Password Manager Checklist for Your Business
Check out the recent CBC Interview with CopperTree Solutions, outlining key password tips for you and your business: https://www.cbc.ca/news/how-to-keep-track-of-all-those-unique-passwords-and-prevent-hacks-1.5017451
Having employees use unique, strong passwords for online accounts is crucial for your companies’ security strategies. We know how creating and memorizing numerous strong passwords can be challenging. Most security experts recommend businesses use password managers. With a password manager, employees only need to create and remember one strong password — the master password — which is used to open the tool. Once opened, employees select the account they want to access. The password manager will then retrieve the account’s credentials from a repository. All credentials in the vault are encrypted. Below we address three important key items to assist:
Passwords Storage Options
Some password managers store passwords in the cloud, whereas others store them on the local computer’s hard drive. If your employees use multiple devices at work, having a cloud-based vault might be preferable. Employees will be able to access their login credentials from any computer or mobile device that has an Internet connection. Plus, employees won’t lose all their passwords if they loose their mobile device.
While convenient, some people are uncomfortable with storing passwords in the cloud because they have to rely on someone else to keep their employees’ passwords safe. Data breaches do occur. An example, OneLogin’s databases were hacked in 2017. If you are uncomfortable with cloud-based vaults, you can use a password manager that stores the vault on your local computer’s hard drive. No matter where you want employees’ passwords to be stored, you need to make sure a strong encryption standard is being used to encrypt them. Ideally, the password manager should use the 256-bit Advanced Encryption Standard (AES).
Password Manager Must Be User Friendly
The password manager you choose needs to be easy for employees to use, so they use it.
Besides having an intuitive interface that doesn’t take hours to learn, the password manager should have a random password generator. That way, employees can quickly and effortlessly create unique, strong passwords for their accounts.
Another user-friendly feature is an automated password changer. It can automatically change employees’ old passwords to new strong ones on websites that support this capability. This works best for the initial rollout of the password manager, as employees likely have many passwords to change at that time. Individuals who are responsible for administering the password manager should also find it easy to use. Having an administrative console that has central management capabilities can save them time and hassle.
Additional Security Measures You May Need
Business-grade password managers offer a variety of security measures beyond password encryption including:
- Support for two-factor authentication
- Employee-initiated password assessments (discovers any weak or reused passwords in a vault, which is helpful if the vault includes employee generated rather than random password generated)
- Ability to track password usage companywide and generate audit reports
- Automatic closing of an employee’s vault when the person’s device is idle for a certain amount of time
- Built-in VPN (adds another layer of security and privacy when logging in to HTTP and HTTPS sites)
- Ability to configure and deploy password policies
Need help with your company’s IT planning & cyber protection? Let us help get you started with IT planning items to consider and how IT Services can assist.
CopperTree Solutions can help secure your business. Ask us about our security assessments.
Serving clients large and small, in Kitchener, Waterloo, Cambridge, Guelph, Stratford & surrounding areas.
Call 519-804-2461 or Colin.Shantz@ctsol.ca