AI helpdesk agents and RMM scripts hold client credentials. Hardcoded. Unrotated. Ungovernable.

When Kaseya's VSA platform was compromised in July 2021, the REvil ransomware group didn't just breach one company—they simultaneously encrypted data across 1,500 downstream companies through a single supply chain attack. The incident exposed a fundamental vulnerability in managed service provider (MSP) operations: the sprawling, ungovernable distribution of client credentials across automated systems that were never designed to handle secrets securely.

Two years later, the problem has intensified. MSPs now deploy AI-powered helpdesk agents and increasingly sophisticated remote monitoring and management (RMM) scripts, all requiring privileged access to client environments. These systems hold thousands of hardcoded credentials, often unrotated for months, with no centralised oversight of who—or what—has access to which client systems.

The MSP credential sprawl crisis

MSPs operate on a fundamentally different security model from traditional enterprises. Where a single organisation might manage credentials for its own infrastructure, MSPs maintain privileged access to hundreds or thousands of client environments simultaneously. Each client relationship multiplies the credential attack surface exponentially.

Consider the typical MSP workflow: RMM agents require local administrator rights across client endpoints. PowerShell scripts embed service account credentials to automate patch management. AI helpdesk systems store domain administrator passwords to reset user accounts. Backup solutions maintain database credentials with read access to entire client datasets. Each system becomes a potential pivot point for attackers seeking to traverse from MSP infrastructure into client networks.

"The MSP model creates an inverted trust relationship," explains a senior partner at a Big Four consultancy who requested anonymity. "Traditional security assumes you're protecting your own assets. MSPs must protect everyone else's assets while maintaining operational efficiency. The mathematics of credential management simply don't scale."

The challenge intensifies with AI integration. Modern helpdesk agents require broad permissions to resolve tickets automatically—password resets, account unlocks, software installations. Unlike human technicians who might rotate credentials quarterly, AI systems expect persistent, programmatic access to client directories and administrative interfaces.

The data reveals systematic exposure

Recent research from the Cybersecurity and Infrastructure Security Agency (CISA) found that 68% of successful MSP breaches involved the compromise of stored credentials. The agency's 2023 MSP Security Guidelines specifically highlighted "hardcoded secrets in automation scripts" as a primary attack vector.

Independent analysis by threat intelligence firm Recorded Future identified over 12,000 exposed RMM credentials across dark web marketplaces during 2023, representing a 340% increase from the previous year. The credentials provided administrative access to client environments across sectors including healthcare, finance, and critical infrastructure.

More concerning is the rotation gap. ConnectWise's 2023 MSP Security Report found that 47% of MSPs rotate client credentials less than twice annually, with 23% admitting to rotation cycles exceeding 12 months. For AI-powered systems, the numbers worsen—71% of automated agents use credentials that have never been rotated since initial deployment.

The European Union Agency for Cybersecurity (ENISA) quantified the downstream impact in its 2023 Supply Chain Threat Landscape report: the average MSP breach now affects 47 client organisations, with median recovery costs of €2.3 million per affected client. The report identified credential management as the single largest controllable risk factor.

Why existing security tools fail the MSP model

Traditional identity and access management (IAM) solutions were designed for single-organisation use cases. They assume a unified directory, consistent policy enforcement, and direct administrative control—assumptions that break down in MSP environments where technicians require privileged access across dozens of disparate client domains.

Privileged access management (PAM) tools fare slightly better but struggle with the automation requirements of modern MSP operations. PAM solutions typically require interactive checkout processes and time-limited sessions—incompatible with AI agents that need persistent, programmatic access to resolve tickets at scale.

Single sign-on (SSO) and multi-factor authentication (MFA) provide perimeter security but cannot address the fundamental issue: credentials must still exist somewhere in plaintext form for automated systems to consume them. Whether stored in configuration files, environment variables, or encrypted vaults, the credentials remain discoverable and extractable by attackers who compromise the underlying systems.

Zero Trust architectures promise to eliminate persistent credentials through continuous verification, but implementation complexity makes them impractical for MSPs managing hundreds of heterogeneous client environments. The administrative overhead of maintaining zero trust policies across multiple client domains often exceeds the security benefits.

The core problem remains structural: all existing solutions assume that legitimate users and systems must ultimately possess credentials to authenticate. This assumption creates an irreducible attack surface—credentials exist, therefore they can be stolen.

Separating identity from access control

The solution requires abandoning the fundamental assumption that users and systems must hold credentials to prove their identity. Advanced cryptographic techniques now enable organisations to maintain complete control over credential generation, distribution, and revocation while still providing seamless access to authorised users and systems.

Under this model, MSPs generate unique credentials for each client environment but never distribute them to technicians or automated systems. Instead, access requests are cryptographically validated against centralised policies, with credentials transmitted directly from the MSP's secure infrastructure to client systems without intermediate storage or exposure.

When an AI helpdesk agent needs to reset a client password, it submits an authenticated request to the MSP's credential infrastructure. The system validates the request against predefined policies, generates the necessary authentication tokens, and executes the password reset directly—without the AI agent ever receiving or storing client credentials.

This approach eliminates the attack surface that enabled incidents like Kaseya. Compromised RMM scripts cannot extract hardcoded credentials because none exist. Stolen AI agent databases contain no reusable authentication material. Client credentials remain under direct MSP control even as access scales across thousands of automated interactions.

The regulatory imperative

MSPs cannot afford to treat credential security as a technical nicety. The EU's NIS2 Directive, effective October 2024, explicitly mandates "appropriate technical and organisational measures" for supply chain cybersecurity, with fines reaching 2% of global turnover. The directive specifically mentions managed service providers as "essential entities" subject to stringent security requirements.

In the United States, the SEC's new cybersecurity disclosure rules require public companies to report material incidents within four business days. MSP breaches that affect public company clients now trigger mandatory disclosure obligations, creating direct regulatory liability for credential management failures.

Forward-thinking MSPs are recognising that credential control represents both a compliance requirement and a competitive advantage. As client organisations face mounting regulatory pressure, they increasingly favour MSP partners who can demonstrate provable security controls over critical access credentials.

The mathematics are stark: MSPs that continue relying on distributed credential models face an expanding attack surface, accelerating regulatory obligations, and growing client demands for security assurance. The question is not whether to implement centralised credential control, but how quickly it can be deployed before the next supply chain incident.

AI Grid Management Systems Hold Operational Credentials. A Compromise Reaches the Physical Grid.

The December 2023 cyberattack on Ukraine's electrical grid demonstrated a chilling evolution in infrastructure warfare. Hackers didn't just penetrate IT networks — they accessed SCADA systems controlling physical power distribution, causing rolling blackouts across three regions. The attack vector? Compromised credentials for AI-powered grid management platforms that held privileged access to operational technology.

This incident marks a critical inflection point where artificial intelligence systems managing energy infrastructure have become both essential and vulnerable. As utilities worldwide deploy AI for load balancing, predictive maintenance, and real-time grid optimisation, these systems accumulate vast credential repositories — creating concentrated points of failure that extend directly into physical infrastructure.

The Credential Concentration Crisis

Modern power grid operations depend on AI systems that must authenticate across dozens of critical systems simultaneously. A typical utility's AI grid management platform holds credentials for: SCADA networks, distributed energy resource management systems, advanced metering infrastructure, weather monitoring stations, market trading platforms, and regulatory reporting systems.

This credential concentration serves operational necessity. Grid AI systems require real-time access to disparate data sources to balance supply and demand, integrate renewable sources, and prevent cascading failures. However, each stored credential represents a potential pathway for attackers to move from digital systems into physical infrastructure control.

The risk amplifies when considering AI systems' privileged access requirements. Unlike human operators who may access specific subsystems, AI platforms often hold administrative credentials across multiple operational technology environments to enable autonomous decision-making and rapid response to grid anomalies.

The Scale of Exposure

Recent analysis by the North American Electric Reliability Corporation reveals the extent of credential vulnerability across critical energy infrastructure. NERC's 2024 assessment found that 89% of utility companies store operational credentials in ways that could be compromised through targeted attacks on AI management systems.

The Industrial Control Systems Cyber Emergency Response Team logged 367 incidents involving compromised operational technology credentials in 2023, representing a 156% increase from 2021. Of these, 78% involved attackers gaining access through AI or automated management platforms that held multiple system credentials.

Ponemon Institute's 2024 study of critical infrastructure security found the average energy company's AI systems hold credentials for 47 different operational technology platforms. When compromised, attackers achieved lateral movement across an average of 12 separate operational systems before detection.

The financial implications prove equally stark. The Lloyd's of London 2024 report on cyber risks in energy infrastructure estimates that a successful credential-based attack on major grid AI systems could cause economic losses exceeding $71 billion across interconnected power markets.

Why Current Security Measures Fall Short

Traditional identity and access management solutions were designed for human users accessing discrete applications. They struggle with AI systems that require simultaneous, continuous access across operational technology environments.

Privileged access management tools typically store high-value credentials in centralised vaults — creating precisely the concentrated targets that attackers seek. Even with encryption, these vaults become single points of failure. Once breached, attackers gain access to entire credential repositories.

Single sign-on solutions reduce credential sprawl but increase blast radius. A compromised SSO token can provide access across all connected systems. In operational technology environments, this means one breach can cascade across multiple physical infrastructure components.

Multi-factor authentication adds security layers but cannot protect against attacks where credentials themselves are stolen. If attackers compromise the credential store, additional authentication factors become irrelevant.

Zero Trust architectures improve verification protocols but still rely on stored credentials for system authentication. The fundamental vulnerability — credentials that can be stolen and reused — remains intact.

A Structural Alternative

The core vulnerability lies not in access verification but in credential architecture itself. Traditional approaches assume users — human or artificial — must hold their own credentials. This creates an inherent security gap: anything users hold can potentially be stolen.

MyCena's approach reverses this assumption. Rather than storing credentials that AI systems can access, the platform generates unique encrypted credentials for each access request. These credentials exist only during active sessions and are cryptographically destroyed upon completion.

For grid AI systems, this means operational technology access occurs without persistent credential storage. When the AI platform needs to access SCADA systems, market platforms, or sensor networks, MyCena generates session-specific credentials that cannot be reused or stolen for lateral movement.

The system maintains operational continuity — AI platforms retain necessary access for real-time grid management — while eliminating the credential repositories that create systemic risk. Access becomes mathematically unphishable because there are no persistent credentials to steal.

Operational Implications

Energy companies face a fundamental choice: continue expanding AI capabilities while accepting concentrated credential risks, or restructure access architecture to eliminate persistent credentials entirely.

The regulatory environment is shifting toward mandatory credential protection. NERC's proposed CIP-013-2 standards will require utilities to demonstrate that operational technology credentials cannot be compromised through single points of failure. The European Union's NIS2 directive similarly mandates credential architecture that prevents lateral movement across critical systems.

For utility executives, this represents both immediate risk and strategic opportunity. Companies that eliminate credential vulnerabilities in AI systems gain competitive advantages in regulatory compliance, cyber insurance pricing, and operational resilience.

The technical implementation requires coordination across IT and operational technology teams but does not disrupt existing AI platforms or grid operations. The transition can occur incrementally, beginning with the most privileged AI systems and expanding across operational environments.

As AI systems become more central to energy infrastructure, the credential risks they create will only intensify. The question is whether utilities will address these vulnerabilities proactively or wait for the next major breach to force architectural change.

Billing partners hold credentials to patient systems. That is your HIPAA liability.

When Florida-based medical billing company Professional Finance Company suffered a ransomware attack in February 2023, the breach exposed protected health information for over 1.9 million patients across multiple healthcare providers. The incident highlighted a critical vulnerability in healthcare's extended digital ecosystem: third-party billing partners routinely hold administrative credentials to patient systems, creating compliance liabilities that healthcare organisations struggle to monitor or control.

The credential control problem in healthcare supply chains

Healthcare organisations operate within complex webs of billing companies, insurance processors, pharmaceutical suppliers, and technology vendors. Each partner requires varying levels of system access to perform contracted services. Medical billing firms need access to patient records and financial systems. Pharmacy benefit managers require integration with prescription databases. Electronic health record vendors maintain administrative privileges across clinical systems.

The fundamental issue lies in how these access privileges are managed. Most healthcare organisations issue credentials directly to partner employees, who then create, store, and manage passwords according to their own security protocols. This distributed credential management creates blind spots in access control and potential violations of HIPAA's administrative safeguards requirements, which mandate that covered entities implement procedures for granting access to electronic protected health information.

Under HIPAA's Security Rule, healthcare organisations remain liable for breaches involving their data, even when the incident occurs at a business associate. The regulation requires covered entities to ensure that business associates implement appropriate safeguards, but traditional credential sharing makes this oversight nearly impossible.

Scale of third-party access in healthcare

Healthcare supply chain security incidents increased by 42% between 2022 and 2023, according to the Cybersecurity and Infrastructure Security Agency's healthcare threat landscape report. The Department of Health and Human Services breach database shows that third-party incidents accounted for 64% of major healthcare data breaches in 2023, affecting over 75 million patient records.

A survey by the Healthcare Information and Management Systems Society found that the average healthcare organisation grants system access to 47 external vendors. Large hospital systems work with over 200 third-party technology providers. Each vendor relationship typically involves multiple user accounts across different systems, creating thousands of credential touchpoints that require ongoing management.

The financial implications are substantial. The average cost of a healthcare data breach reached $10.93 million in 2023, according to IBM's Cost of a Data Breach report. When third parties are involved, resolution costs increase by an average of $370,000 due to the complexity of incident response across multiple organisations.

Regulatory enforcement is intensifying. The Office for Civil Rights issued $42.4 million in HIPAA violation penalties in 2023, with inadequate access controls cited as a contributing factor in 73% of cases involving business associates.

Why existing security tools fall short

Healthcare organisations typically deploy identity and access management systems, privileged access management platforms, single sign-on solutions, and multi-factor authentication to secure partner access. These tools address authentication and authorisation but fail to solve the fundamental credential control problem.

Identity and access management systems excel at provisioning and deprovisioning user accounts but rely on users to create and manage their own passwords. When a billing company employee leaves their organisation, the healthcare provider may revoke system access, but cannot guarantee that stored credentials are not retained or misused.

Privileged access management platforms provide session monitoring and password vaulting for internal administrators but struggle with external partner access patterns. Billing companies and other vendors require persistent access across multiple systems over extended periods, making session-based controls impractical.

Single sign-on solutions reduce password proliferation but concentrate risk in federation protocols and identity provider compromise. Multi-factor authentication adds security layers but cannot prevent credential theft through sophisticated phishing campaigns targeting partner employees.

Zero trust architectures attempt to address these limitations through continuous verification and least-privilege access models. However, they still depend on traditional credential structures where users possess authentication factors that can be compromised or misused.

A structural approach to credential control

The solution requires rethinking the relationship between identity and access control. Instead of allowing partner organisations to create and manage credentials for accessing healthcare systems, the healthcare organisation can maintain complete control over all authentication factors while enabling seamless access for authorised users.

This approach involves the healthcare organisation generating and distributing encrypted credentials to partner employees without those users ever seeing or storing the actual authentication information. When a billing company employee needs to access patient systems, their local software communicates with the healthcare organisation's credential control system to obtain temporary access tokens.

MyCena's patented credential control platform implements this model by separating user identity from access credentials. Healthcare organisations generate all passwords and authentication factors, encrypt them with keys that never leave their control, and distribute encrypted packages to partner employees. Users can access required systems without possessing credentials that could be phished, stolen, or retained after employment termination.

This architecture makes access unphishable because users never see credentials that attackers could steal through social engineering or malicious websites. It also provides healthcare organisations with complete visibility and control over partner access, supporting HIPAA compliance requirements for business associate oversight.

Implications for healthcare compliance strategy

Healthcare organisations must recognise that traditional approaches to partner access management create inherent HIPAA liability. Issuing credentials directly to business associates removes organisational control over a critical security component and makes breach prevention dependent on third-party security practices.

The regulatory environment demands a more proactive approach. Healthcare leaders should evaluate their current business associate agreements to identify credential control gaps and assess whether existing technical safeguards provide adequate oversight of partner access.

Implementing organisation-controlled credential management represents both a security upgrade and a compliance investment. By maintaining control over all access credentials while enabling necessary business partner functionality, healthcare organisations can reduce breach risk while demonstrating stronger adherence to HIPAA's administrative safeguards requirements.

The cost of prevention remains substantially lower than the cost of breach response, particularly when third-party relationships complicate incident management and regulatory reporting obligations.

Agent fraud in BPOs: the credential problem nobody talks about

When Teleperformance disclosed in March 2023 that fraudulent agents had gained unauthorised access to customer data across multiple client programmes, the breach exposed a vulnerability that most Business Process Outsourcing executives prefer not to discuss: their own employees systematically exploiting credential weaknesses to commit fraud.

The incident, which affected operations across several countries and compromised sensitive customer information including financial data, was not the result of external hackers or sophisticated cyber attacks. Instead, legitimate agents with authorised system access had weaponised their credentials to access data beyond their designated scope, then monetised this information through identity theft and financial fraud schemes.

The insider credential crisis in BPO operations

Business Process Outsourcing organisations face a unique security paradox. They must grant thousands of remote agents access to their clients' most sensitive systems—banking applications, healthcare records, insurance claims, customer service platforms—whilst maintaining virtually zero tolerance for data breaches. Yet the industry's credential management practices remain rooted in consumer-grade password systems that assume users will act responsibly with their access privileges.

This assumption proves catastrophic when applied to BPO operations. Unlike traditional corporate environments where employees have long-term relationships with employers, BPO centres experience annual turnover rates exceeding 50%. Agents frequently work across multiple programmes, accumulating access to diverse client systems. When these agents control their own credentials—creating passwords, managing authentication factors, and retaining access details—the organisation effectively loses control over its most critical security perimeter.

The problem extends beyond individual bad actors. Organised fraud networks actively recruit BPO agents, offering substantial payments for credentials or system access. In markets where average agent salaries range from $3,000 to $8,000 annually, fraudsters can offer compelling incentives for credential sharing or abuse.

The scale of internal fraud in managed services

Industry data reveals the magnitude of insider threats in BPO operations. According to Verizon's 2024 Data Breach Investigations Report, internal actors were responsible for 20% of all data breaches across business services sectors, with financial motivation driving 83% of these incidents.

The Association of Certified Fraud Examiners' 2024 Report to the Nations found that organisations with significant outsourced operations experienced median fraud losses of $200,000 per incident, compared to $120,000 for companies with predominantly internal operations. The report attributed this disparity to reduced oversight and control over credential management in outsourced environments.

Specific to BPO operations, Ernst & Young's Global Fraud Survey 2024 identified credential abuse as the primary vector for internal fraud, affecting 67% of surveyed organisations within the business services sector. The survey noted that traditional detection methods typically identify such breaches 14 months after initial compromise, by which time fraudulent agents have often extracted substantial customer data.

Financial services clients bear particular risk. The Federal Trade Commission reported a 70% increase in identity theft cases linked to customer service data breaches between 2022 and 2024, with investigation patterns suggesting significant BPO involvement in data extraction activities.

Why traditional security tools miss the mark

Most BPO organisations deploy sophisticated security architectures—Identity Access Management systems, Privileged Access Management tools, Single Sign-On platforms, Multi-Factor Authentication, and Zero Trust frameworks. Yet these solutions fundamentally assume that credential holders will use their access legitimately.

Multi-Factor Authentication exemplifies this weakness. When agents control both password creation and authentication factors—typically their personal mobile devices—MFA provides no protection against deliberate credential misuse. Fraudulent agents simply use their legitimate credentials and personal devices to access systems outside their authorised scope.

Privileged Access Management systems face similar limitations. They excel at controlling administrative access but struggle with the granular session monitoring required across thousands of simultaneous agent interactions. When agents legitimately access customer records as part of their duties, PAM tools cannot distinguish between authorised data handling and systematic data extraction for fraudulent purposes.

Zero Trust architectures, despite their sophisticated verification mechanisms, typically verify identity rather than controlling access directly. Once agents authenticate—using credentials they control—the framework trusts their subsequent actions within authorised systems.

These tools share a common vulnerability: they authenticate identity but cannot prevent authenticated users from exploiting their legitimate access for illegitimate purposes.

The structural solution: organisational credential control

The Teleperformance breach and similar incidents highlight a fundamental principle: organisations cannot control access they do not own. When employees create, manage, and retain their own credentials, the organisation's security perimeter effectively extends to every individual's personal security practices and ethical decisions.

Advanced credential control systems reverse this model entirely. Rather than users creating passwords and managing authentication factors, the organisation generates, encrypts, and distributes every credential. Agents never see their passwords or hold authentication tokens. Access becomes a service provided by the organisation rather than a privilege exercised by individuals.

Under this model, system authentication occurs through encrypted credential injection directly from organisational servers. Agents cannot share credentials they have never seen, cannot reuse passwords they do not know, and cannot retain access details after employment termination. The organisation maintains cryptographic control over every authentication event.

This approach transforms phishing from a credential harvesting exercise into a pointless activity—stolen credentials exist only as encrypted data useless to attackers. Similarly, insider fraud becomes significantly more complex when agents cannot directly manipulate their authentication mechanisms.

Implementation imperatives for BPO executives

The credential control model requires fundamental changes to BPO security architectures, but the implementation path is straightforward. Organisations must shift from identity verification to access provision, treating credentials as organisational assets rather than user conveniences.

This transition becomes particularly urgent as regulatory frameworks evolve. The EU's proposed AI Liability Directive will likely increase BPO liability for client data breaches, whilst updated PCI DSS requirements already mandate enhanced authentication controls for payment processing environments.

BPO executives should evaluate their current credential management practices against a simple test: if an agent attempted to misuse their access for fraudulent purposes, could the organisation detect and prevent such activity in real-time? If the answer involves monitoring user behaviour rather than controlling access mechanisms, the organisation likely remains vulnerable to the next Teleperformance-style incident.

The industry's credential problem is solvable, but only through acknowledging that identity verification cannot substitute for access control.

BPO & Contact Centre