Starting own IT consultancy - Gathering list of tools required and recommendations
-
@Veet said in Starting own IT consultancy - Gathering list of tools required and recommendations:
that would suck, you never want to be on a VPN with clients.
Why would one, never want to be on VPN with clients ?
Okay, there is an obvious exception to the "never" which is... when you have a dedicated work station for each client (this could be a VM.)
The reason that you never want to VPN with clients is that you don't want to be exposed to anything that they might have on their networks, you don't want to expose them to anything that might be on your network and you certainly don't want the legal liability of cross exposure between clients. It's a security risk and a management nightmare.
And it's not effective in any case, because there are no systems that effortlessly transition from network to network. If you are using a Windows desktop, for example, you will not be able to join the AD at different client sites, so the value and logic of VPNing in is lost.
VPNing is slow, cumbersome, ineffective, insecure and potentially causes legal exposures that no IT firm should want to have. And I know companies that will fire MSPs for even accepting VPN connections from customers because it means there is a security risk across the board. The MSP can't secure themselves if they are at the mercy of the least secure of all of their clients, combined.
-
Okay, I kind of agree to the part about the security risk ... But, steps can be taken, at both ends, to reduce this type of exposure... All our clients, have most of the recommended/necessary layers of security, and the same holds true, at our end ...Agreed, none of that is %100 fool-proof .. But, then, by that same definition your or your client's network could get infected/attacked, even without VPN ...
-
We use VPN extensively, to provide remote support to our clients... We have an 8mbps Internet connection, but a lot of our clients have connections as low as 2 mbps; but we've never found VPN to be slow, cumbersome, or ineffective ..
-
@Veet said in Starting own IT consultancy - Gathering list of tools required and recommendations:
Okay, I kind of agree to the part about the security risk ... But, steps can be taken, at both ends, to reduce this type of exposure... All our clients, have most of the recommended/necessary layers of security, and the same holds true, at our end ...Agreed, none of that is %100 fool-proof .. But, then, by that same definition your or your client's network could get infected/attacked, even without VPN ...
Absolutely, but that risk is multiplied, and fast, when you use a VPN. It's a totally unnecessary exposure. I can't believe that any customer, anywhere even allows it, yet many demand it.
The only real step that you can take is having dedicated machines (or VMs) per customer. As someone who has worked in finance, I can tell you, any vendor that tries to use a VPN is an ex-vendor. In the SMB space it is common. I have no idea why, but it is. In the enterprise, it's frowned on very strongly.
-
@Veet said in Starting own IT consultancy - Gathering list of tools required and recommendations:
We use VPN extensively, to provide remote support to our clients... We have an 8mbps Internet connection, but a lot of our clients have connections as low as 2 mbps; but we've never found VPN to be slow, cumbersome, or ineffective ..
Can you work on many clients at the same time? if so, how do you isolate them from one another effective? How do you make it fast and efficient to connect when they all use different VPN technologies (ZeroTier, Pertino, OpenVPN, Cisco IPsec, etc.).
We use direct remote access technologies and often can be working on two clients faster than client with VPNs can even connect. Maybe there is some cool VPN management system out there, but to do VPN you need two steps for any action rather than one. You can't make any connection or do any work until after the VPN is in place. And the number of security processes that must be maintained at both ends is big and it means that you must have 100% control of 100% of the clients (that use VPNs) or you take on way too much risk.
-
@scottalanmiller said in Starting own IT consultancy - Gathering list of tools required and recommendations:
@Veet said in Starting own IT consultancy - Gathering list of tools required and recommendations:
Okay, I kind of agree to the part about the security risk ... But, steps can be taken, at both ends, to reduce this type of exposure... All our clients, have most of the recommended/necessary layers of security, and the same holds true, at our end ...Agreed, none of that is %100 fool-proof .. But, then, by that same definition your or your client's network could get infected/attacked, even without VPN ...
Absolutely, but that risk is multiplied, and fast, when you use a VPN. It's a totally unnecessary exposure. I can't believe that any customer, anywhere even allows it, yet many demand it.
The only real step that you can take is having dedicated machines (or VMs) per customer. As someone who has worked in finance, I can tell you, any vendor that tries to use a VPN is an ex-vendor. In the SMB space it is common. I have no idea why, but it is. In the enterprise, it's frowned on very strongly.
Not common in just SMB space, I've seen it with Large Enterprises too ..
Would say that the same risk applies, when an employee working from a remote location, connects via VPN ?
-
Yes, 100% control of 100% clients (If the client approves of it, and most do) ... We do this for remote support for most of our clients, where we have setup their IT infra... The VPN technology used is same for most, but yes, some are different .. But, no host ed VPN, for sure ..
We are comparatively a smaller company, with a comparatively smaller client-base .... For, most parts, one person from our end, is connected to just one client.. However, I think multiple simultaneous VPN connections have been made... I recollect, a colleague doing something with routing table to accomplish this ...
-
Haven't read everyone else's recommendations but I think Wireshark and Metasploit are great tools that anyone in IT should familiarize themselves with. I'm working on that now as well.
-
@Veet said in Starting own IT consultancy - Gathering list of tools required and recommendations:
Yes, 100% control of 100% clients (If the client approves of it, and most do) ... We do this for remote support for most of our clients, where we have setup their IT infra... The VPN technology used is same for most, but yes, some are different .. But, no host ed VPN, for sure ..
We are comparatively a smaller company, with a comparatively smaller client-base .... For, most parts, one person from our end, is connected to just one client.. However, I think multiple simultaneous VPN connections have been made... I recollect, a colleague doing something with routing table to accomplish this ...
That becomes super complex if the clients have overlapping IP address ranges. When we were tiny we tried to get clients to all have different IP spaces. That doesn't scale well (often failing at the first client as people just won't change.)
-
@scottalanmiller said in Starting own IT consultancy - Gathering list of tools required and recommendations:
@Veet said in Starting own IT consultancy - Gathering list of tools required and recommendations:
Yes, 100% control of 100% clients (If the client approves of it, and most do) ... We do this for remote support for most of our clients, where we have setup their IT infra... The VPN technology used is same for most, but yes, some are different .. But, no host ed VPN, for sure ..
We are comparatively a smaller company, with a comparatively smaller client-base .... For, most parts, one person from our end, is connected to just one client.. However, I think multiple simultaneous VPN connections have been made... I recollect, a colleague doing something with routing table to accomplish this ...
That becomes super complex if the clients have overlapping IP address ranges. When we were tiny we tried to get clients to all have different IP spaces. That doesn't scale well (often failing at the first client as people just won't change.)
In this situation you have to setup translations of your own. I connect to a hospital that does that. They have a translation inside their Cisco router for the connection to me.
-
My own MSP lasted like three months. Honestly, I didn't market hard enough to get anough billable clients to completely supplant my 9-5 salary.
But...lesson learned.
My tools I used were LogMeIn for remote access. The remote client was great to help folks from my iPhone/laptop. For ticketing, I used an excel sheet. Ghetto, I know.
For invoicing and proposals, I used Google Docs.
Ghetto. I know. -
@FrostyPhoenix said in Starting own IT consultancy - Gathering list of tools required and recommendations:
My own MSP lasted like three months. Honestly, I didn't market hard enough to get anough billable clients to completely supplant my 9-5 salary.
Starting an SMB is hard. Starting an MSP is one of the hardest SMBs to do. It's a nearly impossible market without competition, and there is a lot of competition!
-
@scottalanmiller said in Starting own IT consultancy - Gathering list of tools required and recommendations:
@FrostyPhoenix said in Starting own IT consultancy - Gathering list of tools required and recommendations:
My own MSP lasted like three months. Honestly, I didn't market hard enough to get anough billable clients to completely supplant my 9-5 salary.
Starting an SMB is hard. Starting an MSP is one of the hardest SMBs to do. It's a nearly impossible market without competition, and there is a lot of competition!
Even if you are wanting to run a mostly local business.
-
When our company was considering a move into the MSP space, we talked to a lot of other MSPs. (None of who were competition for us.)
And we heard about the same from every one of them ... they wanted to get the heck out of the MSP business.
-
Some file sync & share might be a nice value-add for customers or even for your own company's files. Dropbox and Google Drive are great, but pricey and a pain to keep organized. ownCloud is great if you want to set it up on your own. DattoDrive is a re-branded version of ownCloud hosted by Datto. They offer $10/mo with unlimited users.
-
@Meik92 said in Starting own IT consultancy - Gathering list of tools required and recommendations:
Some file sync & share might be a nice value-add for customers or even for your own company's files. Dropbox and Google Drive are great, but pricey and a pain to keep organized. ownCloud is great if you want to set it up on your own. DattoDrive is a re-branded version of ownCloud hosted by Datto. They offer $10/mo with unlimited users.
if you think those things are expensive from someone like Google and Dropbox - two players with HUGE wallets and deep pockets, how do you think you'll be able to provide a comparable offering for less? Their efficiency has to be huge compared to what someone smaller can provide.
Unless you're not providing something comparable... .i.e. no backups, smaller internet pipes, no 3 datacenter failover, etc.
-
@Dashrender said in Starting own IT consultancy - Gathering list of tools required and recommendations:
@Meik92 said in Starting own IT consultancy - Gathering list of tools required and recommendations:
Some file sync & share might be a nice value-add for customers or even for your own company's files. Dropbox and Google Drive are great, but pricey and a pain to keep organized. ownCloud is great if you want to set it up on your own. DattoDrive is a re-branded version of ownCloud hosted by Datto. They offer $10/mo with unlimited users.
if you think those things are expensive from someone like Google and Dropbox - two players with HUGE wallets and deep pockets, how do you think you'll be able to provide a comparable offering for less? Their efficiency has to be huge compared to what someone smaller can provide.
Unless you're not providing something comparable... .i.e. no backups, smaller internet pipes, no 3 datacenter failover, etc.
Datto isn't small. I mean they are small compared to Google, who isn't. But they are already in the datacenter storage business. And running hosted ownCloud doesn't require the resources that Google Drive does as Datto doesn't need to pay the development arm to keep it being produced.
-
@Dashrender I think it's important to note that we aren't small =P Datto has 9 datacenters around the world containing 250+ petabytes of storage space. Two of those centers are bi-coastal in the US.
We make our profit from other offerings related to business continuity. That allows us to make this service available at or near operating expenses. It's really intended to help small and medium businesses and we've acknowledged it won't make us large profits.
-
@scottalanmiller We do actually have a small team as well to aid in the development of ownCloud and DattoDrive ^_^
-
UG! one of the things I really dislike about ML! You can't easily see who is representing a company. And until you see a name a million times, or have several pointed conversations with someone about a specific thing, many will never remember that xyz person works for abc company. I only know Nic works for Webroot because I've known him a LONG time and he's helped me out of a few jams.