As a service provider, you probably already take the right steps to help keep your customers secure. You patch machines when needed, run backups several times a day, and use endpoint protection to detect threats like viruses, malicious scripts, and fileless malware.
But security doesn’t come just from these automated solutions. If technology plays the starring role in preventing cyberthreats, the human element wins the award for best supporting character. In short, security’s a team activity, and everyone should pitch in, including your customers.
Part of this involves running regular security awareness training. These trainings can help your customers recognize phishing and social engineering scams, avoid copying data to insecure devices or locations, and comply with important regulations for their industry. They’re essential for keeping your customers safe from the bad guys.
However, people often cut corners when it comes to following password recommendations. Employees still re-use passwords across accounts or choose easy-to-crack passwords, like “password123.” Each time they do, this leaves the company vulnerable to more risk—and you could easily lose a customer as a result. Today, we’ll talk about how you can get around this—and potentially earn additional revenue in the process.
Password management as a service
Hopefully, you use a password management tool for your own business. Password managers can help you generate strong, unique credentials, log into key services without memorizing long strings, and grant or revoke access to technicians as needed.
Using a password manager for your MSP business focuses only on your side of the fence. Your customers can become a weak link if they pick poor passwords. One breach could cost you a customer, regardless of whether you’re at fault or it’s due to an executive re-using their Netflix password on the HR system. But managing passwords for your customers can quickly become a hassle, particularly as your customer and user base grows.
So why not let them handle it (and earn extra revenue in the process)?
Enter password management as a service (PMaaS). Like most other “as-a-service” solutions, PMaaS involves selling software to customers in exchange for a monthly recurring subscription. This type of solution helps your customers enforce password best practices without having to do the heavy lifting themselves.
This arrangement offers multiple benefits, including:
- Enhanced security: By automatically generating strong, unique passwords for users, you help customers reduce the holes in their own security posture. It only takes one employee with a weak password to give cybercriminals access to your customers’ customer relationship management (CRM) solution or human resources system. While security awareness training can help, PMaaS makes following password suggestions simple and helps enforce best practices for your customers.
- Improved convenience for customers: With a password manager, your customers only need to log in once; then they can easily access the services and applications they need to do their jobs. No more memorizing dozens of passwords simply to get through the day. Plus, the customer can set their own password policies, such as periodic password resets or password length requirements. This helps your customers keep employee passwords fresh without adding the burden of memorizing yet another new password (or writing them down on post-its or in spreadsheets).
- Time savings: Selling customers their own password management solution can reduce some of the administrative burden on your team. For example, when employees leave for a new opportunity or are shown the door, you can allow the customer to quickly revoke access as needed. This saves you from spending your technicians’ time on shutting down accounts.
- Monthly recurring revenue: Finally, offering password management as a service gives you a new monthly recurring revenue stream on top of the services you already provide. As your customers succeed and add new employees, you get even more revenue with no additional time spent supporting their password needs.
Securing the human element
One of the top causes of data breaches comes from mistakes made by internal employees, which includes weak or reused passwords. If you’re in charge of security (or you’re at least partly in charge, even if it’s not your specialty), then part of your job involves preventing them from shooting themselves in the foot. Offering PMaaS to your customers can help stop these mistakes from happening while offering a new, near-passive revenue source in the process.
If you’re ready to get started with this, check out SolarWinds Passportal Site. Passportal Site lets you offer a white-labeled password-management solution directly to your customers. Your customers manage employee accounts and data access rights, set up new accounts and credentials, revoke access when employees leave, and even run audits and reports. Individual employees get one-click access to important company apps, and they even get their own individual vault for personal passwords.