Domains play a vital role in the realm of information technology, especially when managed service providers are involved. They are sort of like virtual machines in how they allow multiple clients to operate independently within their own isolated chambers that exist on the same machine. Each domain can be configured to have its own administrator that manages the users, data and contents of the environment. These individual segments can pretty much be tailored to meet the specific needs of the client, but the efficiency at which they operate all depends on how well they are configured to begin with.
Often providing mission-critical services such as internet access and voice communications, MSPs must be extremely diligent in creating environments that not only keep their clients safe, but out of the way. These five policies will give vendors an idea of what to consider when setting up domains for individual customers.
1. File Sharing Policy. With the default file permission settings intact, users are often equipped with powers that are so permissive, they can put the entire server at risk. A piece of mind can be obtained in a few tweaks. Generally you want to restrict permissions to users and only grant full control to domain administrators. When it comes to granting privileges, the most efficient way to divvy them out is on a group basis. The group approach is a comprehensive, scalable method that makes permissions easy to manage and transfer when new users are added to a domain.
2. App Distribution Policy. Several customers will come in wanting to run their own software. One company may want to set up a new accounting app for their finance team. Another business may need to run a custom CRM program that supports the entire network. An app distribution policy can either allow customers to deploy their own software, or install specific applications distributed by the vendor. With a little know-how, server administrators can centrally enforce this policy to users across multiple domains.
3. Software Usage Policy. MSPs should be mindful of the software they allow their clients to run. Peer-to-Peer (P2P) applications, for instance, can eat up tons of bandwidth and also introduce untrustworthy files that compromise the server. A software policy would only allow certain types of programs and scripts, while denying access to all others – even to users with administrator-level privileges. Software isn’t always what it seems, so such restrictions are needed to prevent malware outbreaks and hacking attacks.
4. Mobile Users Policy. With the mobile device revolution in full effect, MSPs must realize that clients may prefer to use their managed services at any time, from anywhere. Now that BYOD is a factor, the anywhere could literally mean in the office or on the road, on a smartphone or a tablet, on an iOS gadget or an Android device. These days, it pays to implement a policy that gives users the same experience they enjoy from the desktop environment on their mobile devices. The challenge is determining which platforms to support because more devices means more security complexities.
5. Remote Access Policy. One of the most common luxuries managed service providers deliver is the ability for clients to remotely connect to their desktops and IT systems. A remote access policy will govern how users can connect to those systems in a secure manner. There are several encryption tools available for the job, some of which are baked into operating systems like Windows. Then there’s Secure Shell or SSH, which works with Linux and other Unix-like platforms. What’s really important on the encryption protocol front is choosing a connection method that will serve as the standard clients refer to each time. Consistency is crucial.
You never can be too careful when it comes to maintaining an information technology infrastructure built around delivering managed services. The operations are too vital; the data too sensitive. Armed with the proper configurations, MSPs can ensure that they provide a secure environment for clients to operate in, and protect themselves in the process.