Think about putting the following strategies into practice to lessen the likelihood that attackers may abuse RMM tools and PSA software.
A policy for application control
Implement an application control policy to prevent your company from using multiple RMM tools:
- Ensure that RMM tools are patched, updated, and accessible to authorized users only with MFA enabled.
- Preventively disable outgoing and incoming connections on prohibited RMM ports and protocols at the network perimeter.
Using PowerShell to create a Windows Defender Application Control (WDAC) policy that whitelists apps based on their publisher is one way. It is noteworthy that the creation of WDAC policies necessitates administrative privileges, and their deployment through Group Policy demands domain administrative privileges.
Also Read: What is a VLAN (Virtual LAN)?
Think about putting the following strategies into practice to lessen the likelihood that attackers may abuse RMM tools and PSA software.
A policy for application control
Implement an application control policy to prevent your company from using multiple RMM tools:
- Ensure that RMM tools are patched, updated, and accessible to authorized users only with MFA enabled.
- Preventively disable outgoing and incoming connections on prohibited RMM ports and protocols at the network perimeter.
Using PowerShell to create a Windows Defender Application Control (WDAC) policy that whitelists apps based on their publisher is one way. It is noteworthy that the creation of WDAC policies necessitates administrative privileges, and their deployment through Group Policy demands domain administrative privileges.
Also Read: What is a VLAN (Virtual LAN)?
