TubbTalk 94: How to do Password Management, MFA and Security Right in Your MSP

An Interview with Chris Tate

In this interview, Richard speaks to Chris Tate, global strategic alliance director at MYKI. The company offers a two-factor authentication and password management solution specifically designed for MSPs, MSSPs and VARs.

Chris worked in multiple MSP businesses as a service manager, a technical director, and a Director of Product Strategy. He also founded the Totally MSP website and worked as the former Business Development Director at Datto.

He’s also a long-time member of CompTIA, the UK channel community, and currently serves on the Executive Council. In 2020, he was the CompTIA UK Spotlight award winner.

Watch the Video Interview

How the MYKI Password Management Tool Works

Chris explains that many password managers leverage cloud storage and use a master password to decrypt the vault. The passwords can be used on multiple devices because they live in the cloud.

MYKI is different – the passwords live on your devices and only your devices. If you have an iPad, phone and laptop, your passwords exist only on those devices and are synchronised between them.

If you change a password on your PC, the next time you turn your iPad on, it will look to see what’s changed, and then send the password down totally encrypted.

There’s no way anyone can hack into the MYKI servers and get access to the passwords, because they don’t exist.

You can use MYKI on Windows, MacOS and Linux, and on mobile iOS and Android. It works on Safari, Chrome, Firefox and Edge as well. 

The Consequences of Bad Password Management

It’s understandable that people use the same password, because they’re difficult to remember, says Chris. “In an ideal world, we won’t have passwords. But for now, any password manager and security solution are the trade-off between convenience and security.”

To help your clients, Chris says to ensure that people use unique passwords for every application and service. “You’re only as secure as your weakest password.” If you create a really strong password but use it on all platforms, that’s not a good idea. Facebook has good security, but many apps are frequently breached.

This leads to ‘credential stuffing’, where your username and password are used on every major site by cybercriminals. The criminals then sell the passwords on. Password management tools make this impossible.

How MSPs can Deploy MYKI to Multiple Client Sites

Deployment is as easy as possible, says Chris, with tools to help MSPs do it on behalf of the end users. MYKI offer support too, to improve the onboarding experience.

They also provide videos to help the users get started. “It’s gamified to encourage them to get their passwords set. And we can look at the metadata to see how high or low their security score is.”

People start to use MYKI out of necessity, Chris adds, and if they use it personally too, they really begin to see the benefits. They’re more likely to embrace it for work that way.

Why MSPs Should use a Password Management Tool

Chris says that when it comes to password management, MYKI’s competition is not another tool but no password manager at all. They try to educate MSPs, SMBs and end users that they should use some sort of password manager, no matter which one.

Some people use their PSA (professional services automation) tool to save passwords, or an Excel spreadsheet. However, these aren’t the best options – move with the times and use something more efficient.

And, MSPs are now the target cybercriminals. It’s easier to go to them first, because the MSPs have access to a lot of other companies’ data. If you’re not using a password management tool, Chris urges you to find one soon.

MFA Password Management with MYKI

MYKI makes 2FA (two factor authentication) and MFA really simple. When you visit a site, log in and authenticate with their app. It will then insert the 2FA as well, which is good for businesses.

It allows people to share passwords and MFAs without having to tell colleagues their details. MYKI lets you share both with anyone in your support team as soon as they use the app. You don’t need access to people’s smartphones to do it. 

Not sure what MFA (multi-factor authentication) is? This article might help.

Guard by MYKI

Guard by MYKI is a browser security solution. It’s built exclusively for MSPs to manage clients’ browser security. You can install an ad blocker on their behalf, for instance.

Chris says Guard does it quicker because you can centralise and do it all from one console. You can also track everything each month and then generate a report. This shows how you’re protecting them from phishing and other hacking attempts.

Guard also tries to educate users with timely information. If they start to enter credit card details, it will pop up to check that’s what they want to do. Likewise, it will flag HTTP sites and phishing websites masquerading as genuine sites.

How to Connect with Chris Tate

• MYKI
• Connect with Chris on LinkedIn
• Follow MYKI on Twitter
• Follow MYKI on Facebook

How to Connect with Me

• Subscribe to TubbTalk RSS feed
• Subscribe, rate and review TubbTalk in iTunes
• Subscribe, rate and review TubbTalk on Stitcher Radio
• Subscribe and rate TubbTalk on Spotify
• Follow TubbTalk on iHeartRadio
• Follow @tubblog on Twitter

Mentioned in This Episode

• DattoCon
• Last Pass
• KeePass
• N-able RMM
• Google Authenticator: Android and iOS
• Authy
• MYKI resources
• Guard by MYKI
• MYKI Password Generator
• MYKI Hack Check
• CompTIA
• The Tech Tribe

You Might Also be Interested in

• World Password Day: Advice for MSPs
• Why use a Strong Password?
• Passfault – Test Password Strength

You might like: