Get a Password Manager
Cindy was at her wit’s end. She had been the office manager of her firm for over 20 years. And in all this time she was never so frustrated with something she considered so dumb ever. She needed to make a change to her company’s internet provider service. They needed to expand the account. Normally her IT consultant would assist her with vendor management, but this was a situation they couldn’t assist her with.
You see, Cindy was not authorized to make changes to the account. The only person who was able to make changes to the account hadn’t been an employee there for over 5 years. The bills were always paid by check. And no one had ever tried to log in to the account website. No one even knew what email the account was established with. Only later determined it was a personal email and not a business.
It took several months of finding a physical location and getting cards in the mail (that had short expiration dates) before Cindy was finally able to wrestle control of the corporate account into her name and add other authorized users.
If Cindy’s company had a central password management tool in place, this and many other potential cybersecurity issues could be outright avoided or risk significantly reduced.
I’ve seen similar stories like this play out in businesses of all sizes for years now. It’s pretty simple solution to a pretty common problem.
In this article, we’ll explore 6 reasons why your company needs a password manager.
Simple passwords are child’s play to crack these days. A password manager can assist with creating complex passwords, longer lengths, unique for each account, and you don’t have to remember them. Having unique passwords is critical to isolating systems. And people don’t have to create a notebook or sticky notes everywhere to remember them.
Simplify Passwords Management
Someone typically only has to remember a single master password. Best uses for this include long phrases such as “TheBlueBallwasbouncingdowntheStreetin2023”. Longer phrases are easier to remember and harder to crack. I tend to throw in symbols and numbers in my still. Not replacing the letter E with a 3, but something else that makes sense but is easy to remember.
So many services that we all use are independent and in the cloud. It can be very time-consuming to log in to all of the software used day in and day out. Using a password manager makes it easy in a click or two for logging in. And less time wasted on forgotten password retrieval.
How many times have you reset a password only for it not to work on the very next attempt? A password manager can essentially eliminate that frustration.
Reduce Password Related Costs
Hands down the most common tech support requests involved account access and password management. A password manager can dramatically reduce the overhead cost to IT on simple password-related requests and focus on more critical needs. Additionally, the time lost by employees waiting for an account to be reset is virtually eliminated.
Meet Compliance Requirements
Different industries have different data protection regulations and requirements. Healthcare has HIPAA, finance has PCI, and Government contractors NIST 800-171 (at some point CMMC). Companies can face penalties for not adhering to these cybersecurity frameworks. Password management makes up key elements for each one of them. Using a password manager can help companies meet these compliance requirements by providing another layer of security that protects sensitive information from unauthorized access.
The Lost Employee
Circling back to my story with Cindy. Everyone in your organization is a trusted member that has access to key components of the company. If a tragic accident occurs, an employee leaves, or fired. You may not know for some time all of the accounts that they solely have access to. I have personally seen this more in small and midsize firms that only have a single resource for certain job types. And I’ve definitely seen this if a key person has left a technology department that had the only admin access to a system.
BONUS: Family life
I don’t know how most families handle their home finances. But many friends, including mine, one person manages all of the bills. If something happened to me, I need to know for certain that my wife could access all our most important accounts. That she could pay the mortgage, figure out the insurance, and pay the utilities. A password manager makes it easy for me to share those accounts with her. She can take over in an emergency situation without missing a beat.
Using a password manager is critical for businesses that value security, productivity, and cost-effectiveness. A password manager enhances security by generating strong and unique passwords for each account, simplifies the password management process, reduces, password-related costs, and helps meet compliance requirements. If your company hasn’t implemented a password manager yet, it’s time to consider doing so.
Personal Note: As a virtual CIO, I am technology agnostic. Meaning no size or solution fits all. Lots of companies try to believe that, but it’s simply not true. So I won’t give you a blanket recommendation for a password manager for your business. But for personal use, I use Bitwarden. 1Password also comes highly recommended. I would avoid LastPass at this stage due to its numerous security issues and lack of transparency.
John Barker is a Stafford, VA resident who is a technology and cybersecurity consultant at Virtual CIO Agency with over 25 years of experience. He also serves on Stafford County Schools’ Technology Advisory Committee and is part of the Cybersecurity Forum Initiative (CSFI.US) research team. He has regularly contributed to InsideNova and, starting in 2023, the Free Lance-Star (Fredericksburg.com). John enjoys spending time with his wife Erin, dog Rocket, and cats Dash, Trip, and Nibbler. He is an avid weightlifter and holds a private pilot’s license.
MBA | CISSP | PMP