MyCena : For the COO

The operational threat

The credential question your clients will ask — and the one you cannot currently answer.

Every organisation that outsources operational work to a BPO, MSP, or shared service provider eventually asks the same question: “How do you prevent your staff from sharing or selling access to our systems?” It is being asked in contract renewals, security audits, and procurement reviews in every major sector — financial services, healthcare, government, retail. The answer currently available to most outsourced operations is a policy answer: acceptable use agreements, training, monitoring. That answer is no longer sufficient.

The question has a structural answer now. MyCena means your agents never hold a credential to share or sell. The credential is generated centrally, injected invisibly at login, and revoked in seconds when an agent leaves or a client relationship ends. The answer to the client’s question becomes architectural, not procedural — and that distinction is the difference between winning and losing the audit conversation.

Kaseya — 2021

1,500

MSP technician credentials compromised. 1,500 downstream client environments encrypted simultaneously. Every client relationship at risk from one set of credentials.

Operational consequence: simultaneous client impact at scale

BPO credential sale — recurring

£50–500

Agent sells banking portal credentials on dark web. BPO faces client penalty, regulatory investigation, and contract termination worth orders of magnitude more. Agent carries almost none of the downside.

Operational consequence: contract loss, regulatory exposure

Stale access — industry-wide

72 hrs

Average time for a departed agent’s credentials to remain active after offboarding in manual deprovisioning environments. Every hour is a contractual and regulatory liability window.

Operational consequence: SLA breach, audit finding, client escalation

From the field

“I showed the COO the annual reset cost against MyCena’s price. The conversation lasted ten minutes.”

— IT Director, BPO serving Tier 1 banks · 30 days post-deployment · reset volume: zero

Contract and audit risk

The three questions your clients are now asking.

These questions are appearing in contract renewals, security audits, and procurement reviews. They are not technical questions. They are contractual ones.

Question 1 of 3

“How do you prevent your agents from sharing or selling access to our systems?”

MyCena’s answer: structurally — not through policy. Agents never hold a credential. The credential is generated by your organisation, distributed encrypted, and injected invisibly at login. An agent who wants to sell access has nothing to sell. An agent sharing a login at shift handover is sharing nothing — the credential is invisible and device-bound.

Financial services clients — particularly Tier 1 and Tier 2 banks — are under direct regulatory pressure to demonstrate that their outsourced operations cannot be a vector for credential-based fraud. The FCA, PRA, and equivalent regulators in the US and EU are making it explicit that the bank’s obligations extend to its service providers. When the bank’s auditor asks the bank, the bank asks the BPO. Without MyCena, that question does not have a clean answer.

Question 2 of 3

“When an agent leaves — voluntarily or otherwise — how long does it take to confirm their access to our systems has been fully revoked?”

MyCena’s answer: under 60 seconds. Logged. Provable. One command revokes all credentials for any user across every connected system simultaneously. The revocation log records the exact timestamp and confirms zero access. Not a checklist. Not a process. A timestamped proof, exportable on demand for any client or auditor review.

In most outsourced operations, manual offboarding takes between 24 and 72 hours to complete across all systems — and often leaves gaps. During that window, a departed agent retains active credentials to client systems. Every hour of that window is a contractual and regulatory liability. In high-turnover BPO environments — 20–30% annual churn is common — that window opens and closes hundreds of times a year, accumulating liability that most COOs cannot currently quantify.

Question 3 of 3

“If your IT systems were breached tonight, how would that affect our data and our operations?”

MyCena’s answer: the blast radius is structurally contained. Because every agent has a unique credential scoped to specific systems, a single compromised credential does not cascade. Lateral movement requires per-system credentials the attacker does not have. The incident is contained. The client’s data is not at risk from a breach in a neighbouring part of the environment.

The Kaseya incident demonstrated at scale what happens when a single set of MSP credentials reaches every client environment simultaneously. 1,500 organisations were encrypted from one credential. Financial services clients and enterprise buyers are now writing supply chain credential isolation requirements into contracts. The question is no longer hypothetical — it is in the T&Cs.

Operational mechanics

How it works in a live operational environment.

MyCena deploys as a software overlay. No changes to existing systems, no agent retraining, no operational disruption. Agents access every system exactly as they always have — they simply never see the credential.

Agent login

Agent clicks to connect to any system. MyCena injects the credential at authentication. The agent accesses the system normally in one click. Nothing is typed, nothing is displayed, nothing can be shared. The agent’s experience is identical to before — except the credential is invisible.

Shift handover

An agent finishing a shift cannot hand over credentials to an incoming colleague — there is nothing to hand over. The incoming agent’s own MyCena credentials are injected when they log in. Shift handover credential sharing is structurally eliminated, not monitored.

Agent departure

An agent leaves — planned or unplanned. One administrator command revokes all credentials simultaneously across every connected system in under 60 seconds. The revocation log records the exact timestamp. There is no checklist, no manual deprovisioning, and no window of residual access.

Client access scope

Credentials are scoped per agent per client system at issuance. An agent working on Client A’s environment holds no credential for Client B’s systems. A compromised or departing agent cannot reach adjacent client environments. Client isolation is architectural, not procedural.

Audit evidence

Every access event is logged — which agent, which client system, timestamp, device, IP. Every provisioning and revocation event is logged with the authorising administrator. When a client asks for an access log, you export it in 30 seconds — not in three days of manual compilation.

What changes operationally

Before and after MyCena — from a COO’s perspective.

Before MyCena

Agents create and hold their own credentials — sharing is a policy violation you cannot structurally prevent
Password resets consume 300–400 helpdesk tickets per month per 1,000 agents
Account lockouts generate SLA exposure when agents cannot log in mid-shift
Offboarding is a manual checklist — access windows of 24–72 hours are common
High-turnover environments mean the offboarding window opens hundreds of times per year
Client audit questions about agent credential governance cannot be answered structurally
A compromised agent credential can reach every client environment that agent touched
Vendor and contractor access persists after engagement ends unless someone remembers

After MyCena

Agents never hold credentials — sharing is architecturally impossible, not a policy matter
Password resets drop to zero within 30 days for the governed cohort — users cannot forget what they never knew
Account lockouts are eliminated — no credential means no lockout event
Offboarding is a single command — simultaneous revocation across all systems in under 60 seconds
Every departure generates a timestamped revocation proof, exportable for client or audit review
Client audit questions have a structural answer — and the evidence log to back it
Per-system credential scoping means one compromised agent reaches one system — not all of them
Vendor credentials are organisation-controlled and revoked instantly at engagement end

Sector context

Where the operational credential risk is highest.

The same structural problem appears in every outsourced operation — but the commercial consequence varies by sector.

BPO — Financial services

Primary trigger: banking client audit or contract renewal

Agents access banking portals and payment systems. Credential sharing and sale is a direct fraud vector for the bank’s customers. Banks are writing credential governance requirements into BPO contracts.

✓ MyCena provides the structural answer to the audit question — and the evidence log to prove it.

MSP — Multi-client environments

Primary trigger: supply chain security review or Kaseya-type incident awareness

Technician credentials reach every client environment simultaneously. One compromised or departing technician is a supply chain credential event — not a single-client event.

✓ MyCena governs all technician credentials centrally. Instant revocation across every client environment. No supply chain cascade.

BPO — Healthcare & insurance

Primary trigger: HIPAA audit or insurer security assessment

Agents access patient records or claims systems. HIPAA requires unique user identification and workforce security controls. Credential sharing is a direct regulatory violation — and a claims trigger.

✓ MyCena structurally eliminates shared credentials and generates the §164.312(b) audit evidence automatically.

Shared service centres

Primary trigger: parent company security review or M&A due diligence

Centralised operations serving multiple internal clients. High staff turnover at junior levels. Credential governance is frequently the gap found in M&A security reviews.

✓ MyCena’s audit trail provides the access governance evidence that M&A due diligence reviews require — on demand, not on manual preparation.

Contact centres — Retail & utilities

Primary trigger: PCI DSS assessment or customer data breach incident

Agents access customer accounts, payment data, and personal information at scale. High turnover means offboarding failures accumulate rapidly. PCI DSS Requirement 8 mandates unique user IDs and prompt access revocation.

✓ MyCena enforces unique credentials per agent and generates the PCI DSS Requirement 8 and 10 evidence automatically.

Government & defence contractors

Primary trigger: CMMC 2.0 assessment or clearance audit

Contractor personnel access controlled unclassified information. Credential governance is the most frequently deficient domain in CMMC assessments. Contract loss for non-compliance is existential.

✓ MyCena addresses the CMMC 2.0 Access Control domain directly — the most commonly failed domain in assessments.

COO Q&A

Common operational questions.

The questionThe answer

“Will agents need retraining?”

No. Agents click to connect exactly as they always have. The credential is injected invisibly — nothing about their login experience changes. The only difference is they never see or know the credential. There is no retraining requirement and no change management programme needed.

“How does it handle our high turnover?”

MyCena is specifically designed for high-turnover environments. Offboarding is a single command — simultaneous revocation across all systems in under 60 seconds, logged and confirmed. In a 1,000-agent environment with 25% annual turnover, that is 250 offboarding events handled structurally rather than manually. The cumulative risk reduction is material.

“What about our third-party vendors and contractors?”

All vendor and contractor credentials are governed under the same central control model as internal agents. Vendor credentials are scoped per system, logged per event, and revocable instantly when an engagement ends. The third-party access report shows every active vendor credential, its scope, and its revocation status — on demand for any client review.

“How do we show clients the evidence?”

The MyCena dashboard exports the access event log, provisioning log, and revocation log for any time period in standard formats. When a client asks for evidence of access controls — in an audit, a renewal, or an incident review — you export it in under 30 seconds. No manual compilation, no preparation time, no gaps.

“How long does deployment take and what does it disrupt?”

Two weeks from sign-off to live — no infrastructure changes, no downtime, no disruption to operations. The IT team spends approximately four hours on configuration in the first two days. Agents are not aware of the deployment until they are live — at which point their experience is identical to before, minus the credential.

“Can I use this as a selling point with clients?”

Yes — and this is the strongest commercial case for deployment. MyCena deployment enables you to answer the credential governance audit question structurally. “We use MyCena — our agents never hold credentials, and here is the access log to prove it” is a materially stronger answer than “we have an acceptable use policy.” In competitive tendering and contract renewals, that distinction is increasingly decisive.

The commercial case in one sentence

MyCena costs less per year than one SLA penalty event, takes two weeks to deploy, and converts the credential audit question from a risk to a competitive advantage — in every renewal conversation where that question appears.