Identity Security for MSPs

Written by George Lattimore on October 13, 2018

Share This Article

Maintaining focus on clients’ security posture is absolutely critical for MSPs. There is simply no greater risk to an organization than compromised credentials, which is particularly dangerous for MSPs managing dozens of client organizations at any given time. Each client brings their own range of skill sets, required resources, as well as data risks. According to a 2018 IT Security Trends Survey with 359 channel respondents, 45% of MSPs said at least one of their clients had a security breach in the last year, and another 27% remained unsure, making identity security for MSPs a very real and immediate topic in need of discussion.

On-Prem Prevention of the Past

Picture of Server

Most clients are looking to MSPs for guidance on how to employ best practices with their IT infrastructure. From using unique, long, complex passwords to enforcing multi-factor authentication (MFA) wherever possible, clients need to be instructionally directed and technologically supported with sound security to prevent identity breaches. A core part of those best practices involves managing user identities—provisioning, deprovisioning, changing, and, of course, securing them.

In the past, securing client identities was mostly out of sight and out of mind for IT management. The focus was instead directed towards fortifying the network perimeter since corporate resources lived on-prem behind layers of firewalls, secure networks, and VPNs. From the inside looking out, it was then the job of Microsoft® Active Directory® (MAD or AD) to provide access to the right assets for the right people. So, for MSPs, securing user identities was mostly handled through MAD, and it was then their job to maintain the physical servers by commuting and calibrating as needed.

Flipping the Script on Security

ISO/IEC 27001 Compliance

That was then, but now due to the impact of the cloud, the traditional identity security model has been turned inside out. The proliferation of web-based applications, cloud servers, cloud storage solutions, and a widely heterogeneous modern office environment crowded with Windows
®, Mac®, and Linux® devices have pushed IT organizations to reconsider their defenses.

While MSPs must be aware of the massive cloud migration underway, without an updated cloud security strategy in place, their clients remain vulnerable to phishing attacks and data breaches. Cloud services have created streams of data (aka ‘shadow IT’) outside of admin’s control, and outside of their knowledge. In fact, thanks to credit cards and subscription models, around 90% of cloud services used by the modern organization exist outside of the IT’s knowledge. No wonder why, as previously mentioned, nearly half of MSPs reported their clients had a security breach last year.

In today’s world, the end user has become the primary target for hackers and bad actors. Employees at client organizations are now the weakest link in the security chain, and so far, the strategy for hackers has been unfortunately effective. When you take into account that over half of the entire United States had their information compromised last year, and the two most popular passwords of 2017 were “123456” and “password”, well, you can start to see what MSPs are up against.

Turnkey Identity Security for MSPs

Looking for a modern IdP for MSPs

With 74% of MSPs expecting their customers to increase spending on security in 2019, now is the time for MSPs to be proactive in updating their identity security strategy. MSPs can make tremendous inroads in securing an organization by leveraging modern approaches to identity management. Using strong passwords, SSH keys for Linux servers, MFA where possible, and more, MSPs can dramatically impact the security of their clients.

It’s clear that in order for an identity security solution to be effective for MSPs, it needs to be more than just secure—it needs to be flexible and cloud-based in order to streamline across all of the other tools in the product stack. JumpCloud® Directory-as-a-Service® makes this requirement a reality. By replacing the vulnerabilities of legacy approaches with a cloud-based central identity provider, MSPs can secure clients’ user identities regardless of platform (Windows, Mac, Linux), location, protocol (LDAP, SAML, RADIUS, and more), or provider (G Suite, Office 365, AWS, Salesforce, etc.).

Leverage JumpCloud as a Partner  

Interested in seeing the platform in action or hearing more about how JumpCloud’s Partner Program can provide comprehensive identity security for MSPs? Check out the introduction video above, and apply to be a JumpCloud Partner today. A Partner Support expert will contact you with details on how to evaluate the platform for your clientele.

Continue Learning with our Newsletter