Include:
Tech
Cybersecurity
Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.

Location

333 West San Carlos Street
San Jose, California 95110
United States

WWW: acer.com

ChannelPro Network Awards

hello 2
hello 3

News

July 26, 2021 | Maurice Côté

Never Trust, Always Verify

How MSPs can address client concerns about third-party access.

As the IT landscape becomes increasingly complex and risky, a growing number of organizations are partnering with managed service providers. There are several valid—or make that vital—reasons why this is a smart decision. Yet despite significant advantages, some organizations are still hesitant to partner with an MSP, not because they fail to see the benefits, but because they are concerned about cybersecurity. Specifically, they are worried that their sensitive endpoints and networks could be accessible by MSP staff (employees and contractors).

Essentially, this apprehension is not “”personal””; they don’t have an inherent fear of MSPs. After all, MSPs are the good guys/gals on the cybersecurity landscape! Rather, it is that some organizations are anxious about any scenario in which their endpoints and networks are accessible by any third party. And given the high-profile cyberattacks that have impacted MSPs recently, who could blame them?

Core Tools

MSPs who face this situation—and those that have not yet dealt with it almost certainly will in the months and years ahead—can alleviate these concerns by implementing a “”never trust, always verify”” approach in their clients’ infrastructure. This approach is rooted in four core tools:

  • Account Brokering. This allows authorized MSP staff to open a VPN client, launch a remote access protocol, or use a privileged account for certain operations—but without ever seeing credentials.  
  • Connection Manager. This assures clients that authorized MSP staff will never use a back door to access the environment, since passwords and credentials are controlled by the connection manager tool. And as a bonus, using a connection manager is also more efficient for MSPs.
  • Bastion Host Server. This opens a secure tunnel that prevents lateral movement within the network. As such, if bad actors breach an endpoint, they will not have unfettered access.   
  • Privileged Access Management (PAM) Solution. This triggers alerts and logs for accessing accounts, and supports advanced workflows where approval is granted prior to accessing a resource.    

In addition, MSPs should choose their remote connection solution wisely. For instance, some leading remote connection solutions have built-in account brokering functionality, which as discussed above, increases both security and client peace of mind since credentials remain hidden. 

This set of tools can be compared to a security team that offers “”white glove”” service by not only opening doors (i.e., enabling access for authorized individuals), but also tracking who accessed what, when, and for how long. This extensive visibility further assures clients that an MSP’s services are being provided in a highly secure and diligent manner. 

The Bottom Line

As long as there are endpoints and networks, there will be hackers who try to breach them. That is the bad news. But the good news is MSPs that use these tools to implement a “”never trust, always verify”” approach significantly reduce their clients’ exposure and vulnerability to unauthorized third-party access. This is a win for organizations that clearly—and in many cases urgently—need to avail themselves of the critical services and solutions offered by MSPs. And it is a win for MSPs that expand their client base and enhance their impact.

MAURICE CÔTÉ is vice president of business solutions at Devolutions, a provider of best-in-class privileged access management, password management, and remote connection management solutions to ALL organizations—including SMBs.


Editor’s Choice

Deepfakes + Generative AI = Major Problems for Business

May 14, 2024 |

Deepfakes that can’t be distinguished from reality threaten to shatter the fundamental hierarchy of human trust and impact businesses.

Deep Dives and Round Ups: Why MSPs are Lining up for Online Events Again

May 9, 2024 |

Discover how MSPs can leverage ChannelPro’s online events to enhance industry knowledge, participate in engaging tech discussions, and drive business success.

Built for the Channel: How AI and Deep Learning are Transforming the SOC for Partner Ecosystems

April 30, 2024 | Tony Pietrocola

The rise of AI-driven attacks has increased the need for an AI-driven response to allow MSPs and SMBs to move at the speed of an attack – not just in response to one.


Related News

Growing the MSP

Explore ChannelPro

Events

Reach Our Audience