Why an MSP Wants to Offer MFA

    Why an MSP Wants to Offer MFA

    If you are an MSP, it makes sense that you take security very seriously. Obviously, your customers do too. They have a lot of very sensitive information and there is no shortage of people who would love to get their hands on it. While it would be awful for someone to hack into their networks and steal credit card information and other private details, as an MSP, your company could also be held responsible if the compromise happened because a customer fell out of compliance or you otherwise fell short in implementing proper security measures. Fortunately, multifactor authentication software makes it easier than ever to ensure you don't become an easy target.

    What Is MFA?

    MFA stands for multifactor authentication. It’s a type of security software that differs from traditional methods because it asks for more than just a password. Instead, you have to provide at least two factors of identity in order to get access.The beauty of MFA solutions isn’t in requiring multiple passwords, though. For the most part, two passwords can be hacked just as easily as one. No, the reason MFA software has become so popular is because each credential a user must enter is quite different from the next.

    For example, a customer of yours could use MFA software to require that a user enter a password they chose. Then, they’d have to look at their key fob for the second credential. Key fobs are small devices about the size of your average keychain that display a new code every 30 to 60 seconds. As the key fob is paired with a PIN number associated with the user, they would enter in both. The system would compare it to the password they entered and then provide access if everything is entered properly. Other credential examples include things like eye scans and fingerprints. Some even do a typing test to see if the user can perform as fast as they are supposed to. Whatever the case, you can offer customers security that is head and shoulders above simple password protection.

    Most People Can’t Be Trusted with Quality Passwords

    Obviously, MFA takes the need for passwords to the next level and it’s probably pretty clear that this makes a hacker’s job that much harder. The benefits of MFA platforms are also evident, though, when you consider how bad people are at creating passwords for themselves. To put it simply, your customers’ employees can’t be trusted to make security a priority.

    For example, consider that year after year, surveys done on the matter have reported that millions of people are hoping “123456” will keep hackers at bay. Do you know what the second most popular password is? “Password”!

    The problem so many companies struggle with is trying to get their employees to come up with strong passwords hackers will give up on trying to break. Sadly, they’ll talk themselves blue in the face issuing these commands, they’ll educate their users on how to pick strong passwords and they’ll even invest large sums in other forms of security. Despite all of this, a number of users will still choose “password” and mess it up for everyone.

    Don’t let human error become the Achilles’ heel in a customer’s security plan.  Deploy MFA software to ensure that even a poor choice of passwords doesn’t leave an organization vulnerable.

    It Works with SSO

    Another great reason to make MFA software part of your customer’s security plan is because it pairs well with SSO (single-sign on) platforms. Chances are your customers’ employees have a number of programs they need to sign into regularly just to make it through the day. This means they have a fairly large collection of passwords to keep track of, especially when you consider how often they’re probably required to change them for security purposes.

    SSO software can help employees by providing them with an even greater form of security despite the need for multiple passwords.

    For one thing, SSO utilizes a password management system to do a login to external sites. To get to this stash, employees use their SSO credential. Simply by remembering that one—which can be an MFA combination—they now have access to all of their others. This will make life at your customers’ companies far more convenient and ensure that there is no loss in productivity because workers are trying to remember one of a dozen different credentials to log into a system.

    SSO is associated with a number of other attractive benefits you should have no problem selling your customers on. These include things like:

    • Minimizing phishing
    • Streamlining desktop workflow
    • Better compliance thanks to a centralized database
    • Detailed reporting about user access

    Obviously, customers will want to pair SSO with a password management system for best results, but without the former, no amount of the latter will be complete. In fact, if you combine SSO with MFA, hacking is virtually impossible. That should be something every customer of yours is ecstatic to hear.

    Compliance Requirements

    Of course, as an MSP, you have more than just your customers to think about or even their customers. You also know that there are regulatory bodies involved and, if anything were to go wrong, you could find yourself in a lot of trouble with them.

    No doubt you’re already familiar with the following regulatory bodies and what their demands are:

    • HIPAA
    • CJIS
    • PCI

    They are very clear that you are to take every reasonable step to ensure hackers don’t get to the info you’re entrusted with. This includes using MFA. Fortunately, the price of MFA software is more affordable than ever before, making it a very reasonable investment. Failure to protect people’s data as an MSP is punished severely. You could easily have to pay out tens-of-thousands or even millions of dollars. Your reputation would obviously take a beating too, especially when the media finds out that simply using MFA software—which is becoming not just a standard, but legally required—would have prevented the whole fiasco. 

    Ready to Get Started?

    Let's Talk