Earlier this year I took a trip to Las Vegas, NV for CompTIA Breakaway 2012. As well as offering a ton of useful content during sessions, the conference had one of the biggest Vendor Expos I’ve seen in recent times. This was a great opportunity to meet and see some of the latest Managed Service Provider (MSP) Vendor solutions that I wasn’t aware of.
One of the companies who caught my eye at the Conference were Canadian MSP Vendor PassPortal.
Password Management for MSP’s
Their product, PassPortal MSP, is a simple to use but very powerful password management tool.
Put simply, every MSP has dozens of usernames and passwords to manage for their clients. As well as domain administrators, you have Routers, Firewalls, Line-of-Business Apps, Web-Site Hosting, Domain Registrars… and the list goes on.
Why not use a PSA or CRM tool?
For those businesses who have a Professional Services Automation (PSA) tool, or a Customer Relationship Management (CRM) tool – these passwords are typically stored in these systems.
The only challenge for MSP’s with that method of storing client passwords is, there’s typically very little granular security over access to these passwords. Anybody with access to the PSA or CRM tool can access client passwords.
Dealing with an engineer leaving your company
Then there’s the challenge that every MSP goes through when one of your engineers leaves the company. Which client passwords did he have access to? Which passwords should be changed to ensure security? The answer, almost always is, all of them.
Changing all of your passwords for one client is bad enough. Changing all of your passwords for ALL your clients can be an absolute nightmare!
Enter PassPortal MSP.
Centralised Web-Based Password Tool
You and your staff logon to a web-based portal with your own specific credentials, and within the portal can gain access to those security details to which you’ve got the appropriate access.
For those cloud naysayers, the web-portal uses AES-256 encryption using a SHA-256 Hash algorithm. Much better than an Excel spreadsheet stored on a shared network drive.
The App has granular security, so you can decide which engineers, or groups of staff, have access to which passwords for which clients – and which they don’t need to have access to.
Auditing and Reporting Tools
There is a full range of auditing and reporting tools built into the App. You can track who created, viewed, edited, or archived client credentials. It will also provide when they performed the action, and from which public IP address.
All this means that if the scenario of an engineer leaving does become a reality – you can immediately run a report that highlights all the passwords that the engineer was privy to – minimising the number of passwords you need to change to maintain security.
There are also a number of other useful reports you can run such as:-
- Password Strength Listing
- Passwords Input by User
- Audit Log by Client
- Passwords Changed or Unchanged
- Password Export
- PASSPORTAL Login Activity
- Password Audit by User
Two Factor Authentication
For those MSP’s using Two-Factor Authentication such as AuthAnvil, PassPortal MSP integrates into this system too.
PassPortal CEO, Colin Knox
When speaking to PassPortal CEO Colin Knox, he explained to me that PassPortal was created as a result of his own MSP being unable to find a password management solution that worked for them. They ended up building PassPortal MSP, and subsequently realised it was a product that they could sell to other MSP’s.
In a very short space of time they’ve signed up hundreds of MSP’s, and it’s not hard to realise why. The tool is easy to use, effective and priced very reasonably.
PassPortal MSP Pricing
Pricing wise, as well as offering a 30-day free trial, the package is priced very affordably. For $49/month, you can have up to 15 different users access the web-portal and store passwords for up to 150 clients. Ample for most small IT companies.
Passwords are one of those areas that MSP’s are very much like Cobblers children. They preach strong security to their clients, but often have less than perfect systems themselves. When it comes to keeping their clients passwords secure, this package pays for itself.
PassPortal MSP 30-Day Free Trial
I’ve always been a big fan of KeePass, the Open source password manager. For an individual, this app is superb. For an organisation, not so much.
For MSP’s outside North-America, there may be some concerns over storing client data in Canada – but I fully understand why PassPortal are taking a “wait and see” attitude towards other data storage facilities.
Bottom line is – if I were running an MSP now, I’d jump all over a package like PassPortal MSP.
You can sign up for the PassPortal MSP 30-day free trial now. I’d be interested in hearing your feedback.