This morning I was reading an interesting post by Stuart Crawford on the fact that many of the CFOs from the oil and gas companies that he is talking to in Calgary are unhappy and dissatisfied with a number of their IT suppliers and many of them are looking or even thinking about switching firms because of the costs associated with IT and the lousy service many are receiving. As part of this, Stuart mentions that the reasons are all over the board ranging from the value received for the price they are paying, revolving doors of service technicians to the general increased cost for support.
It's the comment about "revolving door of service technicians" that I want to speak to.
Stuart, like many of our partners, comes from a firm that understands that this can be a real paint point for their clients. As the trusted IT advisor to these businesses, his firm must maintain a level of trusted assurance that in the midst of such conditions the businesses they serve are not put at risk. A service technician that leaves an IT firm does so usually knowing the administrative credentials to hundreds of systems across many different customers, most with complete and unrestricted access. You can see where I am going with this. If that service technician is in any way disgruntled or feels he has an entitlement to information, he can easily gain access remotely and steal or destroy the information. Although this typically isn't a common thing... the damage potential is huge. Both for the businesses the IT firm services, and the reputation damage and legal liability of the IT firm itself.
More sophisticated IT firms will have a process to address this. Changing the passwords to all those systems is the first step in this. However, if you are managing hundreds of clients and thousands of devices, you just can't get to them all fast enough. On average, our partners are telling us that it takes between 30 minutes to an hour PER customer site to properly change the administrative credentials. It isn't just the AD password. It's the service accounts which have to be checked. The routers. The switches. The wireless access points. Many of these systems are silos of independent passwords that are not part of the Active Directory infrastructure that they maintain.
Enter AuthAnvil. If you as an IT firm were to require staff members to prove their identity with an AuthAnvil credential BEFORE they are allowed to log in, by simply revoking a technician's token you simultaneously revoke his or her access to all client sites. So even if he DOES know the administrative credentials, he won't be able to get in. Of course, you should still change the passwords when you can... but now you can do it on your schedule as you have time, not in reaction to an HR incident where a staff member leaves.
You might think this would be an expensive proposition. How does $100 a technician sound to you? You will see an ROI the FIRST time you have someone go through that "revolving door" that Stuart speaks of. How so? Well, if your billing rate is a conservative $100/hr and it takes you an hour per site... do the math. Many of our partners manage anywhere between 20 and 200 sites. At 20 sites that is $2,000 of non billable and unproductive time used up. If you have up to 5 technicians... it will only cost you $500 to get the AuthAnvil bits that you need. Need I say more?
We have several video testimonials of partners that are using AuthAnvil in this way. I encourage you to check them out. Of course, if you would like more information, let's talk.
Comments