Compliance Comparison of Remote Assist Apps with MCAS

4 min read
July 27, 2020

Microsoft Cloud App Security (MCAS) is the most powerful Digital Forensics and Incident Response (DFIR) tool in the Microsoft security portfolio after Azure Sentinel and Log Analytics. This gives it a significant role in identifying and responding to cybercrime taking place within applications. MCAS not only supports breach investigations, but it also has a catalog of over 16,000 applications with information about each one. The catalog contains compliance information such as framework mappings, SAML 2.0 support, and the date of the given app's last breach. With the amount of remote work going on these days, remote assist apps are commonly used, and they're worth taking a look at through the MCAS lens. Let's jump into a compliance comparison of seven remote assist apps.

LogMeIn

Screenshot shows MCAS scores for LogMeIn.

 

LogMeIn is the remote assistance tool of choice for Microsoft support. This is likely due to the fact that it's the most compliant tool we're reviewing today. Microsoft Azure is the most compliant cloud environment in the world, and they need support tools that they can trust. Founded in 2003, LogMeIn has more recently acquired or merged with LastPass and GetGo. At the end of last year it was bought by Francisco Partners and Evergreen Coast Capital Corporation---CEO Bill Wagner said that he was optimistic that this would help the service continue to move forward successfully.

TeamViewer

Screenshot shows MCAS scores for TeamViewer.

 

While TeamViewer has native integration with Intune, you might want to consider another option for remote assist. The app had an undisclosed breach in 2016 that wasn't brought to light until three years later. TeamViewer claimed that the hackers weren't able to do any real damage---but customers do like a bit more transparency and timely reporting when breaches concern apps that they're using. And they didn't like it either when TeamViewer blamed other breaches on the carelessness of users, which a PR manager later apologized for.

ConnectWise Control

Screenshot shows MCAS scores for ConnectWise.

 

ConnectWise is a popular Managed Service Provider (MSP) platform. Unfortunately, its compliance record doesn't line up with its popularity. (For a similar case of misalignment, see our post on Zoom compliance.) And although its security looks pretty good here, it's had some spotty history recently. When researchers found vulnerabilities within the app last year, ConnectWise responded by threatening a defamation lawsuit, and left some of the vulnerabilities unresolved. Careful use of the app can help reduce cyberattackers' ability to exploit these vulnerabilites---so if you do choose to use ConnectWise, see these details and tips on how to mitigate the risks. Last month ConnectWise also had problems with ransomware.

RescueAssist (Formerly Citrix GoToAssist)

Screenshot shows MCAS scores for RescueAssist.

 

Part of LogMeIn's merging with GetGo back in 2017 was its acquisition of GoToAssist, which became rebranded as RescueAssist. As you can see, RescueAssist does better with security and compliance than some of the other apps we've been looking at---which isn't surprising since it's partnered with the other app with the best MCAS scores.

BeyondTrust (Formerly Bomgar)

Screenshot shows MCAS scores for BeyondTrust.

 

BeyondTrust has had quite the corporate journey. Starting off as ExpertVNC in 2003, then changing to NetworkStreaming in 2004. Finally, it underwent a restructuring in 2007 and formally changed its name to Bomgar. This lasted until 2018 when it acquired BeyondTrust and adopted that as its new name, which it still holds today. Whatever you like to call it, we'll call it mid-range when it comes to compliance. Security looks strong, but the company has some work to do in other areas.

Datto RMM

Screenshot shows MCAS scores for Datto RMM.

 

In 2015 Datto became Connecticut's first "unicorn" company, which means it reached the nearly mythical success of valuing at over $1 billion as a private startup. In 2017 it merged with Autotask Endpoint Manager (AEM) and rebranded to Datto Remote Monitoring & Maintenance (RMM). Datto RMM provides one of the more compliant platforms for MSPs.

SolarWinds N-Able

Screenshot shows MCAS scores for SolarWinds N-Able.

 

SolarWinds makes great network monitoring software, but their remote assist tool, N-Able, is one of the more expensive yet least capable RMM tools. Its remote monitoring and management platform N-Central may leave you wishing you worked with a different app. It's not bad on the security side---but it doesn't support SAML, unlike most of the other apps we're looking at. (They do support LDAPS, but that just seems a bit dated and certainly less secure than SAML or OAUTH.)

Closing Thoughts on the Compliance Comparison of Remote Assist Apps with MCAS

The winner for the compliance comparison of remote assist apps is hands-down LogMeIn. It's important to remember, though, that compliance doesn't necessarily equal security. So even if you choose an app that meets standards well, it doesn't mean you should be careless in your use (to use TeamViewer's phrase) or overlook security on your end. Here's to choosing strong apps and making smart use of them, too.

More MCAS Assessments

See how Microsoft Cloud App Security scores the app TikTok as it's currently owned by Chinese parent company ByteDance.

Stay connected. Join the Infused Innovations email list!

No Comments Yet

Let us know what you think