Glossary / Credential vault
A secure, encrypted store for the passwords and secrets an MSP needs to manage client systems — with access logging and rotation — replacing a spreadsheet or shared document.
An MSP accumulates an enormous number of credentials across its client base — admin logins, API keys, service account passwords, network device credentials — and how those are stored is one of the highest-leverage security decisions the MSP makes, because a single leaked vault can expose every client at once.
A real credential vault encrypts secrets at rest, logs every access (who viewed or used which credential, when), and supports rotation on a schedule rather than a password that's technically "in the vault" but has been unchanged for three years.
This is also one of the first things a security-conscious client's own IT or compliance team will ask an MSP about directly — "how do you store the passwords to my systems" is a very reasonable, very common vendor-security question.
How Nexus handles this
The Nexus security suite includes an encrypted credential vault with scheduled rotation and access logging, built into the platform rather than a separate tool bolted on.
A company that remotely manages a client's IT infrastructure and end-user systems on an ongoing, proactive basis — usually a flat-fee contract, not break-fix billing.
Software that lets an MSP monitor device health and perform remote management tasks — patching, scripting, remote control — across every client site from one console.
Software that runs the business side of MSP operations — ticketing, SLAs, billing, contracts, and client records — the system of record most MSP work flows through.
Join the design-partner cohort and we'll show you exactly where this lives.