One of our core values at Nucleus is continuous improvement and our commitment to this value drives us to improve all areas of our business. Throughout the last few years, we've implemented some important security-related service enhancements: TechID Manager, a user support PIN, and Just-in-Time Access. Here’s a breakdown of each of these.
TechID Manager: A tool that streamlines and secures our high-level administrative access for Server Domain Admin and Microsoft 365 Global Admin accounts. The tool enforces best practices by ensuring that these privileged accounts are only used for administrative tasks when necessary, reducing the risk of exposure and accidental misuse.
When access is required, TechID Manager facilitates a secure, auditable sign-in process for the Nucleus technician. Administrators request elevated privileges through the tool, which verifies identity and authorization before granting temporary access. Detailed activity logs ensure compliance and provide visibility for audits.
By integrating this new tool with existing infrastructure, this tool simplifies privileged access management while enhancing organizational security and accountability.
Support PIN
A Support PIN is a passcode or password that allows us to confirm the identity of a user calling in for a password reset. Nucleus will have access to user’s PINs and will verbally ask for it in order to verify one’s identity. Implementing support PINs will enhance the security in the identity verification process. While we have offered this feature for a while, many clients have not yet taken advantage of it and we recommend its widespread adoption.
Just-in-Time Access
With this process, Nucleus will also be moving to a Just-In-Time access process. Support Specialists will not have access to our client systems at all times. Depending on what tasks they have to process, they will be required to enter an additional MFA request, as well as have an approver at Nucleus grant them access. This further reduces risk of a Support Specialist’s account being compromised as their access would have to have the required access to perform an action, be authenticated through number matching MFA, and for high level administrative access, be granted authority from a manager.
We’re committed to providing our clients with an epic experience and improving security in all of our departments. If you have any questions about our IT help desk, internal security tools and practices, or, if you would like to have a discussion about your security, reach out to us.