Welcome to Guardz!
With Guardz, you can now leverage a comprehensive solution that protects your clients from significant attack vectors, including email, devices, external exposure, employee negligence, and browsers, ensuring that your clients’ security is resilient to any threats that may come their way.
This guide is a summary of the steps we suggest you take when starting with Guardz.
It’s important to understand that your data is always secure with Guardz, and you are always in control of what level of access you grant. Guardz will present the requested scopes and explain the purpose whenever permissions are needed. These permissions can be reviewed and disabled at any time.
Step 1: Signing Up
Sign up with Google or Microsoft [recommended] - Using your cloud SSO will allow you to quickly connect to the platform and facilitate simple and secure future logins. Note that the only information Guardz will collect at this point will be your name and email address.
Sign up with your business email address - Guardz will email you a link to verify your business email address. You will not be able to use a personal/non-business email address. For future logins, this method will only be available for a limited time.
On the next page, choose “MSP” as your account type.
Follow the rest of the steps in the onboarding process. These steps include activating the Cloud Directory Posture security control for your organization, adding your organization’s logo and contact information, and generating your first risk report. You can skip any steps you’re not quite ready to complete now and go back later!
After completing the initial onboarding, you begin your 14-day free trial.
Note: Now that you've installed the agent, you can access the login page again by navigating to https://app.au.guardz.com/
Step 2: Getting to Know the MSP Dashboard
After signing up, you will land on the MSP dashboard. The dashboard will help you prioritize tasks of the highest importance and streamline administrator workflows. The dashboard optimizes your connection to pressing customer and asset-related issues.
The organizational toggle in the top left corner allows you to switch between managing your customers in aggregate or one at a time. It also allows you to navigate to different customers. The toggle is usable on any screen, providing many ways to view and compare different organizations.
All Customers View
The All Customers View displays the combined information for all of your customers.
The section in the top left displays the digital assets of all of your customers.
The Coverage & Issues by Security Control Radar displays the security control coverage of all of your customers. It also indicates the number of customers experiencing issues of each security control, to help you notice trends.
The Customers section in the top right is a list of your customers sorted by priority (based on their security scores). This list will help direct you to the customer that requires your attention first.
The Issues by Risk section is an aggregate view of all your customers’ issues sorted by priority. This will help direct you to the issues that require your attention first.
The Insights section contains additional useful information and suggested actions you can take. For example, the availability of new prospecting reports or when permissions to a detection were lost and need to be re-added. This is also where we will tell you when we add new types of detections that require your permission to activate.
Single Customers View
The Single Customer View displays the same types of information as the 'All Customers View' but isolates it for a single customer.
However, instead of the Customers section, you will see this specific customer’s security score. If the score passes the insurance threshold, you will be eligible to apply for cyber insurance (currently US only).
Customer Growth Navigation
The navigation area at the top of the screen focuses on the growth of your MSP business.
It allows you to quickly access these areas of the platform:
Adding new customers
Growth Hub
Prospecting Reports
Customers
Demo Customer
We’ve created a “demo” customer to help you visualize Guardz’s functionality and issues with all security controls active.
The demo customer can be deleted at any time from the Customers area of the platform by hovering over the demo row and selecting the trash button.
Please keep in mind that once the demo customer is deleted, the only way to restore it will be to contact the support team.
Step 3: Out-of-the-box Scans
Now that you have started your 14-day trial of Guardz, two security controls will start immediately for your organization: Dark Web Monitoring and the External Footprint Scan.
The initial scan results for Dark Web Monitoring should be available immediately. In contrast, the scan results for the External Footprint Scan will take between 3 and 72 hours (you will be notified by email when it is complete).
Step 4: Activate the Cloud Directory Posture
While Dark Web Monitoring and the External Footprint Scan start working immediately after signup, you will need to activate the rest of the security controls for your organization.
The first security control to activate is the Cloud Directory Posture (available for Google Workspace and Microsoft 365). It scans the activity and configurations of all users and inboxes and generates alerts in the platform. Detections include abnormal login locations, suspicious mailbox rules, and more. The Cloud Directory Posture is crucial to activating many subsequent security controls.
Good news! You may have already activated the Cloud Directory Posture in the onboarding process. But if you skipped that step, now would be the time to activate it. From the Single Customer View of the Cloud Directory Posture, select “Activate.”
Learn more about the Cloud Directory Posture and the activation process in the Cloud Directory Posture article.
Note: Here and in Step 7 later on, you are being guided to activate security controls for your MSP organization. In Step 9, you will activate them for specific customers.
Step 5: Assign Licenses and User Types
When the Cloud Directory Posture is activated, the system will automatically assign active licenses and user types based on the email statuses in your main directory.
There are three user types, each with differing permissions:
Member - Members are the users who will be assigned a Guardz license. Guardz will protect their activity and will alert them to issues. They will have limited access to the User Portal for completing assigned tasks, such as completing an Awareness campaign or handling quarantined emails.
Viewer - Like Members, Viewers have access to all areas of the platform (the Single Customer View) but cannot make changes or edits, activate security controls, or remediate issues.
Admin - Like Members and Viewers, Admin can activate security controls, remediate issues, and edit user settings. Note that there are two types of Admin: Admin of one customer and Admin of the MSP. Admin of one customer will have access to all areas of the platform, within the Single Customer View. Admin of the MSP will have access to all areas of the platform, with both the All Customers View and Single Customers View. You can assign an unlimited number of Admin users to each account. MSP Admins can also create prospecting reports and control customer billing.
These are some examples of the system’s automatic assignments:
Regular users will be active as Members
MSP Admin will be active as Admins
Customer Admins will be active as Members (and therefore will need to be assigned to Admin manually)
Conference rooms will be inactive (and therefore will not have a user type)
You can change these default assignments at any time. One of the easiest methods is going to Users > Settings.
Here you can change users to active or inactive and change the user type. Note that only users with active licenses will be protected by Guardz. To change the user type, hover over their current user type and select the drop-down arrow.
To add new users and admins, simply add them to your main workspace, and Guardz will automatically pull them into the platform. Then you can make them active and assign their user type.
Automate User Activation and Deactivation
Admins have the ability to automate the activation and deactivation of users in Guardz, including the ability to automate based on activity in the cloud directory (Google Workspace and Microsoft 365):
Choose whether Guardz automatically activates or deactivates new users or if you prefer manual activation.
Group-Based Activation and Deactivation: Specify from which groups a user will be automatically activated or deactivated from when syncing from the Cloud Directory
The feature can be found on the Users Page using the Single Customer View > 'Settings' as well as in the Cloud Directory security control > 'Active users'
This new addition provides greater flexibility, automation and control over user management, ensuring that access aligns with your organizational policies and security needs.
By assigning users to different groups in the cloud directory, the MSP can choose to activate or deactivate users by these groups automatically. The MSP Admin can quickly filter users from view to identify the correct groups for automated activation or deactivation and also select multiple groups to automate.
Learn more about assigning licenses and user types in the User Management article.
Step 6: Security Awareness Training and Phishing Simulations
Once the Cloud Directory Posture is activated, you will be able to utilize the Security Awareness Training and Phishing Simulations security controls. With these tools, you can educate employees about security risks and how to identify potential threats.
Read more about these in the Security Awareness Training article and the Phishing Simulations article.
Step 7: Activate Additional Security Controls
The following security controls require manual activation and have different deployment options:
Cloud Data Protection - This security control monitors access to cloud app assets (files and folders) using security best practices. This is available for Google Workspace, Microsoft 365, Monday.com, and Dropbox Teams.
Learn more about Cloud Data Protection and the activation process in the Cloud Data Protection article.Email Protection - This security control monitors email inboxes. If needed, you can send employees a guide about the User Portal and what to expect from Guardz.
Learn more about Email Protection and the activation process in the Email Protection article.Endpoint Security - This security control monitors the device posture of company-managed laptops and desktops.
Learn more about Endpoint Security and the activation process in the Endpoint Security article.Secure Browsing - This security control monitors browsing activity.
Learn more about Secure Browsing and the activation process in the Secure Browsing article.
Step 8: Personalize Your Branding (Emails, Reports, and User Portal)
Your logo and company details will appear in every interaction Guardz will have with your users. These interactions include awareness campaign emails, quarantine emails, the User Portal, prospecting reports, ROI reports, and more.
To set this up, go to Organization Settings. Upload your logo and enter customer-facing information about your company.
White Labeling
Take your branding a step further with white labeling. White labeling allows you to seamlessly present users with your MSP brand in place of Guardz. Utilize white labeling to strengthen your MSP brand and trusted security relationship with your customers. SMTP integration is currently available, with more white-labeling features being added soon.
Step 9: Add Your Customers!
It’s the most exciting step: adding customers. In the top right corner of the dashboard, select + New.
1. Follow the instructions to login with the admin account associated with this customer and enter the customer’s credentials.
Note: The process of adding a new customer automatically activates their External Footprint Scan and Dark Web Monitoring security controls.
2. In steps 4 and 7 above, you activated security controls for your MSP organization. Now you can follow the same instructions and activate them for specific customers.
Step 10: Setup Your Email Notification Preferences
Guardz will send you an email when issues are detected. By default, real-time notifications will be enabled. In My Profile, you can change the notification settings for each customer, including the severity threshold.
You’re ready to go!
Now that you’ve activated the security controls and configured your settings, Guardz will start detecting issues. All issues can be found in the Issues area of the platform. There you can utilize different views and filters to handle issues easily.
Learn more about issues in the Issues Handling article.