Case Study:
Enhancing Security and Customer Satisfaction at GCS Technologies
Introduction
GCS Technologies is a mid-sized managed service provider based in Austin, Texas, specializing in IT infrastructure management, cybersecurity, and cloud services. They serve small-to-medium-sized enterprises (SMEs) across many industries. GCS wanted to strengthen authentication protocols for high-security customer requests, such as remote access approvals, configuration changes, and sensitive data handling. In addition, the company was required to implement this technology to renew its cyber-liability insurance policy.
The Challenge
Traditional methods of authenticating customer requests, such as email confirmations and phone calls, were deemed insufficient against sophisticated social engineering attacks, phishing, and impersonation risks. These risks have only increased with the increased usage of deepfake technology created by AI.
Exploring Solutions
GCS’ security team evaluated several authentication tools for fit. They reviewed options available from leading IDP providers but found that most of these didn’t support the use of authenticating third parties not already configured in the IDP. GCS wanted an out-of-band authentication tool separate and isolated from the tools used currently by customers.
GCS discovered SendAuth.com. SendAuth's specialization in authenticating customer contacts and verifying custom permission levels for high-security requests was a perfect fit. It offered passkey-based authentication and a rapid enrollment process. Its native integration with ConnectWise—a core tool in GCS’ operations—allowed for automatic logging of approvals, ensuring audit-ready compliance. SendAuth's focus on MSPs, with features for handling both internal (staff) and external (customer/vendor) requests, aligned perfectly with GCS’ requirements.
Implementation
GCS partnered with SendAuth in August of 2025 for a phased rollout. The process began with:
Onboarding and Integration
SendAuth's team assisted in integrating the platform with Microsoft Entra ID and ConnectWise Manage, enabling seamless logging of authentication events into service tickets.
Customization
GCS defined permission levels for different request types (e.g., admin access required dual approvals, purchasing authorization, etc). They set up auth groups for threshold-based approvals, where sensitive requests needed confirmation from multiple authorized users.
Training and Adoption
Internal training sessions were held for GCS’ support team, emphasizing how to initiate authentication requests via email, SMS, or the SendAuth app. Customers were onboarded through Teams meetings, explaining the new process as a security enhancement.
Testing and Go-Live
A pilot with 5 clients tested the system for a month, refining workflows based on feedback. The implementation was smooth with SendAuth's documentation and support ensuring quick resolution of any issues.
The Results
Post-implementation, GCS experienced immediate improvements:
Enhanced Security and Compliance
All high-security requests now required authentication, reducing the risk of unauthorized access. The cyberliability insurer approved the setup during a follow-up audit, maintaining favorable policy terms.
Operational Efficiency
Integration with ConnectWise streamlined logging, cutting manual documentation time.
Customer Feedback
Clients quickly noticed the added layer of security. For instance, a healthcare client praised the system for aligning with HIPAA requirements, stating, "It gives us peace of mind knowing our requests are securely verified."
Unexpected Opportunities
Many customers, impressed by the seamless experience, inquired about adopting SendAuth for their own businesses, leading to new revenue streams through reselling SendAuth subscriptions