Datto Inc. has officially pulled the wraps off an updated edition of its Datto RMM solution featuring patch management for third-party software and a new, less disruptive approach to remote maintenance sessions using Microsoft’s PowerShell scripting tool.
Rolled out to Datto partners in December and spotlighted by the Norwalk, Conn.-based vendor in a press release today, version 6.5 of Datto RMM lets technicians ban selected applications from specific endpoints and automatically update those systems to the latest version on devices authorized to run them.
The benefit in both cases is safer end user environments at a time of rampant virus outbreaks and ransomware attacks, according to Ian van Reenen, Datto’s vice president of engineering. Though RMM solutions generally do an effective job of keeping operating systems like Microsoft Windows patched, he says, most are incapable of limiting users to the latest, most secure versions of broadly-deployed products like Adobe Acrobat Reader and the Google Chrome browser.
“Because they’re very often small applications, they get installed widely across endpoints and then seldom updated,” says van Reenen of such applications, adding that hackers are aware of that fact and increasingly exploiting it. “It’s really key for our partners to stay on top of updating all that third-party software,” he says.
Earlier editions of Datto RMM allowed users to create custom patching routines for third-party software and execute them manually. Version 6.5 is the first to automate that process, however.
The new feature lets users set policies for which devices can and can’t run supported third-party tools. Based on those rules, Datto RMM’s locally-installed agent checks endpoints every 60 seconds for the presence of those systems and which version is in place. It then automatically deletes any application that shouldn’t be installed and updates systems that have fallen out of date.
A number of vendors, van Reenen notes, sell solutions offering similar functionality. “It’s an additional cost,” he says of such products. “It’s not integrated, you can’t report on it, [and] you can’t see across an entire estate.” Datto RMM, by contrast, patches third-party software through the same interface technicians use to perform other administrative tasks, and produces summary reports on the process as well.
“The MSP gets complete visibility of what is vulnerable and hasn’t been patched and what has been patched, so they can also demonstrate value to their customers,” van Reenen says.
The new feature covers 11 applications in all at present, including not only Adobe Acrobat Reader and Google Chrome, but Mozilla Firefox, Microsoft Skype, Adobe AIR, Adobe Flash Player, and Shockwave as well. The system also patches Datto’s own backup client. “That’s obviously often deployed across organizations and we want to make sure that people always have the latest version,” van Reenen observes.
Datto based the initial lineup of supported systems on research into which third-party products are both most used and most vulnerable. The company plans to add more solutions to the list in the future.
The new PowerShell feature lets technicians run that popular utility on remote endpoints in an encrypted, secure background session without interrupting the user by taking complete control of their device. According to van Reenen, tools from other vendors with comparable capabilities usually incorporate only a subset of PowerShell’s functionality. Datto RMM, on the other hand, supports full, native PowerShell sessions.