Customer Story
Patching remote and hybrid endpoints with NinjaOne
With ‘Jack’, IT Director
See NinjaOne in action!
Customer Story
With ‘Jack’, IT Director
Endpoints supported
With NinjaOne since
Company
An award-winning insurance company offering home, vehicle, and business insurance to a national market. This company is a top 10 provider in their market.
Our partner has provided this case study anonymously so as not to disclose any of their cybersecurity practices publicly.
As an insurance company offering home, vehicle, and business insurance and a company that handles personally identifiable information [customer] operates in a highly-regulated industry, making data security – and therefore patch management – a top priority for their business.
The company’s patch management program has always been incredibly robust. Prior to Ninja they used Qualys and GFI Languard to identify and remediate vulnerabilities within their systems. “We had 11 Languard servers setup in our infrastructure that endpoints would check into in cohorts – we had really engineered the system to perfection,” says Jack, the IT leader primarily responsible for endpoint patching . “The only problem we had with Languard patching pre-COVID was an inability to effectively patch our field and remote workers.”
When the COVID-19 pandemic hit, [customer] had to quickly send approximately half of their 1200 employees to work from home to comply with government regulations for social distancing. As an on-premises, network-centric solution, Languard would not be able to support the hybrid workforce model [company] would need to employ for the foreseeable future. “I had 14 days from when we decided to go remote to when our Languard contract was up. In that time I had to make a recommendation to management about whether to continue using Languard or switch to another patching solution,” says Jack.
“I created a spreadsheet with a bunch of columns and used that to evaluate Automox, NinjaOne, Qualys, SCCM, and Languard. We evaluated each solution based on a number of criteria including level of automation, patching policy flexibility, ease of deployment, reliability, ability to patch remote workers, price, and more,” explains Jack. The team at [customer] conducted in-depth tests on the solutions that met their minimum requirements and narrowed the list down to two: NinjaOne and Automox. “We ultimately chose Ninja over Automox because of the price. Automox was five times more expensive than Ninja and did not deliver five times the value.”
As a company in a heavily regulated industry, cybersecurity is paramount for [company]. “While it’s critical that Ninja keeps our endpoints patched, it’s also critical for Ninja to contribute to our security posture in other ways,” says Jack. NinjaOne enforces multifactor authentication during login for all users – administrators, technicians, and end-users – but it also enforces MFA during potentially security-critical actions like adding a new user. “What really makes our security team happy is Ninja’s activity tracking feature – we always know which technicians have access to which devices and we can see every action taken by a technician against any device. Everything we do in Ninja – logins, policy changes, remote access, software deployments, and more – is tracked and auditable for security and compliance purposes,” says Jack.
While [company] chose Ninja over Qualys for patch management, they still use Qualys for vulnerability identification and to report on their compliance posture. Every month, the IT team at [company] has a dedicated ‘maintenance week’ where end-user tickets are deprioritized so technicians can focus on solving big picture problems and complete strategic projects. During maintenance week [company]’s helpdesk technicians are often heads-down in Ninja with the Qualys vulnerability reports pushing out important patches and securing known vulnerabilities. “It’s really important to us that we’re able to tightly control how and when patches go out to our endpoints,” says Jack. “We can create instability in our systems if we’re pushing out bleeding-edge patches as soon as they’re available. Ninja gives us the ability to setup multiple patching policies based on device role, giving us the flexibility to automatically approve or deny patches and deploy patches on different schedules for servers with different purposes. For example, we have several critical servers for which we do not automate patch deployment – we scan for patches regularly but only push out patches outside of business hours. Comparatively, we heavily leverage automated approvals to keep employee laptops up-to-date and minimize the time we spend actively patching.”
Ninja’s primary role in [company]’s IT management stack is to perform patch management, but as the team explores the solution more, they’re expanding their use cases. “We’ve recently decided to migrate away from the SCCM remote control tool to start using Ninja’s remote control tool,” says Jack. With Ninja’s built-in remote control tool, our technicians can login to Ninja, find the device they need to work on or provide support to, collect all the data they need, then with one click remote into the device for remediation. “We’re finding more ways we could potentially use Ninja every day – from software deployment, to scripting, to new device setup. Having almost everything we need in one tool really makes the team more efficient,” says Jack.
“We were able to transition our entire patching process over to Ninja very quickly so that we could support our newly remote and hybrid workforces. We were also able to finally solve our patching challenges with field employees who never came into the office. We no longer need to rely on the company network for patch management, which allows us to be more flexible with where people are working. Our security team is happy, our patch compliance looks good, and we’re always finding new things we can do with NinjaOne.”
Get 5 bite-sized ways to grow your business or career every week!
Never Miss Out - Subscribe to the NinjaOne Newsletter
Cookie | Duration | Description |
---|---|---|
_vwo_ds | 3 months | This cookie is set by the provider Visual Website Optimiser. This cookie is used for collecting information on how visitors interact with the pages on website. |
_vwo_sn | 30 minutes | This cookie is set by the provider Visual Website Optimiser. This cookie is used for collecting information on how visitors interact with the pages on website. It collect statistical data such as number of visit, average time spent on the website, what pages haves been read. |
_vwo_uuid | 10 years | This cookie generates a unique ID for every visitor and is used for the report segmentation feature in VWO. Also, this cookie allows you to view data in a more refined manner. If you have the campaign running on multiple domains, you will notice campaign-specific UUID values. |
_vwo_uuid_v2 | 1 year | This cookie is set by Visual Website Optimiser and is used to measure the performance of different versions of web pages. |
cookielawinfo-checbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-advertisement | 1 year | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
ninja | 1 month | No description |
ninja_added | session | No description |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
Cookie | Duration | Description |
---|---|---|
__cf_bm | 30 minutes | This cookie is set by CloudFlare. The cookie is used to support Cloudflare Bot Management. |
_vis_opt_test_cookie | session | This cookie is set by Visual Website Optimiser and is a session cookie generated to detect if the cookies are enabled on the browser of the user or not. |
geoData | First-party cookie. Stores geoIP data in order to display appropriate phone numbers and content for your region. |
Cookie | Duration | Description |
---|---|---|
_biz_flagsA | 1 year | This cookie is set by Bizible. A single cookie that stores multiple information, such as whether or not the user has submitted a form, performed a crossdomain migration, sent a viewthrough pixel, opted out from tracking, etc. |
_biz_nA | 1 year | This cookie is set by Bizible and is used to store a sequence number that Bizible includes for all requests, for internal diagnostics purpose. |
_biz_pendingA | 1 year | This cookie is set by Bizible. Temporarily stores analytics data that has not been successfully sent to Marketo Measure server yet. |
_biz_sid | 30 minutes | This cookie is set by Bizible. The cookie is used to store the session ID of the user. |
_biz_uid | 1 year | This cookie is set by Bizible and is used to store the user ID on the current domain. |
_hjIncludedInSessionSample | 2 minutes | This is a Hotjar cookie set to determine if a user is included in the data sampling defined by the site's daily session limit. |
YSC | session | This cookie is set by YouTube and is used to track the views of embedded videos. |
Cookie | Duration | Description |
---|---|---|
__utma | 2 years | This cookie is set by Google Analytics and is used to distinguish users and sessions. The cookie is created when the JavaScript library executes and there are no existing __utma cookies. The cookie is updated every time data is sent to Google Analytics. |
__utmb | 30 minutes | The cookie is set by Google Analytics. The cookie is used to determine new sessions/visits. The cookie is created when the JavaScript library executes and there are no existing __utma cookies. The cookie is updated every time data is sent to Google Analytics. |
__utmc | session | The cookie is set by Google Analytics and is deleted when the user closes the browser. The cookie is not used by ga.js. The cookie is used to enable interoperability with urchin.js which is an older version of Google analytics and used in conjunction with the __utmb cookie to determine new sessions/visits. |
__utmz | 6 months | This cookie is set by Google analytics and is used to store the traffic source or campaign through which the visitor reached your site. |
_BUID | 1 year | This cookie is used to store a universal user ID to identify the same user across multiple clients' domains. |
_dc_gtm_UA-100000610-1 | 1 minute | This is a Google Analytics cookie used to store the number of service requests. |
_fbp | 3 months | This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website. |
_ga | 2 years | This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors. |
_gat | 1 minute | This cookies is installed by Google Universal Analytics to throttle the request rate to limit the colllection of data on high traffic sites. |
_gat_UA-100000610-1 | 1 minute | This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites. |
_gd_session | 4 hours | This cookie is used for collecting information on users visit to the website. It collects data such as total number of visits, average time spent on the website and the pages loaded. |
_gd_svisitor | 2 years | This cookie is set by the Google Analytics. This cookie is used for tracking the signup commissions via affiliate program. |
_gd_visitor | 2 years | This cookie is used for collecting information on the users visit such as number of visits, average time spent on the website and the pages loaded for displaying targeted ads. |
_gid | 1 day | This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form. |
_hjFirstSeen | 30 minutes | This is set by Hotjar to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by Recording filters to identify new user sessions. |
_hjid | 1 year | This cookie is set by Hotjar. This cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID. |
_uetsid | 1 day | This cookies are used to collect analytical information about how visitors use the website. This information is used to compile report and improve site. |
_vis_opt_s | 3 months 8 days | This cookie is set by Visual Website Optimiser and is used to detect if the user is new or returning to a particular campaign. |
6suuid | 2 years | This is a 6sense cookie. Registers user behaviour and navigation on the website, and any interaction with active campaigns. This is used for optimizing advertisement and for efficient retargeting. |
DriftPlaybook | session | This is a Drift cookie. |
IDE | 1 year 24 days | Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile. |
page | 1 month | No description |
pardot | past | The cookie is set when the visitor is logged in as a Pardot user. |
vuid | 2 years | This domain of this cookie is owned by Vimeo. This cookie is used by vimeo to collect tracking information. It sets a unique ID to embed videos to the website. |
Cookie | Duration | Description |
---|---|---|
_an_uid | 7 days | This is a 6sense cookie. Presents the user with relevant content and advertisement. The service is provided by third-party advertisement hubs, which facilitate real-time bidding for advertisers. |
_rdt_uuid | 3 months | This cookie is set by Reddit and is used for remarketing on reddit.com |
_uetvid | 1 year 24 days | This is a Bing Ads cookie to store and track visits across websites. |
MUID | 1 year 24 days | Used by Microsoft as a unique identifier. The cookie is set by embedded Microsoft scripts. The purpose of this cookie is to synchronize the ID across many different Microsoft domains to enable user tracking. |
test_cookie | 15 minutes | This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies. |
VISITOR_INFO1_LIVE | 5 months 27 days | This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website. |
Cookie | Duration | Description |
---|---|---|
_hjAbsoluteSessionInProgress | 30 minutes | This is a Hotjar cookie used to detect the first pageview session of a user. |
_hjIncludedInPageviewSample | 2 minutes | This is a Hotjar cookie set to determine if a user is included in the data sampling defined by your site's pageview limit. |
_hjTLDTest | session | This is a Hotjar cookie. Hotjar tries to store the _hjTLDTest cookie for different URL substring alternatives until it fails. Enables Hotjar to try to determine the most generic cookie path to use, instead of page hostname. After this check, the cookie is removed. |
ARRAffinity | This cookie is set by websites that run on Windows Azure cloud platform. The cookie is used to affinitize a client to an instance of an Azure Web App. | |
campaign | 1 day | No description |
content | 1 day | No description |
conversion_page | 1 day | No description |
landing_page | 1 day | No description |
sliguid | 5 years | Salesloft cookie for use in live website tracking to help identify and qualify leads. |
slireg | 7 days | Salesloft cookie for use in live website tracking to help identify and qualify leads. |
slirequested | 5 years | Salesloft cookie for use in live website tracking to help identify and qualify leads. |
source | 1 day | No description |