The Identity (formerly Data Breaches) tab can be found under the Security area of the feature set (Security > Identity). This section consists of subtabs - Breaches and Training.
Breaches list emails that are imported from the PSA and Office 365 connections into the client company.
Training lists information to those with connected Breach Secure Now! accounts that are tied to specific companies.
- The Breaches Tab
- The Training Tab
The Breaches Tab
How does CloudRadial obtain the data breach information?
Once the emails are loaded in, CloudRadial relays the information to the website Have I Been Pwned (you can check out their website here) to see whether their personal data has been compromised by data breaches. Once the results are found, CloudRadial will automatically relay the information back.
Have I Been Pwned's service collects and analyzes hundreds of database dumps and pastes containing information about billions of leaked accounts. CloudRadial picks that information up and cross-checks it against the loaded-in email address, allowing users to see their breach status from within their portal.
Furthermore, selecting a specific user from within the Security > Identity section will show the user exactly which breaches they were found in, and when.
How should partners be using this information?
The following is true of the breaches tab:
- The query to the HaveIBeenPwned database happens on a multi-month basis
- Partners can force a manual sync by selecting the Sync button under Security > Identity
- New data breaches do not trigger an email or other notification
- The list of data breaches is not exhaustive - there could be many more areas the user's data has been exposed
- When connected to Office 365, CloudRadial will display their multi-factor authentication (MFA) information next to their email
As such, any information found in the identity tab is not meant to be an active reporting section.
This tab is best utilized when discussing appropriate cybersecurity and compliance postures. Partners are encouraged to educate their customers of the “When, not IF” mentality of data breaches.
In short, this section is best used to generate conversations with the client that lead to active efforts to mitigate the risks associated with data breaches.
MFA reporting troubles? Check this article on MFA status debugging.
The Training Tab
How does CloudRadial obtain the user security training information?
The training tab only appears when a connection to Breach Secure Now! (BSN) has been secured to the tenant. Note that BSN is an optional third-party integration. Keep in mind that even when connected to your CloudRadial tenant, the specific company must be assigned a BSN ID for it to successfully transfer company-specific data from one system to another.
BSN makes it easy for MSPs to deliver cybersecurity & HIPAA compliance training. BSN helps MSPs automate, support, and empower employees to become the superhuman firewall that every business needs. For more information on their product, you can check them out by clicking here.
Need detailed instructions on setting up BSN? Please see this article.
How should partners be using this information?
With BSN data connected, Partners can enjoy viewing their user security training statistics from their main client portal. This data can show opportunities in security training, potential service upselling, and general reporting data.
Utilizing the BSN data in conjunction with other reports (such as policies, third-party reports, assessments, and more) can make for a stronger case in helping customers understand service offerings and other solutions offered by the MSP Partner.
Comments
0 comments
Article is closed for comments.