As an MSP, you are tasked with identifying ways to increase operational efficiency and capabilities, while keeping costs down and security top of mind. Your customers’ trust and confidence in your decisions and capabilities is critical for your business to prosper. They need to know that you’re ahead of the curve and ready to implement the necessary changes to set their business up for success.
Over the years, your knowledge and experience have been used to upgrade servers, deploy enterprise wireless access, lay the groundwork for business continuity, and migrate business segments to the cloud. However, the game is getting more complicated every day.
The 2010’s were characterized by an explosion of personal devices in the workplace, increasingly reliable Wifi, and the migration of many business applications to the cloud. Today, the complexities of pandemic-driven remote work adoption and the growing threat of cyber attacks makes things like BYOD ubiquitous.
Over time, the device-centric nature of IT has made less sense as users increasingly use more devices across more services, each of them based on accounts tied to their work email.
These two trends combined to lead us to today. Users have accounts strewn across devices and services, all secured with weak passwords that are easily remembered (because they need to be used in dozens of places), leaving businesses clunky and exposed until they gain control of the identities they have created.
Identity management (IdM) is one of the most valuable tools in an MSPs arsenal to combat the existential threats that businesses face on a daily basis. Without identity management in place, an enterprise’s attack surface can look something like this:
Without IdM in place, any single one of those accounts or vendors being successfully breached can lead to a ripple effect across all of those platforms. This is only considering external threats. The need to quickly and securely offboard an employee can prove to be just as critical as being protected from advanced external threats.
In fact, without IdM, procedures to properly maintain security when a user needs to be removed can prove to be immensely painful as manually disabling accounts across several platforms can lead to data exfiltration or even data loss if not caught in time.
In addition to mitigating risk, IdM offers efficiencies for MSPs and their clients through automations in HR Systems, domain assets, cloud services and directories. Each additional tool added to a customer environment comes with another layer of required support. Since password resets still dominate help desk workloads, automating these requests via IdM can greatly increase your support team’s efficiency.
Onboarding new hires no longer turns into a documentation deep dive thanks to the specific setups of each individual customer environment. When properly done, simply creating the user in your core directory service will trigger the events to not only provision the user, but automatically give them the correct access needed for their role.
Today’s user identities are more deeply integrated in the device sphere of an enterprise than at any other time in our connected world’s history. Previously, an identity served as a key to the device, allowing access to local resources and network connected resources like file shares and printers. Now, an identity can continue to carry the torch after device, local, and domain access has been granted, persisting across various apps, cloud services and tools.
Identify Management is now cemented as one of the basics that MSPs are expected to apply across their client domains, bringing order to the chaos that would exist without it. Access management is the natural extension of IdM, since the purpose of identities is to access resources to accomplish work.
At the core of IdM/IAM is a directory service that can handle the various platforms and resources that businesses rely upon. It’s the MSP’s role to hook these platforms into that directory as seamlessly as possible, with minimal downtime or disruption.
Below are some questions to consider when trying to decide on which directory service to use to drive your IdM and IAM efforts.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
New to the site? Take a look at these additional resources:
Ready to join us? You can register here.