Trying to remember your password for every website, portal, tool and piece of software is borderline impossible. Some organisations like to solve this problem by using a very simple and memorable password, variations of the same password, or worse – the exact same password for everything! That’s just asking for trouble.
Simple and memorable passwords are very easy for hackers to gain access to, with a staggering 81% of breaches caused by weak or reused passwords. Even using a very strong password, but used across many sites and logins, means a single breach on one site or platform can compromise your information everywhere else. That’s where a password manager comes in.
What is a Password Manager?
The average enterprise uses 91 services! Teams, Microsoft apps, emails, Dropbox, Social media channels, CRM, marketing software, sales automation, online store, website – the list goes on and on. With more accounts than you can possibly recall, how are you supposed to remember strong, unique passwords for all of them? The simple answer is you can’t – but a password manager can.
A password manager is an application that creates, remembers and automatically fills in your passwords for you. Log in to an account one time, or manually add log in information to your password manager, and it will automatically store your username and password. All your passwords are stored in an encrypted format, which means they’re safe and protected. A password manager provides fast, secure and easy access to all your stored passwords with the help of a single master password.
A password manager can be incredibly beneficial for any business that wants to boost security, simplify the onboarding and offboarding process, as well as help employees manager their passwords more effectively.
Why is this important?
Passwords are essential
No one needs to be told that passwords are important – we all know this. But it’s important to remember that your password is your first line of defence. Put simply, no matter what service it is that you’re using, the security is often times only as good as the password that you’ve set.
Making a very strong password is often complicated. A password manager really takes a lot of the pain out of the process and makes an often complicated and time consuming process simple and easy. A password manager does this by creating and remembering new, strong and complex passwords that are extremely difficult for hackers to crack.
Unique
The strongest passwords are comprised of letters, numbers and symbols in a string of no particular order or sense. These passwords should look like a cat just walked across your keyboard (for example: jR7z5$R?68<*G>M). Creating a solid, complex and secure password is great – but if you’re not using unique passwords for each of your accounts, it’s basically pointless.
A site or application’s security is only as good as the password you use! Furthermore, many websites are at risk of data breaches that could potentially reveal your login details. Even if you create a strong and complex password, using the same password across multiple sites, accounts and applications means a cybercriminal can potentially own the master key to accessing every one of your accounts that use the same email and password combo, putting yourself and your business at risk for cyber attacks.
Account volume
The average organisation uses 91 services and applications, which means that even if you created unique passwords for all of them, you’d never be able to remember them all. While randomly generated passwords are difficult for computers to crack, they veer on being impossible to remember; especially if you are using a different password for each of your accounts (which you indeed should).
Fortunately, with a Password Manager you won’t need to frantically search for the scrap of paper you wrote your email password on and then ‘hid in a safe place’, or compile a Word document listing all of your logins. Password Managers keep all of your passwords in one encrypted and password-protected app.
Simplicity
Password managers significantly increase your security while also simplifying your life … how often does that happen!?
A password manager requires you to remember a single password – that’s it – then it does the rest. No more trying to remember if it was a capital letter in this password, or a 3 instead of a capital E – and best of all, no more password resets!
What makes a great Password Manager?
Usability
A password manager, particularly in a business context, isn’t effective if no one is using it. In order to ensure employees adopt the use of a password manager, it must be intuitive and easy to use.
A great password manager is:
Efficient: must be able to be used to complete tasks quickly and easily
Effective: should help users achieve specific goals
Engaging: the UI (User Interface) and UX (User Experience) should be pleasant and satisfying to use
Easy to learn: simple enough to be picked up and easily understood without deliberate effort
Error tolerant: should be designed to prevent errors and help users recover from errors that do occur
Likewise, a password manager in a business environment must be usable cross platform and compatible with different operating systems and devices.
Simple Onboarding and Offboarding
A simple onboarding and offboarding process helps your organisation save time and money.
Likewise, when an employee leaves your company, it is important that your password manager has the ability to revoke their access to work related passwords and data. According to a SailPoint Market Report, more than 2 in 5 employees reported have access to a variety of corporate accounts after leaving their last job.
The report concluded that an efficient onboarding and offboarding process helps prevent some of the internal security risks with provisioning and application usage.
Administrative Controls & Monitoring
Your password manager should offer tools that enable you to oversee your employees’ use of the program. This means monitoring features such as dashboards, delegated administration, team sharing, role-based permissions, analytics and auditing.
These tools should enable you to enforce all organisational password policies and aid in regulatory compliance. It is however important to note that your password manager’s monitoring tools should not compromise the privacy of your employees.
Password Sharing
Password sharing is a very standard office operation. However, the methods via which employees use to share those passwords, such as email and internal chat programs, are not safe from hackers.
An enterprise level password manager enables employees to share passwords in a secure, convenient and efficient way. Administrative tools should allow you to share passwords on a temporary basis or with full access.
Likewise, these shared credentials should update automatically so that all other team members continue their access.
Security
Arguably the most important aspect of your password manager is security.
Be sure to utilise a password manager which uses a zero-knowledge protocol in its security architecture. This allows the employee full, exclusive control over the encryption and decryption of their data via a Master Password. This Master Password should never be stored on the password manager’s server or anywhere in the company’s network.
Additionally, your password manager should alert you and all employees in the event a data breach occurs.
eStorm recommends Keeper Password Manager!
eStorm is dedicated to enforcing the same cyber security methods we suggest to our clients. We use Keeper Business Password Manager in-house to protect our organisation against cyber attacks, safely share credentials, enforce IT security compliance standards, and promote security, privacy and productivity.
Learn more about Keeper Password Manager here and contact us for a quote or demo at [email protected] or 07 3120 0640.
