Case Studies: Managed Service Providers
Managed Service ProvidersCOULD THIS SCENARIO HAPPEN TO YOU?
|
 |
|
||||||||||
Situation
Our client, a global provider of managed services, finds itself in a very competitive industry, where it is increasingly difficult to bring on new customers. In recent months this managed service provider (MSP) had focused most of its growth initiatives on expanding service offerings to its current customer base as a source of incremental revenue. In particular, they recently considered a bid to provide additional services to an existing Fortune 500 financial services client who appeared interested in improving the overall efficiency and productivity of its loan processing department. However, a common obstacle with this and other customers had been the reluctance of customers to grant this MSP the broad access to their critical IT infrastructure necessary to do their work. Customers often became even more guarded when they considered the additional compliance issues that would be raised by opening their infrastructure to a team of unknown and untrusted users. Due to a combination of these concerns, our MSP client decided to pass on submitting a Loan Processing Dept. proposal until they could craft a better, more secure solution that would allay the fears of their customer.
Challenge
The challenges faced by the Xceedium team go right to the core definition of what a managed service provider does:
- Any MSP requires broad access to their customer's critical IT infrastructure and powerful tools to do their job. This poses a continual security challenge for the customer, as well as a challenge for the MSP regarding how to accomplish its day-to-day tasks efficiently while maintaining customer trust and confidence.
- Historically MSP customers have had to rely more on trust than on effective policy and enforcement to contain MSPs within authorized areas and to ensure that critical data is not breached.
- It is incumbent on the MSP to ensure that their involvement does not increase the risk that their customer fails to meet all its compliance requirements.
- By the nature of its work, the MSP walks into and must adapt to a great variety of existing customer environments without disturbing operation of critical systems and infrastructure. Thus the MSP requires flexible tools that integrate easily with the existing tools of their customers, including ArcSight, SSL-VPN, NAC, etc.
The Xceedium Solution
Xceedium implemented its GateKeeper solution at customer sites for this managed service provider. By implementing GateKeeper, this MSP was able to offer its customers and prospects a standardized security model, through which MSP staff were given the access they required and the tools they needed to do their jobs, but were contained within only those areas of the critical customer infrastructure in which they were authorized to work. Their customers became much more comfortable that the staff of the MSP would not gain access to sensitive data and systems, that any attempt to access unauthorized areas would be blocked, and that appropriate alerts would be issued automatically. Automated tracking and audit reports would be generated by the customer to prove that strong controls were in place to ensure compliance.
Benefits
Once they were able to prove to their customers and prospects that strict measures had been taken to ensure that their employees would not have access to unauthorized areas of the critical IT infrastructure, the MSP was able to increase its service offerings to a wide range of its current customer base. The result:
- By integrating the Xceedium GateKeeper into their product offerings, their customers were confident that an effective security model was in place, so they were willing to open up more of their critical infrastructure to be managed by the MSP, increasing opportunities to grow revenue from existing customers.
- The MSP was able to gain operational efficiencies in almost every customer relationship by leveraging the capabilities of the Xceedium GateKeeper, chiefly because their customers could now abandon extremely restrictive or manual measures previously in place to try and prevent access to unauthorized areas by the MSP staff.
- Installing Xceedium GateKeeper at the customer site enables the customer, rather than the MSP, to set their own policies, run their own reports, etc., relieving the MSP of this responsibility and giving their customer the additional peace of mind of knowing that they were in control of their own data security.
- By implementing this Xceedium GateKeeper solution, this MSP enhanced the compliance-readiness of their customer with regard to all the high-risk users that had access to their critical IT infrastructure – those employed by the MSP as well as other vendors, application developers, internal IT, etc. – by virtue of the GateKeeper's ability to centralize access for high-risk users, compartmentalize and contain them, monitor all their activities, alert and remediate any unauthorized activities, and provide easy, automated reporting.