_vis_opt_s | 3 months 8 days | This cookie is set by Visual Website Optimiser and is used to detect if the user is new or returning to a particular campaign. |
6suuid | 2 years | This is a 6sense cookie. Registers user behaviour and navigation on the website, and any interaction with active campaigns. This is used for optimizing advertisement and for efficient retargeting. |
DriftPlaybook | session | This is a Drift cookie. |
IDE | 1 year 24 days | Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile. |
page | 1 month | No description |
pardot | past | The cookie is set when the visitor is logged in as a Pardot user. |
vuid | 2 years | This domain of this cookie is owned by Vimeo. This cookie is used by vimeo to collect tracking information. It sets a unique ID to embed videos to the website. |
Cookie | Duration | Description |
---|---|---|
_an_uid | 7 days | This is a 6sense cookie. Presents the user with relevant content and advertisement. The service is provided by third-party advertisement hubs, which facilitate real-time bidding for advertisers. |
_rdt_uuid | 3 months | This cookie is set by Reddit and is used for remarketing on reddit.com |
_uetvid | 1 year 24 days | This is a Bing Ads cookie to store and track visits across websites. |
MUID | 1 year 24 days | Used by Microsoft as a unique identifier. The cookie is set by embedded Microsoft scripts. The purpose of this cookie is to synchronize the ID across many different Microsoft domains to enable user tracking. |
test_cookie | 15 minutes | This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies. |
VISITOR_INFO1_LIVE | 5 months 27 days | This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website. |
Cookie | Duration | Description |
---|---|---|
_hjAbsoluteSessionInProgress | 30 minutes | This is a Hotjar cookie used to detect the first pageview session of a user. |
_hjIncludedInPageviewSample | 2 minutes | This is a Hotjar cookie set to determine if a user is included in the data sampling defined by your site's pageview limit. |
_hjTLDTest | session | This is a Hotjar cookie. Hotjar tries to store the _hjTLDTest cookie for different URL substring alternatives until it fails. Enables Hotjar to try to determine the most generic cookie path to use, instead of page hostname. After this check, the cookie is removed. |
ARRAffinity | This cookie is set by websites that run on Windows Azure cloud platform. The cookie is used to affinitize a client to an instance of an Azure Web App. | |
campaign | 1 day | No description |
content | 1 day | No description |
conversion_page | 1 day | No description |
landing_page | 1 day | No description |
sliguid | 5 years | Salesloft cookie for use in live website tracking to help identify and qualify leads. |
slireg | 7 days | Salesloft cookie for use in live website tracking to help identify and qualify leads. |
slirequested | 5 years | Salesloft cookie for use in live website tracking to help identify and qualify leads. |
source | 1 day | No description |