Feature Update: Introducing Granular SSO Controls
CyberQP's latest product update introduces granular Single Sign-On (SSO) controls that allow partners to enforce SSO for admin accounts while providing exemptions for co-managed IT and third-party helpdesk staff, enhancing security and flexibility by enabling these users to log in with username, password, and MFA without being added to the SSO directory.
Welcome back to CyberQP’s first Product Update of the year! Our Engineering teams have been hard at work across the holiday season, completing 39 platform and feature enhancements since our last update. This includes several updates to enhance partner security and address bugs.
We’ll be recapping these updates and recognize some of the partners that contributed to these enhancements for the whole CyberQP community.
Support Co-Managed IT and Temporary Staff with SSO Enforcement & Exemptions
As a cybersecurity company, we’ve always taken our partner security seriously.
Our Product and InfoSec teams follow a secure software development lifecycle and partner on penetration tests on major releases. We’ve also supported SSO logins to the CyberQP console since the company’s early days (and introduced mandatory MFA for non SSO-integrated clients).
But we’ve always known that security doesn’t have a “one-size-fits-all” solution. We had partners come to us because they were dealing with M&A, using third-party help desk services, or even offering co-managed IT, saying “I get that SSO is important, but I need to get some folks into CyberQP without constantly adding and removing them from my SSO directory.”
We heard you (yes, all 103 of you!) and that’s why we’re excited to announce that you can now support those co-managed contacts and third-party helpdesk techs with CyberQP – you’ll be able to provision an SSO exemption so they can choose to log in with a username, password, and MFA instead.
Securing Access to Your Team’s Admin Accounts
We’re proud to be offering the SSO enforcement experience our partners need to secure the keys to our partners’ kingdoms – their admin privileges. Our mission is to offer MSPs security with the flexibility they need to stay efficient. With this release, we believe we’ve made a massive step forward in making it easy to provision and manage privileged access, while still helping our partners save time from manually maintaining and monitoring this access themselves.
If you’re ready to get started, you can access setup instructions (and learn about some of the other steps we’re taking to secure your CyberQP deployment) at the CyberQP Knowledge Base.
Related
Feature Update Archives
The CyberQP ConnectWise POD update introduces enhanced efficiency through features like global search for end-user accounts, combined data display from ConnectWise PSA and CyberQP, Microsoft Authenticator push verification within tickets, real-time data syncing via webhooks, an improved interface with increased pod height, and clearer text labels to streamline identity verification and account management.
Granular SSO Controls Feature Update
CyberQP's latest product update introduces granular Single Sign-On (SSO) controls that allow partners to enforce SSO for admin accounts while providing exemptions for co-managed IT and third-party helpdesk staff to log in with username, password, and MFA, enhancing security and flexibility based on partner feedback.
CyberQP FAQ
CyberQP, formerly Quickpass, is a SOC 2 Type 2 certified Zero Trust Access Management platform designed for Enterprise IT Teams and MSPs, offering Privileged Access Management (QGuard) and End-User Access Management (QDesk) solutions that support the Microsoft ecosystem and provide secure elevated access, identity verification, and risk reduction against social engineering and over-privileged accounts, with free trials available upon request.
Is Your Privileged Password Rotation Still Not Automated?
The Louvre Museum's $102 million jewel heist exposed a severe cybersecurity failure where the video surveillance system was protected by the easily guessable password "Louvre," highlighting longstanding issues of weak, static privileged passwords and outdated IT infrastructure that had been previously flagged in cybersecurity audits.
MSP Resources
The article explains how Managed Service Providers (MSPs) face significant security risks due to shared privileged credentials, highlighting alarming statistics on rising cyberattacks and breaches, and advocates for CyberQP’s Privileged Access Management (PAM) solutions that enforce least privilege access and real-time monitoring to protect against credential-based cyber threats.
QGuard
The QGuard whitepaper by CyberQP, authored by Jim Jessup, presents a Zero Trust security platform that enforces least privilege access with tools like QGuard for secure, time-limited technician access and QDesk for end-user privilege management, aiming to reduce risks such as ransomware and credential-based attacks, while also detailing how CyberQP assists partners in aligning with the updated 2024 CMMC framework, particularly addressing changes affecting Cloud Service Providers as Security Protection Assets and helping IT teams navigate compliance requirements.
