September 18, 2020//Tony HowlettLast Updated: February 25, 2021
If you run a managed service provider (MSP) business, giving excellent customer support is paramount. Service is in the name MSP after all! And a key element to providing that service is often being able to access your customer’s data and resources quickly. However, there is often a tradeoff of efficiency against security when gaining this access. The faster you can get a rep onto the customer network on a trouble ticket, the faster you can resolve their issue. However, speed often means a lack of controls and checks and that can spell trouble for an MSP whose customers trust them with their most critical assets. If you get hacked and they use your access to hack the client, it can be disastrous for your business. Just ask the owners of AMCA, a provider of financial services to medical testing giants Labcorp and Quest Diagnostics. When they were hacked and patient records of their two biggest customers as well as several other clients were breached, they had to declare bankruptcy after being hit with multiple massive lawsuits.
So you’ve got to be secure to stay in business but most security controls can slow down your ability to do your business efficiently. This results in a “seesaw” of security and efficiency demands from the customer, with them wanting both but as you get more efficiency, you lose security. And there is an inverse incentive from many clients who require Service Level Agreements (SLAs) based on “time to resolution” or “cases closed” with penalties or bonuses paid on those metrics yet security is often just expected and not measured or rewarded. Given this motivation, you know which way the fulcrum often tilts– most would choose efficiency over security.
Additionally, MSPs often struggle with dealing with different platforms to access customer networks and systems. Some will have VPNs, which are easy to set up but have many security issues. Others may use desktop sharing tools or other proprietary tools which require special training for each platform. An MSP may end up needing to use dozens of different technologies to get in and service their customers which adds complexity and cost to their customer support operations.
The answer to all these challenges is to standardize on a single remote access platform for your customer support. This platform should offer standards-based protocols that are easy to support and train on. It should be able to run on both your networks and your customer’s whether they are PC, Unix/Linux, or Mac-centric. Finally and most importantly, it should have all the security features that customers want and many regulated industries require. This would include multi-factor authentication (MFA), credential vaulting (for privileged accounts), and granular logging capabilities to document the actions of your service reps.
There are many remote access solutions out there, including the general-purpose VPNs, desktop sharing, and other applications. However, if you are in the Managed Service Provider business, you should consider a technology that is purpose-built for vendors to support customers securely AND efficiently. It’s called vendor privileged access management or VPAM. VPAM offers a secure access platform that is standards-based and lightweight. It doesn’t require the loading of additional software clients but rather uses a standard web-based browser both on the vendor and customer end to set up a secure connection. It also offers the latest security features that map to most current compliance protocols like HIPAA, PCI-DSS, CJIS, and more. This includes support for MFA, credential vaulting, and many other built-in security features. Vendor privileged access management also offers an “HD” audit that includes keystroke logging for terminal sessions and video capture of graphical sessions so that any dispute or issue over rep actions can be resolved quickly. This feature also makes auditors and regulators happy who want detailed records on third-party access. And most importantly for your SLAs, it offers streamlined and automated onboarding and offboarding of service reps so they can be up and supporting your customers, in a highly secure manner, as quickly as possible.
Though security is rarely part of the metrics you are paid on, it is expected to be baked into the price of the service you provide. So the motivation at many MSPs is to focus on those measurable metrics and hope and pray that the security is there. Instead, get both security AND efficiency for your customer support access by implementing vendor privileged access management software. To learn more about the importance of standardizing your remote support platform, check out our helpful solution brief that does into further detail and how you can protect your reputation.