Patching remote and hybrid endpoints with NinjaOne

Our partner has provided this case study anonymously so as not to disclose any of their cybersecurity practices publicly.

As an insurance company offering home, vehicle, and business insurance and a company that handles personally identifiable information [customer] operates in a highly-regulated industry, making data security – and therefore patch management – a top priority for their business.

The company’s patch management program has always been incredibly robust. Prior to Ninja they used Qualys and GFI Languard to identify and remediate vulnerabilities within their systems. “We had 11 Languard servers setup in our infrastructure that endpoints would check into in cohorts – we had really engineered the system to perfection,” says Jack, the IT leader primarily responsible for endpoint patching . “The only problem we had with Languard patching pre-COVID was an inability to effectively patch our field and remote workers.”

When the COVID-19 pandemic hit, [customer] had to quickly send approximately half of their 1200 employees to work from home to comply with government regulations for social distancing. As an on-premises, network-centric solution, Languard would not be able to support the hybrid workforce model [company] would need to employ for the foreseeable future. “I had 14 days from when we decided to go remote to when our Languard contract was up. In that time I had to make a recommendation to management about whether to continue using Languard or switch to another patching solution,” says Jack.

“I created a spreadsheet with a bunch of columns and used that to evaluate Automox, NinjaOne, Qualys, SCCM, and Languard. We evaluated each solution based on a number of criteria including level of automation, patching policy flexibility, ease of deployment, reliability, ability to patch remote workers, price, and more,” explains Jack. The team at [customer] conducted in-depth tests on the solutions that met their minimum requirements and narrowed the list down to two: NinjaOne and Automox. “We ultimately chose Ninja over Automox because of the price. Automox was five times more expensive than Ninja and did not deliver five times the value.”

As a company in a heavily regulated industry, cybersecurity is paramount for [company]. “While it’s critical that Ninja keeps our endpoints patched, it’s also critical for Ninja to contribute to our security posture in other ways,” says Jack. NinjaOne enforces multifactor authentication during login for all users – administrators, technicians, and end-users – but it also enforces MFA during potentially security-critical actions like adding a new user. “What really makes our security team happy is Ninja’s activity tracking feature – we always know which technicians have access to which devices and we can see every action taken by a technician against any device. Everything we do in Ninja – logins, policy changes, remote access, software deployments, and more – is tracked and auditable for security and compliance purposes,” says Jack.

While [company] chose Ninja over Qualys for patch management, they still use Qualys for vulnerability identification and to report on their compliance posture. Every month, the IT team at [company] has a dedicated ‘maintenance week’ where end-user tickets are deprioritized so technicians can focus on solving big picture problems and complete strategic projects. During maintenance week [company]’s helpdesk technicians are often heads-down in Ninja with the Qualys vulnerability reports pushing out important patches and securing known vulnerabilities. “It’s really important to us that we’re able to tightly control how and when patches go out to our endpoints,” says Jack. “We can create instability in our systems if we’re pushing out bleeding-edge patches as soon as they’re available. Ninja gives us the ability to setup multiple patching policies based on device role, giving us the flexibility to automatically approve or deny patches and deploy patches on different schedules for servers with different purposes. For example, we have several critical servers for which we do not automate patch deployment – we scan for patches regularly but only push out patches outside of business hours. Comparatively, we heavily leverage automated approvals to keep employee laptops up-to-date and minimize the time we spend actively patching.”

Ninja’s primary role in [company]’s IT management stack is to perform patch management, but as the team explores the solution more, they’re expanding their use cases. “We’ve recently decided to migrate away from the SCCM remote control tool to start using Ninja’s remote control tool,” says Jack. With Ninja’s built-in remote control tool, our technicians can login to Ninja, find the device they need to work on or provide support to, collect all the data they need, then with one click remote into the device for remediation. “We’re finding more ways we could potentially use Ninja every day – from software deployment, to scripting, to new device setup. Having almost everything we need in one tool really makes the team more efficient,” says Jack.

“We were able to transition our entire patching process over to Ninja very quickly so that we could support our newly remote and hybrid workforces. We were also able to finally solve our patching challenges with field employees who never came into the office. We no longer need to rely on the company network for patch management, which allows us to be more flexible with where people are working. Our security team is happy, our patch compliance looks good, and we’re always finding new things we can do with NinjaOne.”