Pre-Recorded Webinar:

Proud Sponsors of:

IT Business Owners Group

ToP 10 CyberSecurity Mitigation Strategies For Your MSP In 2020

Recorded December 30th

Todd discusses the Top 10 recommendations from the NSA on how to secure both you and your clients from cybersecurity attacks and malicious actors with help on how to implement them in your MSP practice. 

Register to watch the pre-recorded webinar and we’ll send you resources we’ve collected from the NSA, DHS, NIST and Australian government that will help you focus your security efforts in 2020.

  • This field is for validation purposes and should be left unchanged.

ITBOG MEMBERS

Special “Unlimited” Incentive Ends In:

Day(s)

:

Hour(s)

:

Minute(s)

:

Second(s)

ITBOG MEMBER

FREE NFR LICENSE:

IT Business Owners Group

In 2020 - No More Admin Privileges!

No More Excuses!

Whitelist Applications Or Actions To Automatically Elevate With Admin Privileges

Take granular control over privileges so they aren’t an “all or nothing” proposition and give your clients a superior user experience

Click Below To See How Elevation Whitelisting Works

Empower Your Staff To Instantly Evaluate, Validate, and Approve Elevation Requests in Seconds

Approve from your Android, or iOS device, browser, or directly from inside your ticket

See How Quick & Easy Real-Time Privilege Evaluation Is

Secure Multi-factor Admin Privileges at All Your Client Sites - No AD Required

Passwords are automatically rotated, aren’t stored anywhere, transmitted anywhere, or need to be looked up anywhere

See How Easy And Secure AutoElevate Makes Local Admin Passwords

ITBOG MEMBERS

Special “Unlimited” Incentive Ends In:

Day(s)

:

Hour(s)

:

Minute(s)

:

Second(s)

ITBOG MEMBER

FREE NFR LICENSE:

IT Business Owners Group

AutoElevate - The Only “PAM” Designed For MSPs. Multi-Tenant, Brandable, Channel Only, & PSA Integrated

We understand that the organizations you take care of everyday are at varying stages of the digital transformation, and that ever-present cyber security threats create an increasingly complex IT environment for you to manage securely, but…

It’s time to get your house in order with the basic best practices internally and at your client sites!

Both you and your clients are a prime target! Instead of suffering a breach or losing clients - improve your operational security today by implementing the ‘best practice’ of removing Admin privileges with AutoElevate.

Enforcing the principle of least privilege by not allowing users to have Admin privileges will drastically reduce the attack surface of your managed environments and should be on your ‘short-list’ of items to put into practice immediately.

AutoElevate shares your common goal of keeping your client’s environment more secure and creating a better user experience.

U.S. National Security Agency – “NSA’S Top Ten Cybersecurity Mitigation Strategies”

“Assign privileges based on risk exposure and as required to maintain operations. Use a Privileged Access Management (PAM) solution to automate credential management and fine-grained access control. … Privileged accounts and services must be controlled because threat actors continue to target administrator credentials to access high-value assets, and to move laterally through the network.”

U.S. Department of Homeland Security – “Before You Connect a New Computer to the Internet”

Operate under the principle of least privilege. In most instances of malware infection, the malware can operate only using the privileges of the logged-in user. To minimize the impact of a malware infection, consider using a standard or restricted user account (i.e., a non-administrator account) for day-to-day activities. Only log in with an administrator account—which has full operating privileges on the system—when you need to install or remove software or change your computer’s system settings.”

Australian Government – Australian Cyber Security Centre – “Essential Eight Explained”

Restrict administrative privileges to operating systems and applications based on user duties. Regularly revalidate the need for privileges. Don’t use privileged accounts for reading email and web browsing. Why: Admin accounts are the ‘keys to the kingdom’. Adversaries use these accounts to gain full access to information and systems.”

No More Excuses - New AutoElevate Subscribers Will Receive Special Ramp-up Incentives Of Up To 90% Off

Fill out this 60 second Survey and upon completion you’ll receive customized pricing & licensing options along with special incentives of up to 90% off. These special incentives will end January 17th 2020 so don’t miss out. 

UPGRADE SECURITY FOR ALL YOUR CLIENTS IN A FEW CLICKS

Malware Protection

Elevation requests are automatically checked against the VirusTotal database and then summarized, color coded, and at the fingertips of your engineers so they can make informed decisions quickly.

Least Privilege 'Baked-in'

Elevation of approved applications and actions happen automatically using principles of ‘least privilege’. Elevation can occur as either an Admin account, User account, or as the System depending on the circumstances.

Audit & Remediation

In a few clicks find and fix machines that have the UAC turned off or set too low across all your clients. Additional UAC settings are incorporated to harden and improve UAC security.

Removes Admin Privileges

Automatically convert local admin users to standard users in a matter of minutes WITHOUT frustrating users or having them lose productivity.

Fully Customize User Access

Control elevation of Application & MSI installs, usage of new or legacy applications requiring Admin privileges, protected system actions, Comm objects (CLSIDs), and MMC plugins on the entire family of Microsoft Windows workstation and server operating systems.

NOT Dependent Upon Active Directory

Elevation is not dependent upon AD membership and works on computers that are stand-alone, workgroup, or joined to a domain.

With Only 1 Touch Your Engineering Staff Can:

Elevate privileges for the requested application or action

Allows your users to stay efficient & productive and offloads work from your engineering staff

We Don’t Forget the Details

We all hate paperwork and usually forget to do it but now that’s not a problem. Detailed information about what was requested, by whom, on what machine, security disposition, status, outcome, and all the other details are recorded for you automatically.

Automatic Ticketing

Now you won’t have to stress about losing track of your client interactions because each request generates a ticket in your ticketing system automatically. It’s all done for you.

Communicate Status Back To Client Computer

Keeps your client informed and eliminates phones calls and remote sessions.

Time Entry On Ticket

Each technician response generates a time entry automatically as part of the natural workflow. Now your technicians can respond to client requests even when they are mobile without letting billable hours get lost.

Make rules which will automate future requests for other users

With each approval or denial the technician can select whether the same action should apply in just this single instance or as an ongoing rule for the computer, location, company, or the entire MSP practice.

EXPERTLY CRAFTED SOFTWARE DESIGNED SPECIFICALLY FOR MSPs:

White-label Branded Solution

Client facing dialog boxes and communication are customizable with your brand.

Channel Only

Sold to end user companies only through our MSP partner companies.

Meet Security & Compliance goals in minutes not days, weeks, or months

The Admin Portal allows you to sort, filter, and group information for a particular computer, location, company, or your entire practice allowing you to quickly identify areas for improvement and take action. Immediately put that plan into action by turning Windows UAC on/off, changing UAC levels, or building privilege elevation rule sets based on real-time information in just a few clicks.

Silent Discovery & Audit

AutoElevate is lightweight and deploys quickly and silently in 'Audit Mode'.  Within minutes of deployment you'll have actionable information about user privileges and privilege events that is easy to understand right at your fingertips.

Manage Privileges From Your Favorite Browser And Device

Approve or deny elevation requests, make rules, look at elevation events, harden client computers, and more - all from your favorite browser.

PSA & RMM Ready

AutoElevate was built from the ground up with integration to the most popular PSA and RMM solutions in mind. ConnectWise Automate® and ConnectWise Manage®, Autotask PSA®, Kaseya BMS®, & Syncro are currently integrated with more on the way soon. AutoElevate will fit seamlessly into your workflow.

Manage Notifications On The Go With AutoElevate Notify

Approval or Denial of elevation requests, rule building, & status can all be done effortlessly on the go from your favorite device.

This is an excellent product that is saving us time, creating efficiencies around operations and most of all securing our clients environments. Ever get the call from the business owner that "needs" local admin rights to install software whenever he wants? This provides a solution for that - a good one.

Ryan Smith

Director, Redbrick Technology Limited

Auto Elevate is a great tool that instantly lowered calls for basic installs to our helpdesk. It allowed us to resolve some issues with certain client apps requiring local admin as well. The integration works great with our triage & helpdesk process. Todd & the team are also VERY responsive which is nice for something that has become part of our core stack.

James Delfino

Senior Systems Administrator, Platform 24

ANSWERS TO COMMON QUESTIONS

How much does it cost and where do I get it?

AutoElevate is sold exclusively through its Manage Service Provider partners. If you would like a partner to contact you with additional details, demo, pricing, or a free trial please go here.

Is AutoElevate hard to deploy?

No. We’ve made it super easy so that it can deployed across your MSP practice in minutes. We’re here to help you every step of the way. AutoElevate is deployed by installing the AEAgent onto workstations. The AEAgent is a small lightweight MSI file which can be deployed silently with just about any RMM tool, System Policies, or manually by your administrators. For your convenience we have published a full set of Labtech scripts which can help you deploy the agents throughout your environment within minutes.

How much memory and disk space does the AutoElevate Agent require?

The AutoElevate Agent is very lightweight. It consists of 3 processes that run once a user is logged in. the processes collectively use approximately 40MB of memory and 820KB of disk space. We have not experienced the agent causing any slowness or resource issues and have tested it on machines running with as little as 2GB of memory.

What outbound ports need to be opened on the firewall at our MSP and/or at our client sites?

443 outbound is all that should be required. So if you’re able to go to secure websites you should be OK.

Is AutoElevate available for macOS?

No. We are currently evaluating the need for macOS compatibility from our MSPs. If you are interested in this functionality please follow the subject in our Feature requests section, comment, and vote. We want to focus our development time and money on areas that matter to you most.

What happens if my technicians don’t respond to a client request before the timer is up?

When the end user has made a request and the timer expires, an additional dialog box will appear that states that the technician is evaluating the request, a ticket has been opened and that they will be notified as soon as a technician responds. When a technician does respond, a new notification appears for the user telling them their request has been approved or denied and allowing them to continue the installation or with additional ticket information.

Does AutoElevate enter in my admin password for end users?

Depending on the privilege needed AutoElevate uses either a standard user account (which is created when the agent is installed) or as the logged in user. AutoElevate interacts with the UAC directly when an elevation of an approved process is required, allowing for compatibility and elevation of complex applications. Credentials for the standard account are generated randomly at the beginning of an elevation approval, then once again randomized and extinguished at the end of the process. Credentials are not stored in a database or transmitted over the network making security tighter, faster, and easier to manage.

 

How does AutoElevate work?

AutoElevate has an Agent service that runs on each workstation and monitors for UAC (Windows requests for username/password) events on the client machine. It works in the background to apply proactive rules to each request or to notify a technician via our AutoElevate Mobile App. Technicians with the Notification App can quickly and easily evaluate the request and build rules to either accept or deny the requested MD5 hash to be allowed one time only,  just this computer,  this location, client, or for the entire MSP practice.  For more detailed information on how the AutoElevate system works please sign-up and visit our support site.

Are approvals app based or version based?

Files are identified with a unique MD5 hash. By identifying the file in this way, approvals or denials can successfully take place regardless of where the file originates. Because each file is uniquely identified, each update needs to be examined and either approved or denied at least one time. Therefore a core application such as Quickbooks can be approved, but each new updates to Quickbooks would have to be explicitly examined and approved for the system to automatically elevate those requests.

Will adjustments need to be made to our installed antivirus?

None. AutoElevate works well with other solutions in your solution stack.

Am I charged for extra technicians?

With the release of the Enhanced Technician Mode features in 2020 each agent tier includes a corresponding number of technician user licenses with some licensing tiers including unlimited technician users. Currently, to have additional user licenses requires moving into a higher tier which includes the desired number of User (technician) licenses.

Who receives the notifications from end users?

All technicians that have the Mobile Notification app installed will receive notifications from your clients. They can quiet the notifications by adjusting notifications on their phones.

MSPs that use PSA ticketing integration (Autotask PSA, ConnectWise Manage, Kaseya BMS, & Syncro) can view notifications and approve or deny elevation requests directly in their PSA tickets. Tickets generated by AutoElevate have custom statuses which can be used to build customized notifications from within the ticketing systems. Requests can also be viewed and responded to from within the Admin Portal.

By enabling browser notifications technicians have easy 1-click access to approve or deny requests and receive notifications on their macOS or Windows computer desktops directly.

Do I have to have my own on-premise server?

No. AutoElevate is a cloud based service and software platform. All you have to have to get started is a license key and instructions. We maintain the server, the mobile apps, security, updates, and web portals.