#GoToGetsIT: This article is part of an ongoing series from GoTo’s thought leaders on the frontlines: Our Solutions Consultants deeply understand our customers’ unique challenges and connect the right solutions to meet their goals using GoTo technology. Here, they share their industry knowledge on what it takes to help businesses everywhere thrive in a remote or hybrid world.
PowerShell has the potential to save IT teams a lot of time and make their day-to-day work easier. As an open-source, cross-platform task automation solution from Microsoft, PowerShell allows IT professionals to configure systems and automate administrative tasks from the command line on Windows, MacOS, or Linux. There are several PowerShell community boards out there for IT pros to share knowledge and fixes to help each other automate tasks that don’t have to be done manually. This helps save agents from burnout and boredom.
But in many of my conversations with IT Managers, I’ve found there are two drastically different viewpoints about PowerShell. Some don’t trust PowerShell commands to be enabled on any machine they are in control of. Others have put quality checks and balances in place to benefit from everything that PowerShell execution affords.
Disadvantages of PowerShell
If you’re of the disabling PowerShell frame of mind, you know that PowerShell commands can be great configuration tools, but you also know that anything that can access core OS functionality comes with vulnerabilities that have to be closely monitored. If you don’t have vulnerability scans in place, it can feel like a daunting risk to manage. In that case, it’s better just to eliminate the potential threat.
Advantages of PowerShell
However, if you prefer the ease of PowerShell command functionality, you’re willing to put some basic checks and balances in place to ensure the commands executed are logged and only accessible by those with encrypted access. Zero trust security framework, for example, requires that each and every remote action be validated before it is executed.
This feature is found in the all-in-one IT management and support solution, GoTo Resolve. It includes easy task builders to create simple jobs that take advantage of everything, from installing a Microsoft Windows Installer (MSI) to clearing a cache, or rebooting a machine through basic PowerShell commands. These tools are used within AES 256-bit encrypted sessions.
Extra checks and balances
PowerShell offers peace of mind with Module and Script Block Logging. PowerShell Module Logging lets you enable which specific PowerShell modules should have logging throughout all sessions on a computer. Any pipeline execution event will then get recorded in Event Viewer’s Windows PowerShell log. The Script Block Logging will track the commands, script blocks, functions and script processing, storing it in the Microsoft-Windows-PowerShell/Operational event log. Having these events documented for reference serves as a credible audit trail.
PowerShell as a tool has been around for a while and doesn’t appear to be disappearing anytime soon. With some basic quality controls in place, you might just find that the simplicity and accessibility are compelling enough to take the extra measures and begin enjoying the efficiencies of this easy-to-use method.