A quickly growing business is the offering of password managers for MSPs. This is because cybercriminals are targeting more Managed Service Providers. A recent “State of the Channel” survey revealed that 95% of MSP respondents state that their businesses were being attacked instead of the clients they provide with managed services.
It’s obvious why cybercriminals are attacking MSPs. When a “supply-chain ransomware attack” on an MSP succeeds, it could keep an MSP from providing its clients with its services; and even if only the MSPs’ systems are encrypted, clients can’t run their businesses because of the type of services delivered by the MSP.
Cybercriminals are also attacking SMB clients, but not as much as MSPs. The Datto “State of the Channel” survey reported that 78% of the respondents stated SMB clients had been attacked in the last two years with spyware, adware, and viruses causing as much trouble as ransomware. Even more troubling were the methods used by the cybercriminals to access systems and deploy malware:
- Reported attacks by 54% of respondents were due to a phishing email
- Reported attacks by 27% of respondents were due to poor user practices.
- Reported attacks by 26% of respondents were because of a deficiency of cybersecurity training
- Reported attacks by 24% of respondents were due to weak passwords and also bad credential management.
Other respondents stated that attacks succeeded because of lost and stolen user credentials, a deficiency of financing for IT security, and insufficiency of executive buy-in for using security tools. All of these causes are preventable or could be mitigated by employing a password manager for MSPs.
How Can Password Managers Protect MSPs
One lacking statistic from Datto´s State of the Channel report is the number of cyberattacks due to MSP susceptibility versus the number of cyberattacks due to client susceptibility. Although it could be presumed that clients are less difficult targets because of a lack of security competence, it is obvious the report says over fifty percent [of MSPs] currently use multi-factor authentication and password management tools.
Using the word “now” implies that less than fifty percent of MSPs were using password management tools in the past. Once again, there is no differentiation between the exclusive use of password managers within the MSP companies and the provision by MSPs of password-management-as-a-service to clients.
The creation, saving, and sharing of login credentials between teams can impact a business´s online protection. According to research, a lot of employees utilize weak passwords simply because they are easier to remember, re-use passwords in several accounts to save needing to recall several passwords, save login credentials in unprotected files, and share security passwords through unsecured avenues of communication like email, chat services, and SMS.
When companies use a password manager, they could likewise implement password policies necessitating the usage of tough, unique passwords for every account. The majority of commercial password managers feature cross-browser, cross-platform synchronization, use with directory services, and protected encrypted credential sharing, so employees have a secure means to swap passwords, credit card information, and other sensitive data.
Password managers for MSPs may be utilized to secure business credentials and clients’ credentials. Passwords are kept in a protected user vault and, whenever a user visits a site that vault has a saved password, the sign-in credentials are auto-filled. Therefore, when a user unintentionally clicks on a phishing email and lands on a phony phishing site, the sign-in credentials won’t auto-fill – notifying the user of a likely threat.
With password guidelines requiring good password tactics, teaching users on good password care, and getting rid of the possibility for weak passwords, the major methods used by cybercriminals to access MSP systems are removed. Regarding the insufficiency of funds for IT security or executive buy-in, password managers for MSPs are affordable in comparison to the price of recovering from a cyberattack and – if given to clients as “password-management-as-a-service,” password managers for MSPs could get more revenue than the cost.