惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

宝玉的分享
宝玉的分享
T
Threat Research - Cisco Blogs
H
Hacker News: Front Page
N
News and Events Feed by Topic
Know Your Adversary
Know Your Adversary
Cisco Talos Blog
Cisco Talos Blog
SecWiki News
SecWiki News
C
Cisco Blogs
D
Darknet – Hacking Tools, Hacker News & Cyber Security
T
Tor Project blog
K
Kaspersky official blog
Forbes - Security
Forbes - Security
Webroot Blog
Webroot Blog
Schneier on Security
Schneier on Security
P
Privacy & Cybersecurity Law Blog
H
Heimdal Security Blog
Y
Y Combinator Blog
The GitHub Blog
The GitHub Blog
S
SegmentFault 最新的问题
V
Vulnerabilities – Threatpost
T
Tenable Blog
T
Tailwind CSS Blog
P
Privacy International News Feed
WordPress大学
WordPress大学
大猫的无限游戏
大猫的无限游戏
小众软件
小众软件
博客园 - Franky
Hacker News: Ask HN
Hacker News: Ask HN
Jina AI
Jina AI
C
Cybersecurity and Infrastructure Security Agency CISA
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
雷峰网
雷峰网
Vercel News
Vercel News
A
About on SuperTechFans
爱范儿
爱范儿
Simon Willison's Weblog
Simon Willison's Weblog
AWS News Blog
AWS News Blog
The Last Watchdog
The Last Watchdog
Engineering at Meta
Engineering at Meta
Spread Privacy
Spread Privacy
Security Archives - TechRepublic
Security Archives - TechRepublic
博客园 - 司徒正美
量子位
博客园 - 三生石上(FineUI控件)
J
Java Code Geeks
Hacker News - Newest:
Hacker News - Newest: "LLM"
Recorded Future
Recorded Future
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Martin Fowler
Martin Fowler
Project Zero
Project Zero

The Duo Blog

Identity orchestration & cloud-native IAM: Time to rethink | Cisco Duo Active Directory security: how to stop modern threats | Cisco Duo Duo + PlainID: Dynamic Authorization Meets Enterprise Identity | Cisco Duo Continuous identity security explained | Cisco Duo Salesforce The modern MFA toolkit: push, biometrics, and security keys | Cisco Duo Cisco Duo Identity Summit Preview | Cisco Duo Duo Brings Identity and Authorization Across AI Agent Gateways | Cisco Duo Passwordless for Microsoft 365 starts with federation Custom Admin Roles: Granular control for every Duo admin Token theft, vendor abuse, and the new identity threat surface How Duo Directory automates user lifecycle management Cisco Systems Named a Customers’ Choice in Gartner Peer Insights™ 2026 Voice of the Customer for Access Management Identity provider resilience: backup and split IdP approaches | Cisco Duo Agentic AI Security: Three Threats Your Team Should Know | Cisco Duo Secure client access at scale with Duo and Meraki | Cisco Duo IdP Concentration Risk: Why Single-IdP Dependency Puts You at Risk | Cisco Duo Endpoint Management as an Attack Vector: Lessons from Stryker | Cisco Duo Passwordless authentication without cookies: Duo Push updates Introducing Duo Agentic Identity Solving the double prompt: Better UX with AMR in Duo SSO Simplify compliance with MFA, device trust, and policies Cisco Systems Named a Customers’ Choice in Gartner® Peer Insights™ 2026 Voice of the Customer for User Authentication The Hitchhiker’s Guide to Shibboleth Launching Active Directory Defense: Strengthen On-Prem AD Security | Duo Security Industry specific IAM for MSPs Duo delivers: 99.99% uptime SLA for every customer Cisco Secures 125K user identities with Duo while advancing passwordless journey NIST AAL2/3 compliance with Duo Mobile Proximity Verification From protocol to practice: Secure the AI agent ecosystem with Duo How to secure the holidays & prep your 2026 IAM strategy Simplify MSP technician authentication with Duo Delegated Access Standing out in a crowded MSP market Securing for third-party risk with Duo for identity management Thwarting adversary-in-the-middle attacks with Proximity Verification OAuth 2.0's next chapter: Enabling the AI security revolution The dawn of a simpler, helpful policy experience
Why identity-led security matters for MSPs right now
Janet Ho · 2026-02-24 · via The Duo Blog

Product & Engineering

Why identity-led security services matter now for MSPs

Headshot of Janet Ho, Duo Product Team

6 minute read

When was the last time a customer asked, “What security changes should we be planning for in the next 6–12 months?” or “What are our biggest IT risks, and how are you proactively addressing them?”

Those questions are coming up more often, not because customers suddenly became security experts, but because security incidents are constantly in the news. Buyers are more informed, and threats are more visible.

Security conversations aren’t just about uptime; buyers want to understand where they’re exposed and how they are being protected. With phishing and access-based attacks among the most common ways breaches start, identity risk is no longer something MSPs can leave vague. More buyers are evaluating partners based on how well they can explain and manage threats, not just keep systems running.

Get the guide to start building identity-led services for MSPs

If this shift is starting to show up in your customer conversations, we put together a Duo IAM Service Creation Guide for MSPs to help you evaluate identity-led security as a service. We’ll show you how to assess demand, size the opportunity, and build a business case before committing to a new offering. This post highlights why identity is becoming a growth lever; the guide helps you decide if and how it fits your business.

Get the free interactive guide now Service Creation Guide

Core IT services still matter, but they’re also increasingly commoditized and tough to differentiate. At the same time, hardware management can squeeze margins once labor, support, and operational overhead are factored in. This reality is pushing MSPs to look beyond the basics and focus on services that can drive growth.

These shifts are shaping where MSP growth is coming from next. They help explain why identity-led security is becoming a practical growth path and why it builds naturally on what MSPs already do well. Let’s dig deeper.

1. Security has become a business priority, not an add-on

Downtime, insurance premiums, regulatory exposure, and reputational damage have all raised the bar; good enough security just doesn’t cut it anymore. In many cases, a single incident can materially disrupt or even shut down a business. Customers know this now and are more willing to pay upfront to reduce risk than pay far more for recovery.

For MSPs, this creates a real opportunity. The providers seeing momentum aren’t replacing IT services, they’re layering security on top of them. In fact, MSPs earning net profit margins of 15% or more ranked security among their top three revenue streams.

2. Identity is the new growth engine

The attack surface has changed.

Roughly 60% of breaches now involve identity in some form. Stolen credentials, access misuse, social engineering, and compromised authentication paths are the most common entry points for attackers. It’s not an area MSPs can ignore anymore.

When apps lived on premises and most people worked from the office, security teams had decent visibility into network traffic. But once applications moved to the cloud and people started working from everywhere, who was asking for access mattered more than the networking they were coming from. But many security tools were never designed for that world.

Network and endpoint tools can tell you where access originates and what device is in use, but not whether the user behind that access should be trusted, or whether that trust still holds as conditions change.

This is where many traditional Identity and Access Management (IAM) solutions begin to fall short. They were built for a static, perimeter‑based world: log in once, apply basic rules, and move on. They are often complex to deploy, expensive to maintain, and they don’t adapt quickly to modern identity‑driven threats. Security is often added after the fact, rather than built in from the start.

Modern IAM looks different today. It doesn’t just check identity once and move on, it keeps evaluating trust as users access apps, using phishing‑resistant MFA and passwordless access with continuous, context‑aware policies to decide what’s allowed. That means phishing and stolen credentials get stopped early and access adjusts as things change. This is where Cisco Duo solutions come in: secure by default, easy to deploy, and free from heavy infrastructure, while still delivering a world‑class user experience for both end users and MSPs.

3. Identity and network must work together to close security gaps

Security breaks down when identity, devices, and networks operate in silos. Even strong authentication loses value if access decisions don’t adapt to changing conditions, device trust, network trust, or session risk changes. A login that was safe minutes ago or even hours ago might not be safe after a network change or if the device’s software posture changes.

That’s why modern access can’t be a one-and-done decision anymore. By bringing identity and network signals together under a shared policy model, access decisions can answer: Is this still the right user, on a trusted device, from a safe environment? For MSPs, this matters because customers increasingly expect security to adapt in real time, not relying on one-time checks.

Turning opportunity into a service

The takeaway isn’t that MSPs need to abandon what already works. Core IT services will always matter. But the market around them is changing. Identity-led security sits naturally on top of the IT services MSPs already deliver, and it helps you answer questions about threats and how you’re protecting your customers. It’s not a rip and replace strategy; it’s an evolution. One that creates room for stronger differentiation, deeper customer trust, and more durable growth.

I hope this has sparked some curiosity about where identity-led security might fit into what you already do, and whether it’s worth building a business case. Our team is happy to help you through this journey. The Duo MSP program is built to make things easier as you grow. Pricing is simple and pay‑as‑you‑go, with no complicated tiers or minimums to worry about. You’ll be working with a leading IAM platform with award-winning MFA, backed by dedicated partner managers, access to extensive documentation, and NFR licenses so you can test, learn, and build before rolling anything out. Sign up on the Duo MSP page or reach out to msp@cisco.com to start your Duo MSP partnership today.