Before opening my own business I took a job with an MSP (Managed Service Provider) with a promise that I would get to implement cybersecurity solutions for their clients as well as take escalations from their Tier 1-2 Helpdesk. What I found was that I had little time to work on the cybersecurity side of my job due to the overwhelming number of escalations for issues the helpdesk could not resolve:
- Outlook not working properly.
- Applications acting up.
- Etc.
Often when I logged in to the machine exhibiting the issue, I saw the Windows Update icon in the bottom right with either a yellow or red dot. I would immediately stop all troubleshooting, have the user save their work and close out all apps, then reboot to apply the updates. If the Windows Update icon was not present, I learned to check Windows Updates Settings. Many of the PCs were so out-of-date that it took hours to redress. I would get the updates started, then put my remote connection to the machine in my left-most monitor (I called that monitor The Incubator) to keep an eye on the updates. 9 times out of 10 installing the updates resolved the initial issue escalated by the Help Desk.
This was bad for business:
Bad for the client
- Workstations (and servers!) were vulnerable to exploits that had not been patched.
- Users were experiencing seemingly-unrelated issues that caused productivity to decrease, costing the businesses money.
- Workstations and servers had to be updated and rebooted, interrupting the business.
Bad for the MSP
- Helpdesk techs and escalation engineers were spending numerous man-hours on tickets describing symptoms unrelated to the real issue.
- Clients, who pay for the patching service, were made aware that the MSP was not doing its job, leaving them exposed.
I spoke to management about the issue, but they were too overwhelmed to deal with it. I finally reached out to the RMM provider and had them show me how to update the PCs using automated scripts. I spent several nights running the scripts and updating as many PCs as I could.
Escalations from the help desk dropped by one-third.