Cybersecurity has plenty of complicated aspects. (“Yeah, duh,” you say.)
But identity access management (IAM) is pretty simple. It involves keeping track of:
For example: Whitney logs into Microsoft Excel from her known computer in New York at 4:37 p.m.
Now, that concept might sound simple. But actually monitoring and managing all those who-what-when-where-how pieces can often be complex and overwhelming for MSPs — especially those with dozens of customers, with potentially hundreds of end users each.
(That math gets scary, fast.)
Ideally, MSPs will have tools that can monitor and record logins. A database of past login behavior can establish patterns of “normal” behavior — which makes a deviation from that pattern much more obvious.
MSPs who use technology that identifies suspicious behavior and automatically takes action against it are the ones more likely to shut down breaches.
Unfortunately, only 26% of organizations have embraced automation for monitoring SaaS security.
But these tools can be critical for real-time, effective IAM. They offer uninterrupted identity access monitoring, like when someone logs in from overseas. More visibility over that behavior, paired with automated remediations, leads to stopping bad actors faster.
In fact, logins from foreign countries are often the first (and best) sign an account has been compromised.
Take it from one of our partners, ArcLight Solutions CTO Frank Barrett. He caught an actual Chinese spy thanks to foreign login flags from SaaS Alerts! Read his partner success story here.
No matter what kind of monitoring tools or remediation technology you have in place, MSPs should have firm IAM rules for their customers.
These could include:
All the above rules are important. But multi-factor authentication (MFA) should be front and center in any MSP’s IAM policy. (Acronym soup, we know. Hang in there.)
This additional layer of access control for an end-user account can often be the difference between an attempted hack and a successful one.
The bad news? Security enhancement usually requires extra effort — and many customers find MFA annoying. It can be an uphill battle to convince customers to embrace it as the status quo.
To get over that hurdle, remind them of the following benefits of MFA.
Related content: How MSPs Can Make the Case for MFA Implementation
Remember how we said MSPs should use technology to identify and remediate suspicious login behavior?
SaaS Alerts is here to make access monitoring much easier:
Improve your account behavior analysis: Identity access is one of the core categories of events that SaaS Alerts monitors. Thanks to easy integration with your existing professional services automation (PSA) tools, you don’t have to do a lot of extra work to track and collect that data. Plus, all these login records make for easier audit trails.
Streamline your policy management: IAM policies are great (awesome, even). But deploying all those policies to every single customer? Not so awesome. Thankfully, SaaS Alerts’ Fortify module can automatically implement security recommendations across all your tenants. It takes minutes — not hours or days.
Provide detailed, instant alerts: Get instant notifications of unusual user behavior. These flags are categorized as low, medium or critical alerts, which can be customized based on your policies or customers. Never worry again that suspicious behavior will fly under your radar.
Automate remediation steps: Even while you sleep, SaaS Alerts stays awake. Through the Respond module, you can set up specific steps you want SaaS Alerts to take if certain events happen. For example, SaaS Alerts can lock down an account with too many suspicious login attempts. And it does all this in the background, whether you’re at your desk or not.