As a sophisticated company, you likely already have Single Sign-On (SSO) in your IT stack that streamlines access for employees, while locking down and securing access for IT. However, as Forrester notes in their new report on Enterprise Password Management, passwords are still the most common form of authentication and SSO simply doesn’t cover all sites (and passwords) that are being used by employees.
To fill in this gap, Forrester found that many of their clients are building an Identity and Access Management strategy that not only includes SSO and multi-factor authentication, but also password management that improves the login experience for employees while containing password-related risks.
This is the case at Yelp, a software company out of San Francisco, that recognized SSO wasn’t securing all credentials that employees are using, and sought out a password manager to gain control over those passwords, without impacting the employees’ access.
“We put as many systems and applications as we can behind our identity provider, but our employees are always going to have separate credentials or shared accounts for various tools that may not support SSO,” said Bryan Shields, Engineering Manager at Yelp.
“We realized the importance of offering a secure password management solution to store and share those credentials, which led us to LastPass. If you don’t provide a password management solution, people are going to find their own ways to store passwords which may not be secure and put your company at risk.”
Companies like Yelp and others that employ both Single Sign-On and a password manager are addressing the gap of apps and web services that are not supported by SSO. By layering in a password manager that controls these outliers, IT is able to enforce security controls and enable secure password sharing between employees and teams. Password managers, like LastPass, also allow for the separation of work and personal logins in a way that’s easy for the employee, without interference from the company.
Read the new Forrester report
The report, titled “Best Practices: Selecting, Deploying, And Managing Enterprise Password Managers,” recognizes the ‘password chaos’ that exists and the reasons for it. The report notes the high volume of accounts that employees need to manage, plus the reality that SSO and IDaaS solutions simply do not cover all passwords required in an employee’s workday.
The Forrester analysts go on to provide guidance for businesses on how to quantify the risks that passwords present. With an accurate picture of the problem, IT teams can justify the investment in an enterprise password manager (EPM) as part of their security stack.
Download and read the new report where Forrester analysts cover this topic and more, including:
- How businesses can mitigate poor password behavior
- How to quantify password costs to justify investment in an EPM solution
- What to look for in an EPM solution, including Forrester’s guidance for selecting a vendor