MARKETO MUNCHKIN CODE Munchkin Account ID: 946-OMQ-360 Workspace (Partition): None Tracking Code Type: Asynchronous
top of page
Mesa de trabajo 1.jpg

New Security Policies in CSP

Meet GDAP: The new Microsoft CSP Security program

MicrosoftTeams-image (18).png

What is GDAP?

As part of its zero-trust policies, Microsoft is introducing "Granular Delegated Administrator Privileges" (GDAP) to replace the more basic "Delegated Administrator Privileges" (DAP) previously used for Microsoft CSP management.

 

GDAP is a security feature that provides partners with least privileged access following the Zero Trust cybersecurity protocol. It enables partners to set up granular and time-limited access to their customers' workloads in production and sandbox environments. This less privileged access must be explicitly granted to partners by their customers. 

Partner Benefits:

01.png

Granular control and time limit to your clients' workloads

02.png

Better approach to security concerns

03.png

 

Provide more services to End Users with policies  restrictive security

shutterstock_601000151.jpg

Download the toolkit developed by  TD SYNNEX  where you will find all the resources to implement GDAP

-Battle card

- Guide to configuring your direct access to GDAP

- Email template to inform your end customers

- Guide: How to do it in StreamOne

- Frequent questions

We give you all the tools

One story, three chapters

Microsoft is changing the way we enable partners to deliver and manage services with customers to tighten security and offer a greater opportunity to sell with an advanced security and governance model.

DAP is used by any partner that manages services for their clients or offers technical support to their clients. It is how the partner accesses the customer's account as an administrator.

01

DAP: Delegated Administrator Permission

Current Delegated Managing Partner (DAP) relationships are too broad, making it difficult for partners to transact in the enterprise segment. Microsoft is creating better reporting and is rolling out the ability for a partner to disable the DAP connection when not in use.

02

GDAP: Granular Delegated Administrator Privilege

Customer auditing requirements require partners to restrict their users to granular permissions to perform delegated administration activities. Granular permissions in the customer tenant will help address data security concerns, reduce the blast radius of security incidents, and make partner and customer ecosystems more secure. At the same time, granular permissions will allow partners to tap into a new regulated segment and monetize the advanced security and governance model.

03

Definitive withdrawal of DAP

Once the new GDAP access system is operational, Microsoft will end the previous DAP model

How TD SYNNEX Support GDAP

Cybersecurity remains one of the main challenges of our digital age. Building a secure ecosystem requires taking a holistic approach to security that includes a zero-trust mindset, a cloud-centric posture, and investment in people and skills. Zero Trust follows the principles of explicitly verifying, using least privileged access, and assuming the violation. Organizations that operate under these principles are more resilient, consistent, and receptive to new attacks. With our partners, we are taking steps in line with these principles to secure the channel.  

Protecting access to customer data is a critical part of ecosystem security and partners should take steps to employ tools for the principle of least privileged access.

on the platforms of  TD SYNNEX resellers will have the following features available:

Reports
  • Visibility of current DAP and GDAP status, assigned roles, expiration date
License and User Administration
  • Validate if the reseller has the correct permissions to perform the transaction and if not, prevent the transaction and notify the user

  • Ability for reseller to choose "Recommended" category permission

  • Activate approval request link and send email

  • Trigger notification to reseller when permission is approved

Creation of new tenants
  • Reseller can select limited and recommended permission

  • Reseller will be able to select the email address to notify when approved

  • GDAP and GDAP in SCM ToolTips

  • Admin users receive the GDAP request link within the credentials email template

General
  • Marketplace switch to turn GDAP functionality on or off at the country level ("Actionable Reports and User/License mgmt" and "New Tenant Creation")

Meet Lighthouse

Microsoft 365 Lighthouse is a management portal that helps managed service providers (MSPs) secure and manage devices, data, and users at scale for small and medium business (SMB) customers.

Use Lighthouse to secure and standardize Microsoft 365

shutterstock_522876487.jpg

Protect your business from cyber attacks against end-customer tenants

As a partner in the Cloud Solution Provider Program, you are responsible for your customer's consumption of the Microsoft Cloud, so it is important that you are aware of any potential fraud activity in your customers' Azure and per-user subscriptions. This will allow you to take immediate action to determine whether the behavior is legitimate or fraudulent and, if necessary, suspend the affected Azure resources or Azure subscription to mitigate the issue.

Best practices to protect your business

We accompany you at all times.

If you have any questions, please contact us

bottom of page