Privileged Access Management for MSSP’s – We understand the differing needs of our Managed Service Provider/Managed Security Service Provider (M(S)SP) customers compared to large end users.
The key difference is the need to scale through repeatability. However, there’s now another requirement: MS(S)P’s need to add strong audit features to their offering so that they can assure their customers that they will comply with GDPR. This needs to be done cost-effectively in a maturing Cloud market where price pressure is ever-present.
Our Service Provider customers run the best physical hardware and deepest levels of virtualisation to provide the uptime security that attracts their customers. All that equipment needs to pay for itself, and these days virtual systems are often available at a monthly fee that is less than the electricity required to run an equivalent physical system.
M(S)SP’s need to meet these security/compliance demands:
To meet these demands, our M(S)SP customers are employing the most talented cybersecurity staff. But this is an expensive human resource that impacts the bottom line. Therefore, there is a drive to get the very best security from the least number of staff.
We’re fully aware that the providers use outsourcers, particularly in the anti-malware and help desk disciplines. These outsourcers need to be both trusted and proven to be trustable.
When we put all these factors together, we find a level of audit and security equivalent to banking operations. This puts Privileged Access Management (PAM) at the top of the agenda. In addition, the need to get the best from IT talent puts Privileged Task Management (PTM) right at the top too.
Recently, our Sales and Support teams have noticed the change in customer engagements. Two years ago, PAM was driven by compliance and audit, and PTM was a help with time pressures and common IT operations. Our Service Provider customers were at the forefront of using PTM for business tasks. In particular, deploying privileged tasks all the way to outsourced help desks to help deliver ‘first call resolution’.
These days, task and process automation is always on the agenda. Rapid reaction and bulk changes are common discussion points.
For example, a Service Provider may need to make rapid and consistent changes through multiple firewalls, not only for threat management but for service provision. Then there are scheduled tasks, for example, password cycles on SAN and Hypervisors, since these are the ‘crown jewels’ of any Service Provider.
M(S)SP’s are far more likely to be working with Open Source because they need the extra flexibility, proven security and cost benefits of this kind of software. The volume of systems and devices they deal with swamps end-user data centres. We understand not only the volume of systems but also their peripatetic nature as they are stood up and down to keep costs at an absolute minimum.
Our understanding is reflected in our product offering in several ways:
We enjoy working with M(S)SP’s. If you have any of these requirements, especially in the run-up to GDPR, please Contact us.