Page 20 - index
P. 20
Avoid Password Pitfalls
How to Steer Clear of Headache-Inducing Enterprise Password Management Problems
By Rod Simmons, Product Group Manager, Privileged Account Management, BeyondTrust
Password protection – in conjunction with effective privilege management – is often the first line
of defense for an organization’s intellectual property, business-critical servers and assets, future
plans and financial data. Therefore, it’s critical for organizations to be aware of password best
practices and the different routes a company can take to ensure security.
Leveraging complex, frequently updated passwords is a basic security best practice for
protecting privileged accounts in organizations. With that being said, it appears organizations in
the private and public sector still don’t take this message to heart. Last year, two out of three
data breaches tied back to poor password management. The fact of the matter is that not all
enterprise password management strategies are created equal, making it critical to examine
your organization’s current solution and process to identify common pitfalls. If you’re still
managing shared passwords in spreadsheets, notebooks, or in physical lock boxes, you’re
sitting on a ticking time bomb. Whether you are tackling your password problems manually or
have a technology solution in place, there are several factors to consider when improving your
overall password protection.
For organizations that choose to forego privileged password management solutions, the biggest
danger employees pose to their companies is their lack of commitment to update their
passwords regularly. Privileged employees with access to certain files become the gatekeepers
and can distribute access to whomever they wish—effectively vaporizing security protocols.
Additionally, when a privileged user leaves the organization, they don’t magically forget their
passwords. In cases like these, former employees that still retain privileged access are able to
move around their former employer’s network, either for innocent or nefarious purposes, unless
they are manually revoked.
If your organization is ready to move to an enterprise password management technology
solution, it’s important to understand just how many components will be needed for installation,
configuration and general management prior to sending in your purchase order. Considering the
complexity of some deployments, it is in your organization’s best interest to find integrated
password management solutions that are easier to implement and maintain, requiring only a
couple appliances for high availability and minimal professional services – even for large
deployments.
Considering the rate of business growth and infrastructure complexity, employees creating
unique passwords often challenge IT Administrators. Many enterprise password management
solutions out there require IT Administrators to rely on Active Directory or manually input new
accounts for management and change passwords after every employee departure. This method
is not only a drain on productivity, but isn’t adequate for managing standalone accounts,
20 Cyber Warnings E-Magazine – October 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
