Small and medium businesses (SMBs) face many of the same security challenges as their larger counterparts, yet they must often work with leaner budgets and do more with less when setting out to achieve their security goals. Password management is one area in which SMBs can make a positive impact, and it matters more than ever now that so many of employees are working remotely. With that in mind, here's a look at the current state of SMB password management adoption as well as what SMBs want from a password management solution.
Today's SMB password management landscape
Small and medium businesses are in a transitional phase when it comes to password management and adoption. Some SMBs are already up and running with password management tools, likely because they've come to appreciate
the role of security in the work-from-anywhere world and expect that password security will remain important to their businesses going forward. Others are just beginning to look at password management solutions, however, perhaps only recently discovering the importance of password security during the COVID-19 pandemic.
According to recent research from LastPass, 46% of SMBs already have password management place and 33% of them are currently evaluating password management tools. There are some interesting trends when it comes to size, region, and industry, however. SMBs that have 25-100 employees are more likely to express interest in password management than larger organizations that have 101-250 employees. Businesses based in the United Kingdom, France, and Germany are especially keen to evaluate password management tools, and companies in the IT sector are particularly motivated to explore password management solutions.
SMBs consider password management their top priority compared to the other identity and access management (IAM) solutions that are currently available. Password management consistently ranks as the most important IAM technology, with 51% of respondents listing it as their first priority by far. Just 15% of organizations said that single sign-on (SSO) is their top priority, while nine percent each listed multi-factor authentication (MFA) and privileged access management (PAM) at the top of their to-do lists.
What SMBs want from a password management solution
Considering the growing importance of password security to SMBs, it's worth looking at what they want from a password management solution. Simplicity is key. 35% of SMBs say that ease of use for employees is either extremely important or important. This makes sense given how many employees experience cognitive dissonance when it comes to password security. Although employees know it's important to have proper password hygiene, following through is often difficult — and user-friendly password management tools can help them overcome the hurdle.
40% of SMBs, meanwhile, feel that admin controls are extremely important or important. Without a streamlined
admin console, an IT team at a small or medium businesses will have a much more difficult time guaranteeing proper password security across the organization. SMBs also want to see strong reporting capabilities in a password management tool, perhaps because they seek better insight into the current state of password security within their companies while work from home arrangements are still in effect. Small and medium businesses also care about the number of policies available with a password management solution, indicating they want more granular options for ensuring proper compliance.
SMBs also value interoperability. 35% of them said it was either extremely important or important that a business password manager integrate with their existing IT environment. This might be due in part to the fact that so many of the organizations currently considering password management tools are in the IT sector, but it also reflects a desire for simplicity and ease of use. SMB IT teams need solutions that streamline their work instead of increasing their administrative burden, and password management solutions that integrate with their existing infrastructure can provide additional value in this way.
Lastly, 30% of SMBs reported that dark web monitoring is either extremely important or important to them. Since newer cyber attacks such as superbreaches are on the rise, combined with an uptick in credential stuffing attacks, SMBs are right to highlight the importance of dark web monitoring. With this feature, an organization can discover when any of its employees' passwords have appeared in a data breach on the dark web. This heads up gives employees precious time to reset compromised passwords, slamming the doors on any cyber attacks who might try to access their accounts.
SMBs are taking a closer look at password management
Almost half of SMBs are already using password management tools, and roughly a third of them are currently evaluating password management solutions. When considering
how to choose a password manager, these companies are prioritizing ease of use for employees and administrative controls for their IT teams.
As they do, they are looking for password management solutions that will help them improve their overall password security without exacting an administrative burden or requiring their employees to navigate a tricky learning curve. A business password manager can help SMBs do exactly that, mitigating risk while helping employees stay productive.