There are some managed services offerings which are so important they deserve special attention. User and access management is one such product.
MSPs are in the middle of a security revolution. Customers are spending more money on managed security solutions than ever before, yet not a lot of MSPs are delivering managed security solutions beyond the basics such as firewall management and providing anti-virus and malware detection. While these are fundamental services all MSPs should be capable of offering, the majority of customers today need more. Controlling and monitoring how users access and interact with networks, systems, and data, is part of our ongoing struggle to combat cybercrime. MSPs can and should play a vital role in this battle.
There are a number of products and solutions orbiting the user/access management world, but here are a few which will be discussed at the next MSPWorld conference:
User management – Active Directory and other applications have been in use by MSPs for years. Don’t stop them now. But, start integrating these products with different solutions to enhance the tracking of users and their level of access.
Password Management – 10 years ago password management solutions were hardly used at all by MSPs, but that is changing. I wouldn’t go so far as to say every MSP is using password management (internally or as a service), but it is something which should be a universal best practice.
Data Backup – previously viewed as part of business continuity, I consider data backup today as an integral part of data security and protection. With ransomware so prevalent, having extra (secured) copies of your data (your MSP data, and your customer data, if applicable) can save a lot of headaches down the road.
Access Review – Persistent and ongoing internal reviews of user access levels are something every MSP should do, both as an internally focused audit practice, but also as a service delivered to customers. Both technical failures (including external intrusion) and human error can cause users to have access privileges they don’t need, and shouldn’t have. Simple reviews of a system and organizational settings can be immensely helpful in finding anomalies before they become problems.
If you are interested in learning more about this topic, attend the next MSPWorld conference.