The Syscomm Group is an Ontario, Canada based managed IT service provider offering managed IT, network security, and cloud solutions across businesses of all sizes. Ranked in MSPmentor’s World’s Top 501 Providers, Syscomm has built a strong reputation as the go-to MSP for implementing and monitoring security in industries that are frequent targets of ransomware.
Martin Wells, the CEO of Syscomm Group explains, “We’ve grown primarily by word of mouth as new clients come to us to help remediate a successful attack or existing customers talk about our work helping them avoid attacks. We’ve built a really good reputation as a security-focused MSP.”
Leveraging NinjaOne to enable better security
NinjaOne is a central enabler of Syscomm’s cybersecurity strategy.
Syscomm has setup Ninja to automatically scan their managed environments twice monthly for new endpoints and endpoints that are not compliant with their security requirements. Any non-compliant endpoints get Ninja pushed to those endpoints and Syscomm’s security solutions automatically deployed to bring them up to compliance. If those endpoints cannot be made compliant automatically, they are isolated until a Syscomm technician can review them and remediate the issue. “We’re able to automate a lot, from deploying our cybersecurity software to checking and enforcing compliance. It saves us a lot of time and ensures we’re effectively protecting our clients’ environments,” says Martin.
Martin’s team also built a proprietary ransomware protection solution directly into Ninja. “We’re using Ninja to proactively detect changes in files and directories that should not be changed. We check every two minutes and create a ticket and alert if a change is detection. After hours, we’ll automatically isolate the device to prevent possible cross-device contamination,” explains Marin. “In the past year alone, we’ve probably stopped 15 – 20 attacks with our ransomware detection solution alone.”
“While a baseline requirement, patching is a critical part of any cybersecurity strategy,” says Martin. “We use Ninja to automate patching across our end-user devices and servers. We save a ton of time on patching now as we no longer have any manual steps in our patching workflow.”
Driving radical efficiency
“The biggest benefit of Ninja for us has been the time savings for technicians, particularly our helpdesk technicians,” says Marin. “If we’re able to shorten how long we’re connected to an endpoint from 15 minutes to 5 minutes because of the tools and information Ninja offers, that’s hugely valuable to customers and to us. It’s a win-win that gives us a great reputation and lets us scale.”
Prior to Ninja, Syscomm used DattoRMM for their remote monitoring and management solution. “When we were using Datto, we had one employee who was fully dedicated to getting the most out of our RMM. Ninja is so easy to use and learn and includes so much out of box functionality, that when we switched to Ninja, we no longer needed an RMM manager. The amount of time Ninja saves us is worth every penny,” says Martin.
“One recent example of how Ninja saves us time is the recent print nightmare issue from Microsoft,” says Martin. “The day the patch came out, we wrote a script to deploy the fix and rolled out the changes to all servers so they could print again. Then, when the issue recurred with the following month’s update, we could quickly run another script to roll out the permanent fix. The scripts were easy to write, test, and load into Ninja and we could push them out at the push of a button. Without Ninja it would have take 1-2 weeks to roll out, instead of a couple of hours.”
Getting the most out of monitoring
Syscomm has monitoring down to a science. For all their managed servers, they monitoring everything from the basics (server shutdowns, network outages, drive space) to the more complex (all services that should start on reboot, RAID card, backups).
Potentially most important from an efficiency perspective is the amount of afterhours time Ninja has saved Martin’s team. “We’re heavily monitoring our managed servers and using automation to significantly reduce how much time our technicians are working overnight,” says Martin. “For example, we’re monitoring key metrics to predict and avoid server failures and monitoring core services to ensure if they go down or applications crash, we’re automatically restarting them.”
While end-user devices aren’t usually as heavily monitored as servers, Syscomm has invested there as well – monitoring performance and security details. “Like everyone, we’re monitoring standard metrics like disk space and CPU utilization to ensure end-users can stay productive. Where we’re different, is that we’re also investing in security-focused monitoring on end-user devices – monitoring for high network traffic, tracking logins and authentication failures, and ensuring that lost or stolen devices can’t be used,” explains Martin. “By deploying scripts and using Ninja’s remote tools we’ve cut down how much time our technicians spend using remote access by 50%, so our technicians are more efficient and end-users are more productive.”