How a Password Vault Can Save Your Business from Itself

If you pass by a construction site where a new commercial building is going up, you can tell right away if it’s going to be a bank. While the work crews are still putting up the skeleton of the building, you can already see the steel-reinforced concrete cage that surrounds the vault on the ground floor. The security of the vault is created right from the start.

Unfortunately, data security for businesses often doesn’t work that way. Despite the best efforts of IT pros, managing user access and password security is often a haphazard process that grows and evolves over time, rather than being built from the ground up. The good news is, you can improve data security at any point by implementing a password vault to protect your users and your business.

A Password Vault — Because Sticky Notes Won’t Do

A password vault aggregates your end users’ passwords — and thus their access to apps containing sensitive company data — in a single, secure location. This improves your data security from the perspectives of both the end user and the IT system as a whole.

Your users probably want to do the right thing when it comes to network security. Typically, they understand the rationale behind establishing secure network access, using only approved applications, creating strong passwords, and all the rest of the requirements put forth by the IT department. But they’re also busy doing their actual jobs, so their sense of security tends to lose out to their desire for convenience.

No doubt you’ve seen employees with sticky notes on their monitors that put all of their critical app logins and passwords in plain sight. (Worse, the passwords they use tend to be laughably easy to break, as we’ve documented in our ebook “Top 10 Fascinating Facts about Passwords.”) If they’re really sneaky, they might write that information on a page that they “hide” in their desk drawer.

Far from maintaining good security, this is like hiding the front door key under the flowerpot on the porch. Locking up their passwords in a vault is a much more secure approach.

From the perspective of your IT team, a password vault brings order to the tangle of applications that companies — and individual employees — adopt over time. This has always been an issue in corporate IT environments, but the tangle has started to get worse in recent years, as more and more businesspeople have adopted cloud-based applications to help them get their jobs done.

Your IT pros have no choice but to deal with the risks that go along with that trend, even if those risks are created by accessing “unofficial” applications. That’s where the password vault comes in. By enabling your IT team to control each end user’s access to all applications from a single, secure portal, a password vault becomes a crucial part of your company’s identity access management (IAM) strategy.

How a Password Vault Works

When you’re implementing a password vault, each of your end users accesses their account within the vault, where they enter the login and password information for their various business apps. They only have to do this once; from then on, the vault itself is their entry point into any of the apps they want to use.

If the vault itself were less than secure, it would be risky to put all your eggs in one basket like this. But well-built password vaults use multifactor authentication to ensure that your users are who they say they are.

This type of authentication uses additional layers of user identification beyond a simple password to verify identity. For instance, the system might initially require a biometric identifier such as a fingerprint scan; a simpler approach is to use a text message to give the user a second passcode that must be entered within a few minutes of being received. Using multifactor authentication makes it extremely unlikely that hackers will be able to hijack any of your end users’ vault access.

So long as the password vault is Web-based, it’s easy for users to access their business apps from any computer or mobile device. At the same time, it’s easy for the IT team to determine which individuals are accessing which apps from which devices.

Vault into Being More Productive

From each user’s perspective, a password vault lightens the burden of data security. Once the vault is set up, you have a single portal that allows you to access anything you want, and you only have to remember one password to get to everything. Less time worrying about security means more time that end users can spend using all those wonderful apps to be productive in their jobs.

From an IT perspective, using a password vault creates a number of important benefits. For one thing, it makes it much easier to get new employees up and running securely using the apps they need.

Conversely, it becomes very easy to turn off access instantly for users who leave the company. In between, security follows users wherever they go, giving them easy access to what they need — while keeping everyone else out. The ability for your IT team to track who is using which application and when also makes their lives easier when it comes to reporting for auditing and compliance purposes.

All of this strengthens data security for your company. Now you’re not relying on well-meaning end users who think that hiding the key under the flowerpot qualifies as good security: no more passwords like “password123” scrawled on a note taped to the computer monitor.

The new, higher level of security follows your users around regardless of the device they happen to be using, whether they’re in the office, at home, or on the road. And your IT team is able to monitor application access 24/7 to make sure nothing goes astray.

Maybe your company didn’t build an ideal IT security environment from the ground up. That’s no problem: a password vault can help you achieve the data security you need today, no matter where you’re starting from.

Author

Chris Bartik runs customer acquisitions for CloudEntr, the cloud division of Gemalto’s identity and access business. Chris is a tech marketing veteran, specializing in start-ups, having built and managed marketing departments, strategies, and programs with software companies such as ShoreTel, CrownPeak, and Vignette (now Open Text).