Contact us at 408.675.5020 or

Identity Management as a Service for MSPs

Identity Management as a Service for MSPs

Increasing customer expectations create challenges for MSPs.
Two hurdles for successful digital transformation.
The Yin and Yang to accessibility and security.
Enforce control and add value through IDMaaS!
Technology inflection points bring opportunities.
About the author.

As customer expectations increase, an MSP’s people, systems and apps play a growing role in the quality of the service experience MSPs provide their customers.  Managed Service Providers are challenged to meet their clients and their clients’ clients service level expectations to stay competitive. Couple this with the increasingly onerous task of managing multiple identities, logins, and access controls for a modern workforce, all of which demand instant-on, mobile accessibility, and work-anywhere access, increasing customer satisfaction becomes a balancing act for MSPs and CSPs. 

For MSPs, there are typically two hurdles for any successful digital transformation project.  Accessibility and security.  

Accessibility is defined as the end user’s ability to seamlessly access their applications and resources from their desktops and mobile devices.  New technology solutions must be easily accessible from any point of a workflow and must seamlessly integrate without prompting for new logins, or having the user invent new ways to share data across the tool. Identity management plays an important role here as many born-in-the-cloud applications like Google, Facebook, LinkedIn and others leverage bring their own ID, and do not integrate with your clients’ primary directory services like Active Directory or Office 365.   

If accessibility is the Yin to digital transformation, security is the Yang.

MSPs know that existing and new regulations across all industries require the adoption of security policies to protect the user and company data to approved standards. An accurate record of accessibility to this data must also be logged to the individual account level, and revoked according to policy. This forces an organization to impose complex security policies which, in turn, gridlocks adoption of new tools throughout your clients’ organization. Controlling access to data inside the firewall increases risk which can also slow any successful digital transformation project. The European GDPR rules coming in May 2018 require MSPs to establish new processes and help their clients appoint a Data Protection Officer (DPO) to oversee data privacy, security and related  policies.  

Managing secure access across multiple new and legacy systems your clients can be a laborious task that is prone to consume many expensive hours of your technicians’ time. If you are already squeezing your staff resources to keep profitable without increasing your rates, adding a new “Transformative Digital” application under your management may just squeeze the last drop!  

Using a simplified IDM platform to deliver Identity Management as a Service allows MSPs to embrace new applications and speed their success by extending their capacity to manage these new systems, while balancing accessibility, security and maintaining compliance standards.

Can MSPs extend their capacity to manage these new systems and balance accessibility and security?  Yes!  Here’s how. 

Enforce control and add value through IDMaaS!

Enforcing security and data access controls means digitizing and standardizing the process of provisioning users, granting and revoking access to the systems, and deciding the acceptable levels of access to be controlled. As a co-steward of your clients’ data, moving forward without acceptable controls in place presents a high-level of risk for your MSP.  Strategies to mitigate that risk include: 

  • Enforce the same password and username policies in matching length and complexity for the systems you hold under your control;
  • Control the desktop and mobile through single sign on technology and leverage multifactor authentication to login to these systems;
  • Restrict browser access to online tools without first authenticating the device and individual to a primary authority like AD or AzureAD;
  • Educate your client’s management on the principal of least privilege and separation of / rotation of duties, and provide a self-service portal for password resets and requests for access that your team oversees;
  • Include your client’s management in the authority to grant access so that your team won’t be the bottle neck in access or change of access. This also encourages discussion of best practices and participating in the security of the systems you manage for your customers;
  • Deploy a simplified Identity Management system that can manage and monitor access to controlled and non-controlled services. This will speed your ability to onboard new users and keep track of their usage and access;
  • Add a threat detection system that wards against identity theft for your client’s top officers;
  • Report activities or requests for authority on Social media systems, or personal shares.
  • Apply a password reset policy and enforce minimum length and change requirements;
  • Deploy a policy that cancels access to systems that haven’t been accessed in 90 days.  This helps meet regulatory compliance and will save your client money on monthly subscriptions.
  • Accept BYOID but insist on applying the same standards, by tracking use and insisting on access through controlled devices

Using these strategies and adding these types of services will add value to any MSP practice, escalate recurring revenue, and increase customer loyalty, satisfaction and retention. 

Technology inflection points lead to digital transformation opportunities.

Technology inflection brought about by Office 365, Azure and other cloud solutions are leading to digital transformation opportunities which, in turn, are creating big changes for how all MSPs help their customers move forward.  These changes provide the opportunity for MSPs to help customers improve operations and use technology to compete more effectively in their market segment.  MSPs that lead successful digital transformation projects will drive long-term increased value for their customers.  MSPs that build their futures on platforms like Identity Maestro will be able to guide their customers’ technology future’ and remain stewards of their clients’ data.  Contact us today to build a partnership with Identity Maestro to help you orchestrate Identity Management as a Service to your MSP practice. 

For more information, view our on-demand webinar on How to Build your Cloud MSP Around Simplified Identity Orchestration and Management.


Davin Cooke
Hello, I'm Davin Cooke the Director of Business Development and Sales for Identity Maestro. I am a 25-year veteran of IT focused on helping hardware manufacturers, software manufacturers and MSPs streamline business processes, forge business partnerships, and build for the future. My passion is security and information governance and I have helped many companies meet regulatory compliance and security standards through technology transformation. I live and work in Austin, TX with my busy family. I'm an avid runner and burgeoning sailor and hope to meet you on your favorite trail or lake.