Could Password Management Have Saved Sony?

After news of the devastating hack that’s left Sony reeling, many companies are wondering what they can do to tighten up their own security and protect their business. Though details are still emerging, one fact is clear: Password management plays a critical role. Important passwords were stored in a document labeled “passwords”, and a compromised admin password may have given hackers the initial access to Sony’s systems. We want to take this moment to talk about how companies should protect themselves and their employees through Enterprise password management. For all the talk of the death of passwords, the reality is that they’re still a critical part of every company’s security structure and shouldn’t be neglected any longer. Now is the time to get a plan in place to protect the keys to your company’s kingdom, since your systems are only as secure as the weakest password.

Passwords on Spreadsheets are Not Secure

Companies that deploy a password management system are better equipped to help all employees remember their passwords, reduce the hassle of authenticating on a daily basis, and mostly importantly, better secure the company at every level. Even in a BYOD environment, LastPass Enterprise scales password management to secure all accounts, for every employee and team. When employees have the right toolset to manage passwords, they can comply with company policy and help the IT team in their security efforts. By implementing password management at your company, you can:

1. Centrally manage and encrypt passwords. Without a system for storing, administering, and sharing of passwords, it’s impossible to know who has access to what. By deploying enterprise password management, your team has a framework and toolset to address every aspect of using passwords. It’s one thing to ask employees to create strong passwords and force password resets, but it’s far more effective to give them a tool that remembers and generates passwords for them, then securely logs in to every website and service.
2. Mitigate risk with two-factor authentication. Multifactor authentication adds a layer of protection by requiring an extra login step before granting access to an account. By requiring a second factor of authentication, you can ensure that one compromised password doesn’t give someone access to the entire system. With a range of options available, companies can choose the one that fits best with their devices and work environment.
3. Tie specific actions to specific users. A password management system helps you track who’s accessed which accounts and any changes they’ve made.  Robust sharing features allow for easily assigning, reassigning, and monitoring company login usage across individual, functional teams, management, and the entire organization.
4. Enforce security standards. With dozens of configurable security policies, you can set requirements for your organization, like requiring strong master passwords and restricting access to certain IP addresses. Real-time onboarding and offboarding mean you can shut off access in an instant.
5. Make passwords an asset, not a liability. When employees have the passwords they need at their fingertips, productivity and efficiency go up. With a tool to remember, fill, create, and share passwords for them, employees don’t have to call the helpdesk to reset passwords, and their behavior can align with efforts to secure the organization.

Don’t cross your fingers and hope that your passwords are strong enough to protect your company. By getting started with a password management system, you can ensure your company has taken the right steps to truly protect your business’ valuable data.

Start a Free Trial