Cloud Services Depot (CSD) is a wholesale distributor of Managed Services software and private-label services for Managed Services Providers (MSP). It has a wide product portfolio from Hosted Kaseya software, private-label Help Desk, Project and NOC services. As you can imagine, there is a lot of sensitive information stored in the cloud using such services, and access to critical business resources across many different client networks becomes trivial if someone was able to share, steal or circumvent the portal password.
The team at CSD realize this, and have done something about it. They care about the security of their clients, and understand that to some of their partners, this risk is something that may need to be mitigated. Knowing that many of their clients already have our AuthAnvil Strong Authentication Server deployed in their organization, CSD has integrated AuthAnvil authentication right into their portal. And they did one better. Thinking through the typical business workflow of their clients, they architected it in a way to provide risk-based authentication decisions based on access needs.
What this means is that CSD clients can selectively decide WHO may need strong authentication, and who does not. Using AuthAnvil's web service API architecture they simply use secure SOAP/XML to communicate with their client's AuthAnvil server for accounts that have been configured in this manner. And because the authentication settings are applied on a per user basis, each user can authenticate to a DIFFERENT AuthAnvil server if necessary. This is important if you hire outside consultants from time to time and wish to have their CSD account to auth to their own AuthAnvil server. Of course, you can also use AuthAnvil's proxied delegation feature to do this, further giving you the flexibility to meet whatever security objectives you have in your organization.
The side benefit of this is CSD clients can keep their costs down with AuthAnvil, by only issuing tokens to those accounts that have privileges that may require the stronger authentication mechanism. This is a great usage of AuthAnvil, and one we are happy to see deployed in a cloud-based solution such as CSD. It applies strong two-factor authentication where appropriate, without burdening users who may not need it.
Here is what it looks like.
This new identity assurance component is included for all CSD customers absolutely free, and they now have integration guidance published here. This means you get to further leverage your existing investment in AuthAnvil without additional costs or requirements at CSD. By revoking a staff member's token in AuthAnvil at your office, you simultaneously revoke his access to CSD, eliminating any opportunity for an exiting employee from gaining access to all the sensitive information and client network access that CSD allows through its powerful cloud-based services. And of course, the risk of unauthorized capture and use of the critical portal password goes away, since without the unique one-time nature of an AuthAnvil passcode, an attacker cannot gain access.
Congratulations to Frank and his team at Cloud Services Depot. I am impressed that you have thought through you client's security needs, and adapted it to work directly with AuthAnvil. And as a thank you to all your clients, for the next month Scorpion Software will offer ANY CSD client that implements AuthAnvil in this way an additional three months of AuthAnvil subscription credit absolutely free.
Don't have AuthAnvil yet? Mention you are a CSD client when making your purchase and we will be pleased to offer you an installation session with one of our engineers absolutely FREE (a value of $150) that will not only install AuthAnvil for you, but also configure your CSD portal to take advantage of it. Need more information on how to get started? Let's Talk.
Comments