An integration with Azure Active Directory, which will soon be followed by other identity options, provides users with a passwordless experience which is always on, so can’t be avoided by the end user.

Dallas-based CYTRACOM was originally a VoIP provider, but a little over a year ago introduced their ControlOne platform which provides MSPs with both network and security services on a unified cloud-based platform. Now they have upgraded the platform’s security capabilities further. Through an integration with Microsoft Azure Active Directory, the platform now lets MSPs prevent managed clients from evading security requirements. It also allows the creation of a passwordless experience for end-users, which, since they are always on the virtual corporate network, makes the process easy and does not require the user having to complete set-up procedures or disconnect from the network to connect.

“What this release does is take the product to a whole other level,” said Jim Hamilton, CYTRACOM’s Vice President of Channel. “ControlOne is a software-defined network security product built for the way that people work today. Firewalls and VPNs were built for the way that people worked 20 years ago. Now people work everywhere. Even identity management is everywhere. ControlOne takes identity and puts it in the cloud, which is the natural aggregation point today. The result is that no matter where people go they have the same connectivity as if they were behind a traditional firewall.” Firewalls are, however made unnecessary by this, as well as VPNs.

That was how ControlOne operated before the new upgrades.

“What we have done with the Azure Active Directory integration is prevent end users from evading security requirements,” Hamilton stated. They don’t need to enter a password, so they have a passwordless experience. It is also always on, so they can’t disconnect. They don’t even know that they are on a software defined network, particularly as it actually improves performance and improves the experience.”

While Azure was the logical place to start, other identity providers are coming, and soon.

“Azure Active Directory is the gorilla in the space, so it made sense to begin there, but we will be extending it to other vendors very soon,” Hamilton said.

Hamilton also described this as a natural evolution of the product.

“The new way of securing is not by device or vLAN, but by identity,” he said. “Doing it by device is very complicated. This allows us to bring groups over from Azure and allows you to map into ControlOne as well.”

The major advantage of the new system for MSPs is that the increased simplicity saves both time and money.

“It removes complexity for the end user, but it greatly removes complexity for MSPs as well,” Hamilton said. “They don’t have to get customers to install or log on to anything, which cuts deployment costs. Before, they could use automated tools like RMMs offer to deploy agents, but users would still be required to log in. In addition, anything you can log into, you can log off, while the users can’t log off from this.”

Hamilton also stressed that while there are other solutions on the market for MSPs, none of them are as comprehensive as this.

“This is full featured, an enterprise grade SASE solution with SD-WAN, Zero Trust Network Access, CASB, Secure Web Gateway and firewall as-a-service all built in,” he said. “There is detailed logging down to the device level, and being so easy to configure  reduces the threat surface. It’s a much more secure solution, and  much more robust. You can also satisfy regulators by proving that the end users  are compliant with this, and this will also satisfy the investigations of cybersecurity insurance companies checking on proper procedure in the event of a breach.”