Finding New Revenue Streams and Protection with Security-as-a-Service


Despite all the news about breaches and countless attacks that have hit most all IT shops, too many remain complacent. They still think the big one cannot happen to them.

The truth is that there is a 26% chance that globally, a company or organization will experience a data breach within a 24-month period that results in 10,000 lost or stolen records, according to the 2017 Cost of Data Breach Study: Global Study; from the Ponemon Institute LLC. This means one in four companies are going to experience a data breach in any given two-year period. The excuse that “it’ll never happen to me” no longer applies, and it’s time to wake up to the legitimacy of this threat.

The compromising of each of these records can cost the owner $158. Multiply that by 10,000, and one in four businesses will experience a breach over the next 24 months that cost a total of $1.6M. It is a financial threat that should have everyone’s attention.

One source of complacency is that nearly all IT shops have some solutions in place such as antivirus (AV) or anti-malware (AM). These are an essential component of your cybersecurity arsenal. But if you think that AV and AM alone are enough to protect from data breaches, think again.

That’s because if an attacker steals your credentials, AV and AM aren’t going to offer protection from them breaching your mission-critical systems and stealing your (and your clients’) data. If they capture your username and password through, say, a phishing attack – where they have fooled you into filling out a false login form – they officially have the “keys to the kingdom.” Once they are in, they are in.

Fact is, 81% of all hacking-related data breaches come from lost or stolen passwords, according to the 2017 Verizon Data Breach Investigations Report.

The cloud makes those risks even greater. With the advent of cloud computing, you need a login to access most – if not all – of your mission-critical applications and data. That is why one level of security is no longer enough – the risk is just that much greater. The gold-standard solution for protecting logins? Two-Factor Authentication (2FA).

Two-Factor Authentication solves the password problem by requiring users to provide more than one factor of identity – not only something that you know (password), but also something you have or possess (token or smartphone app-based token). So even if a phishing attack results in a stolen password, the attacker does not have your token to pass the second layer of authentication, which makes accessing your systems and data virtually impossible for anyone other than you. This is a pretty big deal in the modern cyber threat landscape.

Offering security to clients is now a distinct point of differentiation for MSPs. More importantly, this means that your clients are asking for security services – and if they are not being offered the proper solutions from you, they will find a provider (MSP or standalone) who will.

AuthAnvil Powers SECaaS

With AuthAnvil, Kaseya has made it simple to for you protect your business – and now it is easy to protect your customers as well, empowering you to quickly develop a highly profitable Security-as-a-Service (SECaaS) practice. AuthAnvil Security-as-a-Service provides all the resources and technology you need to quickly develop an identity and access security practice  – with an investment that bears the potential for exceptionally profitable returns.

Right out the gate, you receive our “Go-to-Market in a Box” training to teach your MSP staff to sell 2FA and single sign-on (SSO) as a service to your customers. You will also be enabled with white-labeled sales and marketing materials to bolster your selling process, along with weekly 2FA and SSO customer-facing webinars for MSP clients to help drive demand for your service.

And on top of this, you will have all the technology you need to provide AuthAnvil to eight (8) of your customers, with the option to add on additional client packs as your practice scales.

The profits are impressive, and MSPs will break even at only 77 end users.

Learn more about AuthAnvil and SECaaS here.

The MSP Opportunity

Every year Kaseya conducts an MSP Global Pricing Survey. In the most recent edition, 30% of MSPs said that “Meeting Security Risks” was their top IT problem or service their clients needed. That was their number one issue and has been for the past 3 years.

Smart, high-growth MSPs are taking advantage. Today more than 25% of US-based MSPs offer identity and access security – with over 20% of MSPs in EMEA and APAC doing the same.

Higher-growth MSPs are particularly on board. Our survey listed 10 different security services MSPs often offer. High growth providers offer eight of these security-related services on average, while lower growth providers offer six. The biggest difference was with two- or multi-factor authentication. Here high-growth MSPs offer strong authentication 30% more often.

MSP Tells the Tale

Ease Technologies, which has been in the managed services business for over 25 years, is on board with 2FA and is adopting AuthAnvil Security as a Service (SECaaS) by Kaseya.

Creating a service out of AuthAnvil is eased by Kaseya Powered Services, the fastest, easiest and most effective way for MSPs to deliver authentication as a service. Kaseya Powered Services, known as Go-to-Market in a Box, include a cloud-based on-demand version of AuthAnvil custom made for fast set up and speedy service creation.

Ease has roughly 118 client organizations and about 5,000 endpoints. With AuthAnvil by Kaseya in place internally, Ease protects services for all 118 client organizations. “That’s one thing I highlight, literally showing them when we access our client management system how it uses multi-factor authentication and is tied to the technician who is logging into the system,” said Jason Shirdon, vice president of technologies for Ease.

Read the full case study here.




Posted by Doug Barney
Doug Barney was the founding editor of Redmond Magazine, Redmond Channel Partner, Redmond Developer News and Virtualization Review. Doug also served as Executive Editor of Network World, Editor in Chief of AmigaWorld, and Editor in Chief of Network Computing.

Share Your IT Twilight Zone Story and Win $500!

You wake up one morning, go on about your morning chores and head to the office. You switch on yourRead More

Still Not GDPR Compliant? First Fines Expected By Year-End

General Data Protection Regulation (GDPR) came into effect on May 25, 2018, ushering in the most stringent data protection rulesRead More

e2e_The Importance of Compliance Reporting

The Importance of Compliance Reporting

Failure to comply with regulations can land you in both legal and financial hot water. One of the best waysRead More

IT Operations Survey: Security Takes Precedence

Part Two of a Four-Part Series It is little to no surprise that midmarket IT professionals worry more about securityRead More