It is a busy time for managed service providers. Many small and medium-sized companies just don’t have the resources in-house to manage all their IT, security, remote access and cloud requirements. Outsourcing IT and cybersecurity responsibilities to MSPs allows companies to focus on their primary business goals.
For large and medium sized MSPs, there is no better time to invest in modern privileged access management software. Gartner has listed PAM as a top 10 security project for the past two years. According to Gartner, PAM projects have the biggest impact on businesses while reducing the most risk.
Here’s why every MSP, MSSP and reseller should consider PAM software:
MSPs and MSSPs Are Under Attack
With so many companies relying on MSPs to manage their information, they are prime targets for hackers and malicious actors. It’s one-stop-shopping for a hacker. Instead of hacking one company, MSPs offer instant access to many companies and their data, servers, and devices.
Just consider these recent attacks. A year ago, attackers exploited a vulnerability in ConnectWise plugin and distributed ransomware into MSPs and their customers. And in August 2019, several Texas government entities had ransomware distributed through their MSP connections. The problem has grown such that the FBI and the U.S. Department of Homeland Security have warned MSPs about attacks.
As treats increase for MSPs, implementing PAM software can help secure a client’s endpoints; protect passwords; audit access; record user activities and much more.
Regulatory and Compliance
MSPs must meet compliance and regulatory requirements in order to win new business. This is especially true when working with customers that deal with sensitive information or in regulated industries such as healthcare, financial services, banking, etc.
Compliance regulations and internal auditors set controls and reporting requirements for privileged credentials. To pass, MSPs must identify all privileged accounts and document what security controls are in place to manage them and protect data.
Lars Nørballe of ALSO Holding AG, the third largest distributor in European IT services said, “Service providers and hosting companies are struggling to be compliant with GDPR and other regulatory requirements. The need for managing all privileged accounts efficiently with strong audit capabilities is important for ALSO’s partners.”
PAM solutions support many robust IT, security and compliance frameworks. For example, Xton Access Manager (XTAM) supports the NIST cybersecurity framework to protect Controlled Unclassified Information (CUI) and provide necessary security controls.
According to Nørballe, “With Xton Technologies it is possible to automate discovery and management of accounts in a multitenant setup. We find the XTAM solution to be an important and valuable offering to IT service partners.”
Restrict and Manage Access to Critical Data
In many ways, MSPs have the keys to the castle when it comes to a client’s data and systems. They need to control and manage who has access to privileged information. This becomes a bigger challenge when you consider remote access to information by remote workers, consultants or partners. MSPs need to safely provide access to trusted personnel whereever they are using the principle of least privilege to restrict access rights to only the systems, accounts, information users need to perform their jobs effectively.
PAM software can control access by locking your systems behind a firewall forcing users to go through the PAM software. The software also helps identify inappropriate permissions, record each session for compliance and send alerts should the software notices suspicious activity.
Using MFA Across Shared Accounts
Another way MSPs address remote access is by implementing multifactor authentication (MFA) with each client. As more companies are implementing MFA, MSPs have a challenge of managing MFA on shared accounts. Many MSPs and their teams use shared privileged accounts to access specific platforms, network tools, such as servers, databases or third-party applications for their clients. When you add MFA to a shared account – where each user needs an authentication token to access the individual system – which user and what phone number is the taken sent to? A manager? And what if they receive the token but did not request it? How do they know who did? For MSPs that may access hundreds of systems for a client, this becomes a big challenge.
Luckily for MSPs, new features are being added to PAM software that address this issue. MSPs can create a virtual MFA with access control using the PAM software to store the authentication key as a record in a reliable and safe location. This gives MSPs the option to enable MFA for shared privileged accounts. Using XTAM, MSPs can store Google Authenticator App secret Keys and XTAM will generate tokens for shared accounts.
New Revenue Opportunities
If improved security isn’t enough of a reason, MSPs can enhance and expand their security offerings to clients by offering PAM. Consider these statistics:
- 40 percent of the companies surveyed by Verizon are not aware of how many privileged accounts they have.
- 83 percent of organizations do not have adequate privileged access management practices to prevent data breaches (Forrester Research).
- 49 percent of businesses do not have strong user access policies (Ponemon Institute).
There is a significant opportunity for MSPs to help their customers implement and manage modern PAM software that works across cloud or hybrid environments. Any MSPs that specialize in highly regulated industries can add a PAM offering as part of compliance measures.
For example, XTAM MSP allows service providers to easily manage privileged accounts, sessions, and tasks for multiple clients. XTAM MSP offers multitenant vaults and vault-based approval workflows allowing service providers to host multiple clients on the same infrastructure while ensuring the strongest protections for each client’s data. MSPs can now easily add privileged access to expand existing offerings and grow revenues.
XTAM for MSPs
If MSPs aren’t already offering PAM solutions, now might be the time to consider it. XTAM MSP is a full-featured PAM solution that is based on a modern software architecture, agentless and cloud-ready. We offer affordable licensing options and weekly product updates to meet today’s rapidly changing security needs. MSPs can download a free trial of XTAM or contact us for a demo.
As an MSP, you work hard to support your client’s needs. Don’t let your hard work be compromised. Take the steps necessary to protect your clients and their information with a PAM solution.