[SECURITY | 3 MIN READ] Adopting a password manager gives MSPs an easy way to access and secure their clients’ networks—but they can also serve as a key revenue opportunity.
It’s a familiar story. A managed services provider (MSP) is tasked with managing the hundreds—sometimes thousands—of passwords its technicians use to access customer networks and provide customer support.
Many MSPs adopt complicated, time-consuming, and usually ineffective workarounds to this problem. On top of this, they also may face difficulty protecting the security of clients who opt for weak passwords or, equally troubling, use identical passwords across multiple accounts. What too few realize is that an easy solution is at their fingertips—adopting a password manager.
What are password managers and how do they work?
Password managers are a type of software application that can run on a computer, on a mobile device, or in the cloud. Specifically, they generate complex and unique account passwords, provide secure password storage, and offer easy password retrieval with automatic form filling.
Do you remember an instance in which you had to replace one of your account passwords with a new and unique variation, and later, when you urgently needed it, you couldn’t recall it? As an MSP, this problem is theoretically multiplied hundreds of times. Password managers can prevent such a scenario from recurring. They offer users the peace of mind that comes with knowing they need only recall a single password—the one that unlocks their “vault” or “database,” allowing them to access all of the accounts they use.
In addition to passwords, password managers can secure other vital online information—PINs, credit card numbers, CVV codes, security question responses, and more—with ironclad encryption. This makes it difficult for even the most adept hacker to steal your information.
By deploying a password management system that allows you to white label the product, MSPs can also then resell this to their customers in a Password-Management-as-a-Service format. This allows MSPs to automatically and securely store, access, and share approved passwords in a co-managed IT environment.
What are the benefits of Password Management-as-a-Service?
Apart from allowing MSPs to capitalize on a new revenue stream, and guaranteeing security and efficiency to clients, Password Management-as-a-Service can also offer a whole host of other benefits. These include the ability to:
- Ensure regulatory compliance related to passwords and documentation for customers
Many industry verticals have to comply with tough regulatory policies and protocols around password management—such as those in HIPAA and FINRA—and companies face stiff penalties if they don’t adhere to these. Password Management-as-a-Service allows MSPs to generate reports to prove password and documentation compliance with the click of a button. This can remove a major concern for many companies.
- Adjust easily and rapidly to staff turnover
Handling credentials in a co-managed IT environment between customer and MSP can be challenging. According to Intermedia’s 2014 SMB Rogue Access Study, 89% of employees admit to retaining access to at least one application from a former employer, and 49% admit to logging into and using an account from a former employer. So it’s critical that credential access is removed as soon as possible when a staff member leaves either an MSP or one of its customers. This can take hours without a password manager. However, with Password Management-as-a-Service MSPs can lockout technicians (and any other staff) in a fraction of the time, and provide customers with the peace of mind that their systems are being monitored and managed both securely and efficiently.
- Use audit logs to hold technicians accountable for their work
It’s a harsh truth, but technicians and admins (whether part of an MSP or one of its customers) will often do their best work when they know someone is reviewing what they have done. Removing the blanket protection of using the shared admin login to a network, and providing individual logins, will not only improve quality of service but also mean that every technicians is accountable and auditable. This is an essential part of many regulations. The ability to audit password usage can also apply right across an organization, so that companies can accurately see, and report on, who has been doing what within their networks.
- Gain increased trust from customers by enhancing their security
Customers and prospects buy from people they trust. Adopting a password management solution will help you gain clients’ trust because you will inherently have policies and procedures in place that help strengthen client security.
A budding number of MSPs have begun to realize that password managers can also be a source of revenue. According to Zion Market Research, the global identity and access market (of which password managers are a part) was worth $10.12 billion in 2018 and will be worth $23.38 billion by 2025. This means there is ample space and opportunity for MSPs to enter the fold by offering their customers password management as a service (PMaaS).
By adopting a password management system and selling it as a service, MSPs will be in a much better position to offer their customers the security and authentication tools they need. As a result, they can differentiate themselves from competitors and attract new clients. In addition, by labeling their selected password manager with their own logo, they may be able to extend their brand recognition within customer networks and beyond.
This brings us to the question of which password management tool to choose. When deciding on a password manager, some of the most important characteristics to look for include:
- Multitenancy, or the ability to separately store the passwords and data of each customer
- Ability to install in the cloud
- Solutions that meet customers’ needs
- Fast and effective customer support
Above and beyond these considerations, MSPs will want to find a password manager that fits the needs of both their customers’ businesses and their own.
Passportal is an award-winning, cloud-based password management platform from SolarWinds. Tailored expressly for MSPs, it offers automated password protection and makes storing, managing, and retrieving passwords easy. In addition, our add-on service Passportal Site allows MSPs to deliver branded PMaaS to deliver more value to their customers with ease.
Until the end of the year SolarWinds Passportal is giving MSPs money back to invest in developing their businesses when they spend $500/month or more on Passportal Site. Find out more here.
- Product Offer: Grow Your Business with Passportal Site
- Experience the Power of Passportal for Free
- How to Build Password Policies for Your Customers
SolarWinds® adds Passportal suite to its MSP product portfolio. MSP security, simplified. SolarWinds® Passportal + Documentation Manager is a SOC 2 certified, RAPID 7 tested, award winning platform.
Grow your business faster with the world's first unified platform for true password management and secure IT documentation. More than 2,000 best-in-class MSPs around the world are leveraging our security, automation, and rapid access client knowledge to out preform the competition.