This best practice outlines the optimal approach to setting up RMM policies in Syncro to effectively manage asset access and security across your managed fleet. By leveraging policy inheritance at the organization level, you can ensure consistent security compliance, streamline operations, and enhance service delivery.

Prerequisites

Before implementing these best practices, ensure you have a clear understanding of your clients' security requirements and any specific compliance needs for different asset types (e.g., servers vs. workstations). Access to Syncro's Policy Builder, Scripting, and Recurring Invoices modules is required.

Instructions

An Technical Lead or IT Director would primarily be responsible for the following steps:

1. Define Core Policies at the Organization Level: Begin by creating foundational RMM policies at the top-level Organization folder within Syncro. This leverages policy inheritance, automatically applying these policies to all assets within that organization and its subfolders. See also: About Policy Inheritance.
2. Implement Security Compliance Measures:
   • Antivirus Management: Configure your RMM policies to manage antivirus solutions across your fleet.
   • Prebuilt Monitors: Use Syncro's monitors, including Event Log Monitoring and Application & Process Monitoring, to proactively identify and alert on potential issues. See Work with Process & Service Monitors for more information.
   • Windows and Third-Party Patching: Establish robust Windows Update and Third-Party App Patching policies to ensure endpoints are consistently updated and secured against vulnerabilities. See Windows Update Management and MSP Patch Management Best Practices for more information.
3. Tailor Policies for Specific Asset Subsets: Create policies matching with an endpoint's role (i.e., a policy for a Server vs. a policy for a Workstation). For assets with unique requirements, create subfolders and apply specific overriding policies to address those needs, while still inheriting the core policies from the organization level.
4. Leverage Custom Scripts and Automated Remediation:
   • Implement recurring and setup scripts with custom monitors and alerts to automate routine tasks and enhance monitoring capabilities. See Manage Scripts for more information.
   • Configure automated remediation actions to quickly address issues detected by monitors and alerts, minimizing manual intervention. See Create Automated Remediations for Alerts for more information.
5. Periodically Review Applied Policies: Regularly review the "Applied Policy Report" in Admin > Reports > RMM to validate that policies are being enforced as intended across your fleet. See also RMM Reports. 
6. Automate Billing for RMM Services: The person acting as Business Lead/Biller at your company should leverage Syncro's recurring invoices module to accurately bill clients for RMM services and monitoring. Consider using "Asset Counter," "Policy Folder," or "Remote Access - Contact Counter" line items. See Line Item Types for Recurring Invoices for more information.

Example Scenarios

Some examples of how you might apply this best practice at your company:

• Initial Client Onboarding: A new client with 50 workstations and 5 servers. Apply a standard workstation policy to the main organization folder, then create a "Servers" subfolder with a more stringent server-specific policy.
• Security Compliance Audit: A client requires a report on their patching status and antivirus definitions. Automated patching policies ensure compliance, and the Applied Policy Report provides the necessary validation.
• Proactive Issue Resolution: A custom script monitors a critical application's service. If the service stops, an automated remediation script attempts to restart it and creates an alert if unsuccessful, allowing the technician to intervene promptly.

Benefits & Advantages

By implementing this best practice, you can expect the following advantages and benefits:

• Increased Efficiency: Reduced manual configuration and issue resolution time through automation and inheritance.
• Improved Security Posture: Proactive patching, monitoring, and automated remediation minimize vulnerabilities.
• Enhanced Service Delivery: Consistent and reliable service through standardized policy application.
• Accurate Revenue Capture: Automated billing ensures all billable RMM services are invoiced. Business Leads/Billers can ensure they are capturing all revenue by leveraging automated billing for RMM services, leading to increased profitability.
• Reduced Errors: Minimizes human error in configuration and maintenance.

Expected Results

Successful implementation of this best practice will be evident through

• A high percentage of assets reporting the policies you’ve assigned  in the "Applied Policy Report," 
• Consistently updated Windows and third-party applications, 
• A reduction in reactive tickets related to common issues, and 
• Accurate and timely billing for RMM services. 

You should also observe a decrease in time spent on manual policy application and monitoring.