5 Reasons Your IT Team Needs to Beef Up Its Password Management
by Daniel Waldman, on Mon 19 August 2019
Whether you’re a small business or a Fortune 500 multinational corporation, information security should always be a top priority. Just last year, billions of digital records containing personal information were stolen through data breaches, causing tens of millions of dollars in damages.
Today’s businesses rely on a wide variety of software systems to operate, and most are in the cloud. What’s more, most IT teams have to manage the access to those systems, not only for themselves, but for all employees, contractors, partners, etc. They also have to manage things like PKI certificates, database engines, network devices like access points, routers and switches, and other resources. To say it’s the amount of information they have to manage is overwhelming is an understatement.
Unfortunately, the more systems a business uses the greater the risk of having accounts and passwords compromised. All it takes is a breach of a single system and a company could face a major security disaster, putting it in danger of experiencing serious financial consequences and possible PR nightmare. In fact, approximately 60 percent of all small businesses that face a cyber attack go out of business within six months.
Luckily, technology can help! Enterprise password management software stores usernames and passwords, and other sensitive information that is mission-critical. Some systems, like our own PassHub.net, can only be accessed through strong multi-factor authentication using WWPass PassKey. This provides passwordless access to your secured vault, but also can act as an authenticator to access a variety of other systems that use WWPass authentication technology.
Your team may already use a password management tool, but here’s why it’s probably not the best password manager for small business and chances are you need to upgrade it to one with beefed up security and advanced features.
1. Your IT team manages an overwhelming number of passwords
As the well-known venture capital investor Marc Andreesen once said, “Software is eating the world.” Because of that, nearly everything these days requires a password to access. While security is certainly a top priority for all businesses, the result is that most IT departments have to manage a HUGE amount of passwords. This includes usernames/passwords for software used to run the business (email, accounting software, personal computers, time tracking, etc.), but they also often have to manage access to a wide variety of non-web resources, such as routers, private servers, switches, etc. Too often, these are tracked and shared using highly insecure methods such as spreadsheets, text documents or even post-it notes.
Unfortunately, the more passwords an IT department has to manage and track, the greater the risk of them getting hacked or stolen. Or, if a password manager is used, it’s often not secure enough, such as when it includes a formfiller (which are themselves highly insecure). What’s more, many password managers for business don’t offer client-side encryption, where system admins have access to every user’s password, opening up further risk of insider threats.
Having a password manager for teams that dramatically reduces all these risks is essential.
2. Your IT Team needs to securely share login credentials
It’s not enough to be able to store and retrieve passwords security. It’s often the case that teams need to share login credentials and access mission-critical systems from anywhere at any time. But that’s par for the course when it comes to password managers for IT teams.
What this doesn’t necessarily account for is insider threats--when a team member “goes rogue” by accessing information that they shouldn’t.
Luckily, this is resolved with password managers that offer granular control over who sees what. For example, let’s say an IT team has three tiers of employees: C-suite, middle management, and standard employees. There might be some systems that should only be accessible to the C-suite and/or middle managers, but not to standard employees. Passwords and files can be organized in safes (PassHub’s term for sets of username/password records, notes and files), and employees can be granted access only to the safesthat they are authorized to access. A fourth category might even exist for contractors (see below) or clients, granting access to them only on a need-to-know basis. To be an effective password manager for companies, your employees, managers and contractors really need to be able to use this kind of granular access to share only the minimum information needed and only with those who truly need to know.
3. You use contractors
Many businesses rely on 3rd party contractors to perform consulting and tasks essential to the business’ daily functions. But contractors tend to come and go, and giving them even temporary access to some of your company’s most crucial systems presents a potential security risk. Any accounts they have access to should have the password reset once they complete their work, of course. Using a password management software for business dramatically simplifies the process.
Contractors’ access can be granted and revoked by a system admin, and their access to systems can be made very granular so they only can see what they need to do their jobs—and nothing else that might be sensitive. Once they’ve done their work, their access can easily be turned off.
What’s more, it’s essential for a password manager to be able to track changes. This ensures that supervisors can quickly and easily find out who made a change, and when it was made, when the person logged in, etc.
4. Your helpdesk spends too much time resetting passwords
Resetting passwords is probably one of the most hated IT helpdesk tasks. And while some password reset functions can be automated, it’s often necessary to talk to a human being to have it done. This is especially true for systems or services containing sensitive information where the user might need to verify a few important details.
What’s worse is that this function is not only a waste of time, but also a waste of money. The more time IT pros spend doing password resets, the less time they have to spend on more profitable tasks. Not to mention the lost productivity of the user.
Business password management software is an ideal solution for this, however, especially if it offers access to systems without passwords. When users have an access key (virtual or physical), then they don’t need to remember passwords. And if they don’t have to remember passwords, they never have to reset them! Imagine the cost savings and productivity boost your business could experience if no one ever had to reset a password again!
5. Your employees won’t use strong passwords
Let’s face it: Humans are not very good at choosing strong passwords. In fact, a list of the most commonly hacked passwords include things like “123456,” and “password.”
To be fair, most people won’t even remember a strong password, much less chose choose one. What’s more, they likely will use the same password for multiple systems, which only increases security risk should that username/password combo get into the wrong hands.
A password manager for companies, however, can create strong passwords and store all of them, so the employee only has to remember one to log into all their systems. Better yet, using a passwordless system like WWPass PassKey, they don’t have to remember any passwords at all!
How PassHub can help your IT team
Are you looking for a password manager that can handle all the above challenges without breaking a sweat? We created PassHub for Business to help IT teams be both more secure and more efficient. We can help your team reduce complexity and avoid potential risks, all while using industrial strength security. You can also have it as a self-hosted product. Best of all, you can try it for free! Learn more at https://passhub.net/business.html.