Key Takeaways
- Most SMB breaches start with stolen credentials or employee login risks.
- Common risks include password reuse, orphaned accounts, and privilege creep.
- Employee identity risk can be minimized with IAM tools like Okta.
- MFA and SSO improve both user experience and security.
- Your IT provider can deploy enterprise-grade protection without complexity.
Contents
- It’s not enough to trust your team.
- The source of most breaches: your users’ credentials
- How NENS shuts down credential theft with Okta
- How identity risk grows in every SMB
- The everyday employee behaviors that drive identity risk
- Manual user management isn’t just tedious—it’s risky
- Why Okta through your IT provider is a game-changer
- What an Okta IAM rollout looks like with NENS
- Better identity management makes everything safer and smoother
Contents
- It’s not enough to trust your team.
- The source of most breaches: your users’ credentials
- How NENS shuts down credential theft with Okta
- How identity risk grows in every SMB
- The everyday employee behaviors that drive identity risk
- Manual user management isn’t just tedious—it’s risky
- Why Okta through your IT provider is a game-changer
- What an Okta IAM rollout looks like with NENS
- Better identity management makes everything safer and smoother
Key Takeaways
- Most SMB breaches start with stolen credentials or employee login risks.
- Common risks include password reuse, orphaned accounts, and privilege creep.
- Employee identity risk can be minimized with IAM tools like Okta.
- MFA and SSO improve both user experience and security.
- Your IT provider can deploy enterprise-grade protection without complexity.
It’s not enough to trust your team.
You trust your employees—but trust alone doesn’t eliminate employee identity risk in SMBs, especially in today’s digital work environment.
Most attacks no longer involve high-tech exploits. They begin with something simple: a login. When attackers gain access to your systems using stolen or reused credentials, they look just like employees. And for small and midsized businesses (SMBs), that’s a growing concern.
Fortunately, your IT consultant or managed services provider (MSP) can now protect your business using enterprise-grade identity and access management (IAM) tools like Okta—without adding complexity or cost.
With real-world insights from co-author New England Network Solutions (NENS), this post explains how everyday employee behavior increases your identity risk, why modern IAM is the solution, and how your IT provider can roll it out using ZeroTek.
This is the third of a weekly six-part series co-authored by ZeroTek and NENS for Cybersecurity Awareness Month (October). Some articles, like this one, are written for SMBs; others will address the concerns of MSPs.
The source of most breaches: your users’ credentials
Most cyberattacks don’t start with fancy code or Hollywood-style hacks. They start with a login.
- Stolen credentials were the #1 cause of breaches in 2024 according to the 2024 Verizon Data Breach Investigations Report (DBIR) and the broader “human element” played a role in 68% of them.
- 76% of SMBs have suffered at least one successful cyberattack. (DBIR)
- 84% of businesses were impacted by identity-related attacks in 2024 (Identity Defined Security Alliance).
- Many SMBs use shared passwords, unmonitored accounts, or outdated tools that leave them exposed.
Meanwhile, IBM’s 2024 report found breaches involving stolen credentials took an average of 292 days to detect and contain. Attackers operating inside a network unnoticed for almost 10 months? That’s nightmare fuel for any business owner. (Check out this case study to learn how NENS remediated a similar scenario.)
When attackers log in with legitimate usernames and passwords, they don’t set off alarms. That’s why focusing on identity—who has access, and how that access is protected—is more important than ever.
“Before Okta, phishing emails would occasionally work… but with Okta, users can’t be fooled because they don’t use passwords to access anything.”
– Kristian Sanchez,
Senior Security Consultant, NENS
How NENS shuts down credential theft with Okta
NENS uses Okta IAM, delivered through ZeroTek, to protect access to every customer app with passwordless multi-factor authentication (MFA) and single sign-on (SSO).
“Before Okta, and even with education campaigns, phishing emails would occasionally work; they’d trick users into giving away login credentials. Then we’d be working to lock things down,” explains Kristian Sanchez, Senior Security Consultant at NENS. “But with Okta, users can’t be fooled because they don’t use passwords to access anything. Any message prompting them to enter standard credentials anywhere is clearly fake; they just delete the email.”
How identity risk grows in every SMB
It’s not just big companies with complex software stacks. Most SMBs rely on between 10–30 cloud apps for everyday operations; larger mid-market organizations will often use twice that. Every app adds a new set of logins, permissions, and risks.
Without IAM, every app means another login to manage, another place things can go wrong:
- Passwords are reused or shared.
- Former employees retain app access.
- MFA is only turned on for some tools, not all.
- MFA is inconsistent or uses easy-to-breach factors like phone, email, or SMS.
- Admins approve access via manual tickets that may get missed.
Every delay or oversight becomes another employee identity risk waiting to be exploited.
The everyday employee behaviors that drive identity risk
Even well-meaning employees can unintentionally compromise security. Common issues we see include:
- Password sharing and reuse – A 2024 Business Wire report found over 50% of users still rely on memory and reuse passwords. This makes your business vulnerable to credential stuffing and phishing.
- Orphaned accounts – Accounts left active after an employee departs are a common risk. These become low-visibility, high-risk backdoors. Industry standards like CIS Control 5.3 recommend disabling dormant accounts after 45 days.
- Privilege creep – As roles change, access accumulates. But rarely does anyone go back and remove access they no longer need, increasing the blast radius of any attack.
These aren’t unusual cases. They’re the default in SMBs that lack identity controls.
Manual user management isn’t just tedious—it’s risky
Consider what happens when you hire or offboard an employee:
- HR updates the payroll system.
- Your IT services provider creates or disables accounts across 10–30 apps.
- Managers send tickets when additional access needs arise.
- On departure, IT must manually revoke access everywhere.
Every manual step is a chance for something to be missed. And during offboarding, delays are dangerous.
Your MSP can solve this problem by automating access changes in Okta.
- Joiners – Okta automatically provisions or deprovisions the user’s app access based on job role.
- Movers – When someone changes roles, app access updates automatically.
- Leavers – When someone exits your company, their access to everything is cut off instantly in a single click.
Why Okta through your IT provider is a game-changer
Okta is the identity platform of choice for large enterprises like FedEx, Zoom, and even the U.S. Department of Justice. But SMBs typically struggle to adopt it due to cost, complexity, and lack of in-house expertise.
That’s where your MSP or IT services provider comes in. By partnering with ZeroTek, your IT provider can offer:
- Enterprise-grade identity protection with Okta IAM at the core.
- Flexible, usage-based pricing. Only pay for what you use, monthly.
- Rapid setup and automation. Get protected in days, not months.
- Ongoing support to adapt as your business grows or changes.
You don’t need to learn or manage Okta. Your IT provider handles everything, using a platform purpose-built to simplify and secure Okta IAM for SMBs—so you get the full power of Okta without the enterprise overhead.
“Clients are always telling us they don’t know how they lived without Okta.
It’s a truly satisfying solution to deliver. We know it’s great technology, and clients love using it.”
– Kristian Sanchez,
Senior Security Consultant, NENS
What an Okta IAM rollout looks like with NENS
- Discovery: NENS meets with client stakeholders to align expectations and complete an assessment questionnaire.
- App review: NENS reviews all applications to determine SAML support (a standard protocol that enables single sign-on). In the Okta integration ecosystem, most do.
- Okta enrollment: NENS partners with the client to enroll users in Okta.
- Primary productivity suite integration: NENS integrates Okta with Microsoft 365 (M365) or Google Workspace and takes the integration live. Users then sign in through Okta passwordless authentication.
- App integrations: Based on a prioritized list agreed upon with the client, NENS federates additional applications with Okta and provides regular status updates.
“Clients are always telling us they don’t know how they lived without Okta,” says Sanchez. “It’s a satisfying solution to deliver. We know it’s great technology, and clients love using it.”
Better identity management makes everything safer and smoother
When you reduce employee identity risk with Okta, you:
- Shrink the attack surface: Credentials are locked down, insider threats are minimized, and strong, phishing-resistant MFA protects every access point.
- Speed up onboarding and offboarding: With Okta delivered through ZeroTek, these processes take seconds, not hours.
- Make audits easier with centralized logs: Centralized logs and consistent security policies make compliance and cyber insurance easier.
- Boost employee productivity with SSO: Employees get easy, secure access to what they need—while attackers are stopped in their tracks.
Most importantly, you get peace of mind—knowing your business, your data, and your team are protected. Ask your IT provider how they can secure your business with Okta-powered IAM.
NENS x ZeroTek
New England Network Solutions (NENS) brings deep frontline MSP expertise, while ZeroTek’s multi-tenant Okta control plane makes it easy to standardize and scale best-practice identity security for SMBs. With ZeroTek | Okta, NENS rolls out strong, consistent controls quickly, cuts risk without adding complexity and delivers enterprise-grade protection to all customers.
Are you ready?
Ready to explore how ZeroTek | Okta can help your MSP deliver next-level security services to your customers?
