{"id":25804,"date":"2026-01-09T13:42:13","date_gmt":"2026-01-09T18:42:13","guid":{"rendered":"https:\/\/www.sherweb.com\/blog\/?p=25804"},"modified":"2026-01-12T15:11:57","modified_gmt":"2026-01-12T20:11:57","slug":"identity-first-security-msps","status":"publish","type":"post","link":"https:\/\/www.sherweb.com\/blog\/security\/identity-first-security-msps\/","title":{"rendered":"Identity-first security: The new perimeter for MSPs"},"content":{"rendered":"<p><span data-contrast=\"auto\">Identity-first security is a modern approach that treats identity as the new perimeter for cybersecurity. With users, devices\u00a0and applications accessing resources from anywhere, the traditional network perimeter no longer suffices.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Instead, every access decision is based on\u00a0<\/span><a href=\"https:\/\/www.sherweb.com\/blog\/microsoft-ecosystem\/office-365\/ai-identity-security\/\"><span data-contrast=\"none\">verifying the identity<\/span><\/a><span data-contrast=\"auto\">, device health, user\u00a0behavior\u00a0and contextual risk factors,\u00a0and\u00a0continuously enforcing policies throughout the session. This approach is critical for MSPs because identity-based attacks now dominate cybercrime, with about\u00a0<\/span><a href=\"https:\/\/www.forbes.com\/sites\/tonybradley\/2025\/02\/12\/data-reveals-identity-based-attacks-now-dominate-cybercrime\/\"><span data-contrast=\"none\">75% of breaches involving valid credentials<\/span><\/a><span data-contrast=\"auto\">\u00a0rather than malware.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2><span data-contrast=\"none\">Common principles of identity-first security<\/span><\/h2>\n<p><span data-contrast=\"auto\">Moving away from IP ranges or network zones requires a shift in strategy. The common principles of an identity-first security approach include:<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"4\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Identities as the perimeter: <\/span><\/b><span data-contrast=\"auto\">Instead of relying\u00a0just\u00a0on IP ranges or network zones, access is granted or denied based on the verified identity of users, devices\u00a0and services and their current risk level.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"4\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Strong, layered identity controls: <\/span><\/b><span data-contrast=\"auto\">Identity-first\u00a0security\u00a0strategies center on IAM, MFA, phishing-resistant authentication, privileged access management (PAM)\u00a0and continuous monitoring of identity activity.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"4\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Context-aware and continuous:<\/span><\/b> <span data-contrast=\"auto\">Policies consider device health, location,\u00a0behavior\u00a0and sensitivity of the resource,\u00a0and are enforced not only at login but throughout the session, revoking or stepping up authentication when conditions change.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">Identity is the primary battleground<\/span><\/h2>\n<p><span data-contrast=\"auto\">The stats are clear: identity-based attacks now dominate cybercrime.<\/span><span data-ccp-props=\"{&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Recent data shows that identity is now the primary battleground, not malware. CrowdStrike reporting indicates roughly <\/span><a href=\"https:\/\/www.forbes.com\/sites\/tonybradley\/2025\/02\/12\/data-reveals-identity-based-attacks-now-dominate-cybercrime\/\"><span data-contrast=\"none\">three out of four attacks now rely on valid credentials<\/span><\/a><span data-contrast=\"auto\">\u00a0rather than malicious code, meaning attackers are logging in instead of breaking in.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><a href=\"https:\/\/www.beyondtrust.com\/blog\/entry\/the-state-of-identity-security-identity-based-threats-breaches-security-best-practices\"><span data-contrast=\"none\">Statistics<\/span><\/a><span data-contrast=\"auto\">\u00a0paint a concerning picture for MSPs and their clients:<\/span><span data-ccp-props=\"{&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">\u00a0<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Phishing is everywhere:<\/span><\/b><span data-contrast=\"auto\">\u00a0Nearly 70%\u00a0of organizations reported phishing as the most common identity-based attack in 2024.<\/span><span data-ccp-props=\"{&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Credential theft is\u00a0rising:<\/span><\/b><span data-contrast=\"auto\">\u00a0Credential breaches cause almost 80% of web application compromises.<\/span><span data-ccp-props=\"{&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Malware is adapting:<\/span><\/b><span data-contrast=\"auto\">\u00a0Infostealer malware, designed specifically to target credentials, surged by over 260% recently.<\/span><span data-ccp-props=\"{&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">These figures highlight how attackers focus on stealing and abusing identities, making traditional password-only defenses ineffective.<\/span><span data-contrast=\"auto\">\u200b\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">Prioritizing\u00a0identity-first\u00a0security\u00a0measures<\/span><\/h2>\n<p><span data-contrast=\"auto\">To combat these threats,\u00a0MSPs should prioritize identity-first security measures such as phishing-resistant multi-factor authentication (MFA) using hardware security keys, challenge auth\u00a0or certificate-based methods.\u00a0These\u00a0are much harder to bypass than SMS or app-based codes.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">You should also consider the following\u00a0controls:<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Conditional access<\/span><\/b><span data-contrast=\"auto\">:\u00a0Policies based on user location, device compliance\u00a0and risk signals ensure that access is granted only under safe conditions.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Privileged access management (PAM):\u00a0<\/span><\/b><span data-contrast=\"auto\">Implementing PAM\u00a0with just-in-time admin access and strict controls on elevated accounts reduces the attack surface for lateral movement and admin takeover.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Device trust<\/span><\/b><span data-contrast=\"auto\">\u00a0<\/span><b><span data-contrast=\"auto\">and continuous session evaluation:\u00a0<\/span><\/b><span data-contrast=\"auto\">These\u00a0further protect against token theft and session hijacking.<\/span><span data-contrast=\"auto\">\u200b\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"4\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Password managers<\/span><\/b><span data-contrast=\"auto\">: Tools\u00a0like\u00a0<\/span><a href=\"https:\/\/www.sherweb.com\/security\/keeper-security\"><span data-contrast=\"none\">Keeper<\/span><\/a><span data-contrast=\"auto\">\u00a0or\u00a0<\/span><a href=\"https:\/\/www.sherweb.com\/security\/lastpass\"><span data-contrast=\"none\">LastPass<\/span><\/a><span data-contrast=\"auto\">\u00a0should be\u00a0utilized\u00a0to ensure\u00a0strong, unique passwords are used for each account.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">Demonstrating value to your clients<\/span><\/h2>\n<p><span data-contrast=\"auto\">Packaging these core identity-first controls as standardized MSP offerings\u00a0enables MSPs to clearly communicate the value of identity security. This helps clients understand how protecting identities reduces their biggest cyber risks\u00a0and differentiates their\u00a0offering\u00a0from their competitors.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">By adopting this strategy,\u00a0MSPs\u00a0can\u00a0show measurable reductions in credential and session-based risk to their customers over time,\u00a0thus\u00a0demonstrating\u00a0the value\u00a0their service brings.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">Ready to strengthen your security stack?<\/span><\/h2>\n<p><a href=\"https:\/\/www.sherweb.com\/partners\/\"><span data-contrast=\"none\">Partner with Sherweb\u00a0today<\/span><\/a><span data-contrast=\"auto\">\u00a0to access a comprehensive\u00a0<\/span><a href=\"https:\/\/www.sherweb.com\/cloud-solutions-marketplace?category=security\"><span data-contrast=\"none\">portfolio of security solutions<\/span><\/a><span data-contrast=\"auto\">\u00a0designed to help you protect your clients&#8217; identities.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-teams=\"true\">Want to continue the discussion? Join the <a href=\"https:\/\/info.sherweb.com\/cybermsp-community\">CyberMSP Community<\/a> to chat with peers and experts about identity-first security and get answers to any other questions you might have related to cybersecurity for MSPs.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Identity-first security is a modern approach that treats identity as the new perimeter for cybers","protected":false},"author":188,"featured_media":25806,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[753],"tags":[919,1031],"class_list":["post-25804","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-cybersecurity","tag-identity-and-access-management"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Identity-first security: Why MSPs need to protect the new perimeter | Sherweb<\/title>\n<meta name=\"description\" content=\"Identity-first security treats identity as the new perimeter. Learn core principles and how it reduces risks for your clients.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.sherweb.com\/blog\/security\/identity-first-security-msps\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Identity-first security: Why MSPs need to protect the new perimeter | Sherweb\" \/>\n<meta property=\"og:description\" content=\"Identity-first security treats identity as the new perimeter. Learn core principles and how it reduces risks for your clients.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.sherweb.com\/blog\/security\/identity-first-security-msps\/\" \/>\n<meta property=\"og:site_name\" content=\"Sherweb\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Sherweb\" \/>\n<meta property=\"article:published_time\" content=\"2026-01-09T18:42:13+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-01-12T20:11:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.sherweb.com\/blog\/wp-content\/uploads\/1200x480-2.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2400\" \/>\n\t<meta property=\"og:image:height\" content=\"960\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Roddy Bergeron\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@SherWeb\" \/>\n<meta name=\"twitter:site\" content=\"@SherWeb\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Roddy Bergeron\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/identity-first-security-msps\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/identity-first-security-msps\\\/\"},\"author\":{\"name\":\"Roddy Bergeron\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#\\\/schema\\\/person\\\/f6a0c8e1d541dbeb57fd3e025b325795\"},\"headline\":\"Identity-first security: The new perimeter for MSPs\",\"datePublished\":\"2026-01-09T18:42:13+00:00\",\"dateModified\":\"2026-01-12T20:11:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/identity-first-security-msps\\\/\"},\"wordCount\":579,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/identity-first-security-msps\\\/#primaryimage\"},\"thumbnailUrl\":\"\\\/blog\\\/wp-content\\\/uploads\\\/1200x480-2.jpg\",\"keywords\":[\"Cybersecurity\",\"Identity and Access Management\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/identity-first-security-msps\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/identity-first-security-msps\\\/\",\"url\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/identity-first-security-msps\\\/\",\"name\":\"Identity-first security: Why MSPs need to protect the new perimeter | Sherweb\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/identity-first-security-msps\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/identity-first-security-msps\\\/#primaryimage\"},\"thumbnailUrl\":\"\\\/blog\\\/wp-content\\\/uploads\\\/1200x480-2.jpg\",\"datePublished\":\"2026-01-09T18:42:13+00:00\",\"dateModified\":\"2026-01-12T20:11:57+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#\\\/schema\\\/person\\\/f6a0c8e1d541dbeb57fd3e025b325795\"},\"description\":\"Identity-first security treats identity as the new perimeter. Learn core principles and how it reduces risks for your clients.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/identity-first-security-msps\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/identity-first-security-msps\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/identity-first-security-msps\\\/#primaryimage\",\"url\":\"\\\/blog\\\/wp-content\\\/uploads\\\/1200x480-2.jpg\",\"contentUrl\":\"\\\/blog\\\/wp-content\\\/uploads\\\/1200x480-2.jpg\",\"width\":2400,\"height\":960,\"caption\":\"Identity-first security: Why MSPs need to protect the new perimeter\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/identity-first-security-msps\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/category\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Identity-first security: The new perimeter for MSPs\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/\",\"name\":\"Sherweb\",\"description\":\"More than a cloud marketplace\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#\\\/schema\\\/person\\\/f6a0c8e1d541dbeb57fd3e025b325795\",\"name\":\"Roddy Bergeron\",\"description\":\"Roddy Bergeron's career has taken various paths including government auditing, nonprofit work, public\\\/private partnerships with the State of Louisiana, helping build an MSP by building their managed service, managed security, vCISO and compliance programs, and now as the Cybersecurity Technical Fellow with Sherweb. Roddy has obtained many certifications over the years including his MCSE, CCNA:Security, CEH, CCSP, CISSP and CSAP. Our MSP community is extremely important to Roddy and he loves giving back to the community that has helped him out so much over the years. Roddy hopes to continue to help other MSPs succeed and raise the cybersecurity tide for our industry.\",\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/in\\\/roddy-bergeron-cissp-ccsp-csap-33432573\\\/\"],\"url\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/author\\\/roddy-bergeron\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Identity-first security: Why MSPs need to protect the new perimeter | Sherweb","description":"Identity-first security treats identity as the new perimeter. Learn core principles and how it reduces risks for your clients.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.sherweb.com\/blog\/security\/identity-first-security-msps\/","og_locale":"en_US","og_type":"article","og_title":"Identity-first security: Why MSPs need to protect the new perimeter | Sherweb","og_description":"Identity-first security treats identity as the new perimeter. Learn core principles and how it reduces risks for your clients.","og_url":"https:\/\/www.sherweb.com\/blog\/security\/identity-first-security-msps\/","og_site_name":"Sherweb","article_publisher":"https:\/\/www.facebook.com\/Sherweb","article_published_time":"2026-01-09T18:42:13+00:00","article_modified_time":"2026-01-12T20:11:57+00:00","og_image":[{"width":2400,"height":960,"url":"https:\/\/www.sherweb.com\/blog\/wp-content\/uploads\/1200x480-2.jpg","type":"image\/jpeg"}],"author":"Roddy Bergeron","twitter_card":"summary_large_image","twitter_creator":"@SherWeb","twitter_site":"@SherWeb","twitter_misc":{"Written by":"Roddy Bergeron","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.sherweb.com\/blog\/security\/identity-first-security-msps\/#article","isPartOf":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/identity-first-security-msps\/"},"author":{"name":"Roddy Bergeron","@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/f6a0c8e1d541dbeb57fd3e025b325795"},"headline":"Identity-first security: The new perimeter for MSPs","datePublished":"2026-01-09T18:42:13+00:00","dateModified":"2026-01-12T20:11:57+00:00","mainEntityOfPage":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/identity-first-security-msps\/"},"wordCount":579,"commentCount":0,"image":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/identity-first-security-msps\/#primaryimage"},"thumbnailUrl":"\/blog\/wp-content\/uploads\/1200x480-2.jpg","keywords":["Cybersecurity","Identity and Access Management"],"articleSection":["Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.sherweb.com\/blog\/security\/identity-first-security-msps\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.sherweb.com\/blog\/security\/identity-first-security-msps\/","url":"https:\/\/www.sherweb.com\/blog\/security\/identity-first-security-msps\/","name":"Identity-first security: Why MSPs need to protect the new perimeter | Sherweb","isPartOf":{"@id":"https:\/\/www.sherweb.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/identity-first-security-msps\/#primaryimage"},"image":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/identity-first-security-msps\/#primaryimage"},"thumbnailUrl":"\/blog\/wp-content\/uploads\/1200x480-2.jpg","datePublished":"2026-01-09T18:42:13+00:00","dateModified":"2026-01-12T20:11:57+00:00","author":{"@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/f6a0c8e1d541dbeb57fd3e025b325795"},"description":"Identity-first security treats identity as the new perimeter. Learn core principles and how it reduces risks for your clients.","breadcrumb":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/identity-first-security-msps\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.sherweb.com\/blog\/security\/identity-first-security-msps\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.sherweb.com\/blog\/security\/identity-first-security-msps\/#primaryimage","url":"\/blog\/wp-content\/uploads\/1200x480-2.jpg","contentUrl":"\/blog\/wp-content\/uploads\/1200x480-2.jpg","width":2400,"height":960,"caption":"Identity-first security: Why MSPs need to protect the new perimeter"},{"@type":"BreadcrumbList","@id":"https:\/\/www.sherweb.com\/blog\/security\/identity-first-security-msps\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.sherweb.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.sherweb.com\/blog\/category\/security\/"},{"@type":"ListItem","position":3,"name":"Identity-first security: The new perimeter for MSPs"}]},{"@type":"WebSite","@id":"https:\/\/www.sherweb.com\/blog\/#website","url":"https:\/\/www.sherweb.com\/blog\/","name":"Sherweb","description":"More than a cloud marketplace","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.sherweb.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/f6a0c8e1d541dbeb57fd3e025b325795","name":"Roddy Bergeron","description":"Roddy Bergeron's career has taken various paths including government auditing, nonprofit work, public\/private partnerships with the State of Louisiana, helping build an MSP by building their managed service, managed security, vCISO and compliance programs, and now as the Cybersecurity Technical Fellow with Sherweb. Roddy has obtained many certifications over the years including his MCSE, CCNA:Security, CEH, CCSP, CISSP and CSAP. Our MSP community is extremely important to Roddy and he loves giving back to the community that has helped him out so much over the years. Roddy hopes to continue to help other MSPs succeed and raise the cybersecurity tide for our industry.","sameAs":["https:\/\/www.linkedin.com\/in\/roddy-bergeron-cissp-ccsp-csap-33432573\/"],"url":"https:\/\/www.sherweb.com\/blog\/author\/roddy-bergeron\/"}]}},"tag_names":["Cybersecurity","Identity and Access Management"],"_links":{"self":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts\/25804","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/users\/188"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/comments?post=25804"}],"version-history":[{"count":4,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts\/25804\/revisions"}],"predecessor-version":[{"id":25809,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts\/25804\/revisions\/25809"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/media\/25806"}],"wp:attachment":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/media?parent=25804"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/categories?post=25804"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/tags?post=25804"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}