Let’s say there is a high value lab that works with nuclear material. In this building, there are conference rooms, storage rooms, offices, restrooms, and several high-risk rooms that contain nuclear material. Every hallway and room is locked and you must swipe a badge for entry to each space. Seems like a good plan, right? But, what if there was a big bowl in the lobby with swipe cards in them and all the cards had the same access, opening all the doors. Employees just grab a card, use it, and drop it back in the bowl. And, what if these cards were so non-descript that you didn’t bother checking to see if people kept them when their employment ended. That sounds kind of crazy right?
Unfortunately, that is how many MSPs operate. They have all their service delivery technicians sharing credentials to access their clients. There is very little granularity, if any, around what the various techs are allowed to access. And, in high turnover positions like Tier 1, it is often too much of a hassle to rotate the passwords for all clients after someone leaves the organization. Now, to continue our analogy, some MSPs may lock the bowl of badges in a drawer or keep some kind of record of which employee checked out a badge. But, that approach is just layering on some additional security on top of a flawed process.
There has to be a better way, right?
With Evo Security, we didn’t take a flawed process and try to make it more efficient, we decided to rethink the way that MSPs manage identity and come up with a better way. Evo Security can serve the Identity and Access Management needs of both the MSP and their end user clients. For the MSP, Evo Security can eliminate the storage of shared administrative credentials and the use of generic logins to support clients. Instead, technicians can login, securely, as themselves with the privileges they need without seeing the Admin credentials or doing any copy/paste nonsense. This allows technicians to do their job conveniently and securely, something that, until now, seemed to be impossible. If a technician leaves your company, you simply delete that user and their privileges are deleted too. No need to change the passwords at all your clients because that technician was never exposed to them.
For your end users, Evo Security provides multi-factor authentication and single sign on in an easy to use platform built for MSPs. You don’t have the feature overkill that you get with enterprise tooling in the MSP space. You get the right tools for your use case priced in a way that aligns to your business model. Leading industry reports show that only 30% of users have MFA turned on. This is a very low cost and easy intervention to improve security. Just like taking your keys and locking your doors is an easy way to protect the contents of your car, turning on MFA is a very simple way to really enhance the security posture of your end users. Sure, it would be more convenient to leave your keys in the car and to leave it unlocked, but that is inviting trouble. Similarly, not enabling MFA leaves your clients unnecessarily vulnerable to threat actors.
There is a better way to secure your own MSP and to secure your clients. Let us show you a demo of how Evo Security can help you do this both conveniently and securely.
Book a demo at: https://www.evosecurity.com/
Learn More at: https://marketplace.connectwise.com/evo-security
