6 Things Your Customers Need from Their Password Management Solutions
With technical compliance guidelines (HIPAA, CJIS, PCI, etc.) becoming more strict and high-profile security breaches hitting the headlines, businesses of all sizes are looking for new security solutions. The result? An identity and access management (IAM) market that’s expected to be worth $10.39 billion by 2018.
Well, as a security nerd, I was thrilled about this shift. Finally, a focus on security. Maybe I could introduce a new client (or 10) to the wonderful world of password security. And I won’t lie. I had another recurring thought: cha-ching. I mean, $10.39 billion?
I immediately went to share my delight with some MSP and IT service provider friends, who I was sure would be as excited as me. After all, their services would be in high demand. I figured they’d be seeing dollar signs, too. But it turned out they were feeling more overwhelmed than anything.
Yes, they were excited about the opportunity in the market. Yes, they were happy to have new clients calling them for compliance help. And they knew a good password management system was the best place to start. But with so many password management systems on the market, which one should they go with?
Their concern was real. While service and technical knowledge go a long way, ultimately a smart and effective security software suite is what’s going to differentiate any IT provider or MSP in this new market. After all, no one individual is going to be able to manually manage the authentication and password protocol for a business—at least not successfully. Having a top-notch password management system in your toolbox—and knowing it inside and out—ensures that clients will view you as a valuable resource, an expert on compliance and security.
What to Look for in a Password Management Software Solution
So, what should you be looking for in a password management solution? A good software suite should make life easier for you and your client, with features that include:
1) Credential Management. Centralized password management is the key here. Your software should be designed for IT teams and not for personal use, allowing you to easily separate your own IT resources from individual clients, organize passwords, and enforce stronger password policy by using password templates that are customized to meet compliance/protocol guidelines.
2) Password Automation. A major pain point for many in IT security is manually removing a user’s access (erasing passwords and logins, etc.) when they are fired or separated from the company. Password automation should make this as easy as one click. Tasks like password expiration should also be easily automated. If you're using Powershell scripts, like AuthAnvil allows for, you can automate even more of your tasks.
3) Auditability. Auditability is an important requirement for compliance in many industries. Your software should generate detailed reports (by user, date, etc.) that can be customized to meet the compliance requirements.
4) Multi-Factor Authentication (MFA). MFA is quickly becoming the standard authentication procedure in business and beyond, and it’s imperative that your security solution offer an MFA option that’s effective, convenient, and affordable. With MFA, a user must present not only a password, but also another security “factor” before being allowed access to a system. Make sure the second factor isn’t expensive (fingerprint scan) or impractical (big hardware token). Clients like options that make their life easier, too, like a secure mobile app that generates a one-time user access code.
5) Single Sign-On (SSO). Speaking of options that make your clients lives easier...With SSO, a user is logged in to the system securely with MFA, then taken to a main portal where they can sign into any of their applications and programs with a single click. Because of the enhanced security that MFA provides, there’s no need for repetitive log-ins and password entries. The crème de la crème of password security- businesses love it.
6) Secure Remote Access. Remote access is a major issue for businesses, especially those who need to meet compliance guidelines or who have employees working off-site or on the road. The solution you choose should make it easy to work wherever and whenever, securely. Today’s advanced options allow for remote desktop auto-logins, where a one-time password can be changed automatically after use to ensure absolute security.