With the possible exception of IT personnel and CSOs, when most officers in an organization hear the term “Enterprise Password Management” they think “why should I care?” To them, enterprise password management software and self-service password reset software are like the unaccredited, red-shirted crew members on the USS Enterprise who inevitably serve as Klingon-fodder — it’s there, but not something worthy of their attention.
But while the gadgets, gizmos and flashy apps are the “Kirk, Spock and Mr. Sulu” of the technology world, the fact is an organization cannot survive in the world of modern business, where hackers lurk around every corner, without good old fashioned discretion and the historically mundane technologies of enterprise password management.
Mere discretion may not be enough, though, when it comes to an enterprise password management plan. Organizations as large as Sony and LinkedIn learned the hard way last year that just allowing people to set their own passwords to something they can easily remember leaves the entire enterprise at risk. Conversely, though, if password reset software sets passwords that are too complex, a Help Desk could get overwhelmed with requests for active directory password resets.
What organizations need is a “Star Date” approach to enterprise password management enforced.
- Star Date 1 — Avoid Human Password Weaknesses: Users will trade network security for convenience by choosing simple and easy-to-remember passwords, even if a strong written policy is in place. Sony and LinkedIn last year had 1.4 million passwords stolen because of poor password management practices. Organizations need to establish strong active directory password reset policies that reject passwords that contain things like common words, palindromes, proper names (particularly the user’s name) and simple numeric patterns in favor of passwords that use upper and lower case characters, special characters and numeric characters.
- Star Date 2 — Don’t Go Over-“Borg”: While the password needs to be necessarily complex, it should not be so complex that users constantly forget their own passwords. Publish a password policy and utilize tools that help users easily meet the policies you automatically enforce. With this, a user is notified of what is needed to create a strong password should the one they enter fail the policy. This feedback should be detailed and give the user the necessary information to create their own passwords — ones they can remember — to meet the network policy.
- Star Date 3 — The Needs of the One: Self-service password reset allows users to securely reset their forgotten passwords, unlock their accounts or reset their RSA SecurID PIN in a matter of seconds without burdening the help desk with active directory password reset requests. This eliminates the cost, time, and support overhead of intrusive desktop solutions by managing passwords at the domain controller.
- Star Date 4 — Rendezvous with the Fleet: Employing password synchronization ensures that passwords across all applications and systems to which that employee has access are the same. The administrative benefit is only one password for each employee needs to be remembered. From a user perspective, most users are more likely to accept one complex, hard-to-crack password than several, even if they are easy because it is considerably more convenient to only need to remember one password.
- Star Date 5 &mdash Shields Up: Encryption may not be a characteristic of enterprise password management software, but organizations can certainly make their passwords more effective by encrypting all data before it goes over the network. Also, encryption and secure one-way hashing of personal employee enrollment data provides increased security and privacy. End user identity verification is systematically applied through all self-service password reset software interfaces.
By embarking on this five-tier mission, organizations will allow their employees to seek out new ideas and new innovations, while preventing hackers from boldly going where no hacker has gone before.
To learn more about Avatier’s enterprise password management software, please click here to read about the benefits of the All in one self-service password reset and automated password reset tool.
Watch Avatier’s videos on password management:
Learn the Top 10 Password Management Best Practices for successful implementations from industry experts. Use this guide to sidestep the challenges that typically derail enterprise password management projects.