KDIT enables greater flexibility, security, and end user productivity with Todyl SASE

Zach DeMeyer
January 12, 2024

How does an already successful MSP expand its business even further? By meeting clients’ needs wherever they are while reducing costs and increasing flexibility through a trusted solution partner.

KDIT serves Los Angeles and Orange County, California, with clients ranging from small, one/two-person shops to larger businesses with over 100 seats. In 2022, they evaluated their offering and the threat landscape, identifying a need to improve security for their clients.

However, many of their clients also requested user experience improvements, both in terms of productivity and ease of use. Typically, these improvements require sacrificing security. KDIT knew solutions like VPNs wouldn't cut it, so set out to find an alternative that would meet their clients' needs.

SASE: Improving end user productivity and streamlining secure resource access

Upon finding Todyl, KDIT immediately recognized they could bolster their offerings and bring much-needed flexibility to their client base. KDIT brings security to its clients by leveraging Todyl’s Endpoint, SIEM, MXDR, and SASE modules. Many KDIT clients seek out SASE directly to bolster their network security presence.

As a Fortinet partner, KDIT needed a solution that unified logging, networking, and endpoint data in a single location, which can be difficult when products don’t integrate well. With Todyl, KDIT customers can leverage whatever solutions their business demands. KDIT secures and monitors them all through one pane of glass in Todyl, saving them time and their customers’ money.

Kevin Derenard, KDIT’s founder and CEO, explains, “None of our other solutions are as easy to deploy as Todyl. It’s easy to get into the user's hands. The solution for us makes it so we only need one agent. And that's what we like the most; just the simplicity of being able to deploy a minimal amount of software and get a lot of results from it.”

KDIT sysadmin, Dat Nguyen, adds: “The single agent is what really shines. We can just disable or enable any feature we want.”

Through Todyl SASE, KDIT provides customers with several other key benefits beyond integration. The first of those is content filtering. Derenard says, “That's a huge one because a lot of clients had some sort of existing proxy web filtering solution and this just basically erases the need for that. Todyl has a single control panel, so it’s relatively easy to whitelist and add exceptions. That's the biggest hurdle there is with content filtering. One client has employees who visit older websites, some that they even log into. They're not SSL or they are newly unrated sites.” KDIT effectively and efficiently blocks those sites through Todyl, creating exceptions as needed and controlling how employees spend their time on company machines while maintaining security. For the end client, that means greater productivity and fewer potential security events from untrusted websites.

Beyond content filtering, the secure remote access aspec t of SASE has appealed to many of KDIT’s customers. Many customers can forego solutions like VPNs completely thanks to what KDIT does with Todyl.

For example, one customer, a real estate agency, had just opened a new satellite branch office with only a few employees. Instead of having to invest in a new firewall, IPsec tunneling, VPNs, or other costly upfront and continuing costs, KDIT just enrolled them in Todyl SASE. Now, the satellite employees can access their resources as securely as someone at HQ, and the client saves money in the process.

Another client, a separate real estate firm, came to KDIT with an older environment running legacy versions of Windows on their endpoints and servers. Working with their internal IT team, KDIT ensured smooth, secure connections between the machines and Azure through Todyl—all without having to rip and replace the entire fleet. Now, the company can update the fleet at its own pace while ensuring its resource access remains secure. Of the situation, Nguyen says: “We work alongside the [Todyl] MXDR team with SASE and SIEM to ensure detections across their entire environment. It brings up any vulnerabilities that we can share with the internal IT team.”

As a part of those detections, Todyl’s MXDR team uncovered that the client’s networks were very flat and unsegmented, meaning a greater possibility for lateral movement, especially across connected IoT (Internet of Things) devices. “We’re addressing that with [Todyl’s] software for ZTNA to segment their networks and mitigate those risks while also reducing the amount of hardware or layer three designs required.” KDIT provides the client with a reduced attack surface thanks to the ZTNA approach SASE enables while lowering costs, both in capital and operational expenditures.

Using SaaS and SASE to cut out contract lock-in

Beyond the obvious benefits to security and productivity for their clients, KDIT has not only expanded what it can offer but can also now reach wider customer bases. Using the SaaS, as-you-need-it model from Todyl, KDIT provides an a la carte offering to clients, which differs from many other MSPs in the space.

Often, when going with an MSP, you must bundle a lot of services together and are ultimately beholden to whatever terms and durations those contracts stipulate. KDIT has completely turned that model on its head, instead allowing customers to pay for only the services they need for the period they need them.

Derenard explains, “When we go to review the proposal, we basically dive into each one and give examples as to what those things are and why it's important to have it. Like why wouldn't you want to have content filtering? Why wouldn't you want to know what your employees are looking at when they're on the internet when they're working? We couldn't offer it this way until we got to [Todyl] because its terms are usage-based.”

Thankfully, because they don’t have lock-in contracts, KDIT customers can pick and choose their offering depending on their needs, aligning with their current budget and perceived risk profile.

To conclude, Derenard remarks, “I think one of the major selling points I bring the customer is ‘If we could basically control and monitor all the computers that are allowed to talk to each other and isolate all the ones that are not allowed to talk to your network, wouldn't you want to do that regardless of where the computers are?’ And usually, the answer is yes.”

Stay up to date

Subscribe to receive the latest insights, news, and updates from Todyl.

Additional reading

Threat breakdown: Remote access and credential dumping
5 key elements of effective MDR providers: Beyond just detection and response
Streamlining zero trust security with JumpCloud and Todyl

Todyl updates

Sign-up to get the latest from Todyl sent straight to your inbox.