Hate Password Security? So Do Your Customers
For many MSPs, passwords are a double-edged sword. On one hand, they provide some serious job security—clients are always looking for help with password management, and with tighter authentication standards becoming the norm in every industry and market, they’re only going to be looking for more help.
The other side of the password security coin? The “I hate passwords” factor. It’s a simple fact: most MSPs dislike some of the complications that arise out of passwords. I know this because I have been an MSP, and I dealt with some of those same issues.
As a service provider in charge of my client’s password security, I felt like I was fighting a losing battle. Trying to meet compliance standards and manage password protocol on my own felt impossible. Trying to enforce password policies was actually impossible. Even after a company training on the importance of password security, I would still see employees with password Post-its on their cubicle wall, or overhear the sharing of overly-simple (“Password1”) passwords and logins.
(Related blog post: the 5 most common failings of password security)
The clients knew that password best practices weren’t being followed. I knew it, too—but there was nothing I could do about it. Still, the threat of our network being hacked didn’t sit well with me at all. I considered the password issue a real problem—and an inconvenient one. Constant password reset requests haunted me at all hours, and should an employee get fired, I had to scramble to manually remove their access to programs. Even with a basic password management program, many tasks (like password expirations, etc.) couldn’t be automated, and there was no centralized system to see who had access to what. I was determined to find a better solution.
I wasn’t sure where to begin, so I started by talking to people in the office. Almost immediately, I came upon a revelation: They hated passwords, too.
You’re Not The Only One
The same “password guilt” was keeping them up at night, especially after my trainings on password security. They didn’t want to put their company in danger of a security attack, or risk having their client’s sensitive information (credit card info, etc.) stolen. But they had problems of their own.
Every day, many of them had to enter dozens of logins to access the programs they needed to do their jobs. Especially with many of their programs now being cloud-based applications, the logins were, as one office worker put it, “Just, like, never-ending.” The idea of creating complex unique passwords for every login and changing them every month or so was unfathomable to them, as it would be to my client, who would surely see it as a waste of time.
Gaining a greater understanding of password security from the employees’ perspective gave me a better idea of the type of solution I needed. I knew it would also give me some ammunition when it came time to convince my client to invest in better password management software. After all, no business owner wants to put their company at risk of a security breach scandal. But nobody can afford to have their employees wasting valuable company time with inconvenient repetitive login procedures, either. I knew that if I could present them with a real password management solution, it would be a win-win.
Honestly, I didn’t realize how much of a “win” it would be for me.
With a centralized, comprehensive password management suite at my side, I approached my clients in hopes of just piquing their interest. The response was overwhelming. When I showed them how an advanced security suite could make their day-to-day operations much more secure, they were very interested. But when I showed them how its convenience could improve office productivity, they were sold.
Suddenly, armed with the best tool on the market, I was a password management expert. My clients saw me, and this cutting-edge system, as invaluable. It not only made my job easier, but also provided me with another market and revenue stream: reselling the software. It quickly became clear to me that business of all sizes and types were in need of what I had to offer. I saw opportunity everywhere.
Password security, once my arch nemesis, had become my greatest cash ally.