How to Keep Today’s Remote Users Connected and Protected

How to Keep Today’s Remote Users Connected and Protected

by | Dec 6, 2024 | On-Demand, Webinars

ON-DEMAND webinar

How to Keep Today’s Remote Users Connected and Protected

Watch Now!
  1. Home
  2. Author archive for: Shannon Flaherty
  3. Page 4

About this Webinar

For employees, existing remote access via virtual private networks (VPNs) may feel sufficient to keep them connected while working outside the home office, but for IT and security professionals, it’s another story: VPNs are highly susceptible to credential theft, and from this compromise, hackers are free to move laterally across the network.

What’s more, on-premises firewalls weren’t built for today’s cloud-enabled hybrid workforce, for whom the last line of defense exists at the edge.

View our latest webinar wherein Michael Garrity, Sales Engineer at CyberQP, and Jared Epstein, Head of Partnerships at Timus, walk you through concrete strategies to keep remote users securely connected, based on their own expertise doing so at their fully remote companies. You’ll also gain insight into 5 reasons MSPs partner with Timus for ZTNA and a review of CyberQP’s offerings

Event Details:

Original Air Date:

Location: Virtual/On-Demand

Watch Now!

Meet our Speakers

michael garrity

Michael Garrity

Manager of Sales & Success Engineering, CyberQP

Jared Epstein, Timus

Jared Epstein

Head of Partnerships, Timus

Don't Miss Out!

Watch Now!

How to Keep Today’s Remote Users Connected and Protected

Vendors vs. MSPs: What constitutes a healthy channel relationship?

by | Dec 6, 2024 | On-Demand, Webinars

ON-DEMAND webinar

Vendors vs. MSPs: What constitutes a healthy channel relationship?

Watch Now!
  1. Home
  2. Author archive for: Shannon Flaherty
  3. Page 4

About this Webinar

The importance of fostering productive relationships between a managed service provider (MSP) and their vendors is crucial for business expansion. Yet, as MSPs develop their ecosystem, common questions arise, such as:

  • What are the best methods of vendor evaluation?
  • How can vendors provide value to MSPs post-implementation?
  • How can you seamlessly expand your services as an MSP?

Our seasoned panel of experts—Kelcye Blankenship-Lackland and Michael Garrity from CyberQp, Wayne Hunter from AvTek Solutions, and Amanda Lachapelle from B4 Networks—will answer these questions in the following webinar.

Watch now to enhance your company’s vendor relationships and to gain insight into how CyberQP’s Privileged Access Management and Helpdesk Security Automation solve common MSP problems, like end user verification and shared credentials.

Event Details:

Original Air Date:

Location: Virtual/On-Demand

Watch Now!

Meet our Speakers

Wayne Hunter Avtek Solutions

Wayne Hunter

President & CEO, AvTek Solutions

michael garrity

Michael Garrity

Manager of Sales & Success Engineering, CyberQP

Kelcye Blankenship-Lackland, CyberQP

Kelcye Blankenship-Lackland

Channel Development Manager, CyberQP

Don't Miss Out!

Watch Now!

CyberQP (formerly Quickpass Cybersecurity) Enhances MSP Cybersecurity Programs with New Just-in-Time Privileged Account Feature

CyberQP (formerly Quickpass Cybersecurity) Enhances MSP Cybersecurity Programs with New Just-in-Time Privileged Account Feature

by | Jun 15, 2023 | Blog Posts

BLOG POST

CyberQP (formerly Quickpass Cybersecurity) Enhances MSP Cybersecurity Programs with New Just-in-Time Privileged Account Feature

  1. Home
  2. Author archive for: Shannon Flaherty
  3. Page 4

June 15, 2023

Read Time: 2 Minutes

Featured Product Tours:

Passwordless JIT

Help Desk Security Automation

Customer Identity Verification

MSP Insights

CyberQP, a leading provider of Privileged Access Management and Helpdesk Security Automation for Managed Service Providers (MSPs), has announced the release of Just-in-Time (JIT) privileged account creation for Active Directory. This new capability enables MSPs with more robust control over access to their privileged accounts. CyberQP has since released an in depth webinar dedicated to the process of creating these accounts and passwords on-demand when technicians need them.

With this new feature, CyberQP partners can temporarily enable and revoke privileged access as needed, offering an ideal solution for MSPs to limit exposure of their privileged accounts, prevent insider threats, and position themselves for co-managed IT agreements.

As small-and-medium sized businesses (SMBs) observe cyber criminals adopting identity-based tactics to target an organization’s administrative and privileged accounts, MSPs and SMBs need a scalable, dynamic solution that mitigates their risk and guarantees clear visibility into activity related to privileged accounts.

CyberQP’s JIT account creation feature empowers MSPs to create temporary privileged accounts for individual users, which automatically rotate credentials and disable themselves upon expiration. Moreover, JIT accounts are organized to create an easy-to-track audit log that attributes activity to individual people, enhancing accountability and compliance.

“The MSP business model is insecure by default from a standing privilege perspective,” said Jimmy Hatzell, VP of Revenue at CyberQP, “So now there is a move to ‘zero standing privilege” using Just-In-Time Accounts. Basically instead of having all these accounts active, they are only created and activated when in use, with least privilege.”

CyberQP’s latest innovation follows an announcement that the company successfully raised an additional $12 million in funding.

The Latest News & Events

Why MSPs and SMBs Need a Cybersecurity Partner for their Privileged Accounts

Why MSPs and SMBs Need a Cybersecurity Partner for their Privileged Accounts

by | Feb 1, 2023 | Blog Posts

BLOG POST

Why MSPs and SMBs Need a Cybersecurity Partner for their Privileged Accounts

  1. Home
  2. Author archive for: Shannon Flaherty
  3. Page 4

February 1, 2023

Read Time: 4 Minutes

Featured Product Tours:

Passwordless JIT

Help Desk Security Automation

Customer Identity Verification

MSP Insights

In light of disastrous breaches where threat actors successfully stole sensitive user credentials from traditional password managers, many small and medium-sized businesses (SMBs) are asking their Managed Service Providers (MSPs) how they are protecting key client accounts and data.

It’s clear that while password managers are important for storing and sharing passwords internally and externally, they are not equipped to protect SMBs from sophisticated cyber threats, and lack the functionality to enable MSPs to easily protect and manage the various accounts involved in an SMB’s day-to-day workflow.

The answer? MSPs need a security-first partner and platform that integrates across their technology stack to automate help desk technician workflows and streamline the management of privileged, local, and service accounts.

Where Password Managers Fall Short

Although traditional password managers allow businesses to store and share passwords internally or externally with clients, they lack several of the security measures necessary to follow best practices

For example, password manager applications don’t support regular password rotations for privileged accounts, forcing MSP technicians to go directly to Microsoft 365, Active Directory, or Azure AD to manually update credentials, which can become time consuming and difficult as MSPs continue to scale their operations. And as an MSP grows, the number of endpoints with local admin and service accounts to manage will only continue to grow.

MSPs need security automation solutions to help their teams scale with their customers as they continue to grow. That’s why CyberQP Cybersecurity is developing security automation to accelerate MSP operations, including a Privileged Access Management solution that eliminates manual management for MSPs.

What is Privileged Access Management?

Privileged Access Management (PAM) tools offer a set of tools and best practices to safeguard privileged accounts, whether they are local admin accounts across a client’s endpoints or Azure AD/Office 365 tenant admins. In colloquial terms, PAM solutions protect your MSP’s metaphorical keys to the kingdom.

Privileged Access Management enables MSPs to discover, monitor, and manage these privileged accounts using a variety of capabilities including:

  • Automated rotation of privileged credentials to reduce the potential for threat actors to compromise privileged accounts.
  • Temporary privilege escalation to minimize the number of people with access to sensitive information and deter insider threats.
  • Privileged account discovery to identify potential blind spots and align all of your end users’ privileged accounts to your MSP’s best practices.
  • The ability to sync credentials back to a secure password vault if an MSP needs a secure place to store and manage passwords.
  • Create Just in Time (JIT) access to minimize the standing privilege and risk associated with technicians having 24/7 access to privileged accounts.

What MSPs Need in a PAM Partner

In order to address the growing concerns surrounding threat actors targeting MSPs and SMBs alike through these attack vectors, MSPs need a dedicated cybersecurity partner to enable their technicians’ processes.

The right partner will support MSPs with a suite of Privileged Access Management products, including one dashboard that makes it easy to secure your privileged accounts, from your Azure AD (O365), to your end users’ local admin and service accounts. This cybersecurity partner should offer compatibility and API integrations across your technology stack to automatically rotate critical passwords on a daily, weekly or monthly basis and write them back to a documentation tool like IT Glue or Hudu as needed.

A cybersecurity partner should also offer MSPs the ability to randomly generate 99 character passwords or easy-to-read passphrases that can be stored in a secure password manager built for MSPs to give your team peace-of-mind using automated solutions that eliminate hours of manual labor from your technician workflows.

Why MSPs Need Privileged Access Management

There has never been a better time for MSPs to partner with a cybersecurity company to address these cyber criminals. While Privileged Access Management is uniquely positioned to deter threat actors targeting a business’ critical infrastructure, cybersecurity insurance firms are also driving adoption of PAM solutions.

The escalating number of emerging cyber threats and data breaches have caused cyber insurance premiums to spike, and getting coverage has become restrictively expensive for MSPs, if they can get coverage at all.

As more insurance providers begin requiring Privileged Access Management solutions and requiring regular password rotations, MSPs may need to get onboard to avoid impacting their level of coverage, their premium costs, and their eligibility for cyber insurance in the future.

A Privileged Access Management Cybersecurity Partner for MSPs

Many Privileged Access Management providers are designed to support enterprise security teams, and not equipped to support MSPs. At CyberQP Cybersecurity, we’re building Privileged Access Management and security automation solutions purpose built for MSPs.

The Latest News & Events

Why MSPs and SMBs Need a Cybersecurity Partner for their Privileged Accounts

Why Rotate Privileged Account Passwords?

by | Oct 12, 2020 | Blog Posts

BLOG POST

Why Rotate Privileged Account Passwords?

  1. Home
  2. Author archive for: Shannon Flaherty
  3. Page 4

October 20, 2024

Read Time: 4 Minutes

Featured Product Tours:

Passwordless JIT

Help Desk Security Automation

Customer Identity Verification

MSP Insights

Leaving the passwords for privileged accounts static and configuring them to never expire is convenient and ensures that any system that depends on these accounts will continue to run without any intervention. For MSPs doing this can leave your company and your customers at risk from credential stealing. According to ZDNet the PyXie RAT malware can steal passwords from technicians through keylogging and recorded videos.

Targeted phishing attacks can also obtain administrative credentials by impersonating login portals for online accounts such as Office 365 and Azure AD and having technicians willingly provide privileged credentials without realizing it. Static passwords are easier to crack since they never change and if re-used from another online system, they are at risk of being hacked from a security breach.

Lastly, threats can also be found internally from technicians who are laid off or fired and have access to privileged credentials with malicious intentions. According to Huntress Labs a former MSP technician attempted to sell all their customer administrator credentials on the dark web to the highest bidder.

Why rotate passwords when you use MFA?

MFA (Multi factor authentication) is an essential tool to use that adds an extra layer of security to protect your privileged credentials. Some argue that using MFA eliminates the need to rotate passwords. That being said there is mounting evidence that MFA too can be hacked in a number of different ways including man in the middle attacks and network session hijacks according to Secureworld. Also, most recently it was discovered by Proofpoint that a new vulnerability in Microsoft 365 allows an attacker to bypass MFA. Thus, MFA alone is not a silver bullet and MSPs and IT departments should consider it as one layer in a layered security strategy.

How often should I rotate passwords?

Ideally passwords for privileged accounts should be rotated every time they are used or accessed by a technician or at the very minimum when a technician leaves or is fired. This covers internal threats from malicious technicians either employed or fired by an MSP. However, this does not cover if the password was hacked from a keylogging malware or phishing attack. Thus, the need to rotate passwords more frequently such as daily or weekly on a scheduled basis becomes much more essential.

How much does it cost to rotate passwords manually?

The concept of rotating privileged account passwords makes a lot of sense but rotating all these passwords manually can be costly. Let us break this down. Here are the general steps a technician must do when they rotate a password for a privileged account in Active Directory or Azure AD (Office 365).

  1. Look up documentation for current resource password.
  2. Access the resource via remote control solution or web browser
  3. Login
  4. Open Active Directory Users and Computers or Azure AD
  5. Locate the account to reset
  6. Choose a new password
  7. Perform the reset
  8. Update the password on the windows service or scheduled task (if applicable)
  9. Update the documentation
  10. Repeat steps 1 – 9 for the next privileged account.

Let’s assume this takes an average of 1 mins per password. According to Forester research the average cost in technician time and resources is $25 per 15 mins or $100 per hour USD. Then the average cost of a manual password reset is $1.67. Here is how much it would cost every time you need to manually rotate all your privileged account passwords. If your numbers are slightly different feel free to input your own numbers for average time and cost to see where you land.

 

Password rotation

ou could argue that if you had to rotate passwords once a quarter or a year that you would just suck it up and assign the work to a technician. But if you need to do this daily or weekly costs would quickly spiral out of control and let’s be honest no one in their right mind would do this daily or weekly if it was a manual process. Also, when things are busy this is the first task that would get postponed and therefore may be skipped and forgotten.

Why should I automate password rotation?

The numbers don’t lie. If you had to rotate all your privileged account passwords in Active Directory or Azure AD (Office 365) daily, weekly or monthly it would be cost prohibitive or worse would not get done leaving your MSP or enterprise exposed even if you use MFA.

Being able to automate these password rotations in a set it and forget it manner ensures it gets done without manual intervention for a substantial savings and protection your MSP or IT Department needs.

The Latest News & Events