What About Corporate Password Managers?

Standard

Following up on Wednesday’s post Why You Need a Password Manager, let’s talk about corporate password managers.  These are systems designed for use within a company, to manage the passwords across the enterprise.

Some of the password managers I mentioned in my Wednesday post also offer a business version, that allows you to share and manage passwords across groups of users.  Corporate password managers are a little bit different as they are typically geared more toward the IT user, not the average business user.

I divide corporate password managers into two categories, those for use within corporate IT departments and those for use by Managed Service Providers (MSP’s).  These are organizations, like Internet & Telephone, LLC, who provide IT services to their customers.

The features are designed for these environments and include all the basics you would expect from a robust password manager.  When I evaluate products like this, I look for several key features, among them appropriate encryption, identity management, user assurance auditing, change tracking, secure deployment and discovery, compliance, access control, least privileged access, self-service password reset, automatic password rotation, automatic password injection and more.  It all depends on defining your requirements and finding the solution that meets your needs.

In terms of my business, the solution I prefer most is Passportal.  This was built from the ground up by an MSP who understood the requirements most other MSP’s would have.  It also allows MSP’s to offer the service to their customers.  I find the feature set of Passportal to stand above the competition.  Consider this list of features:

Passportal.jpg

  • 1-Click Website Logins
  • Drag & Drop Data Imports
  • PSA Integrations
  • Multi-Factor Authentication
  • Personal Password Vaults
  • Role-based Permissions
  • Active Directory 2-Way Sync
  • Password Generator
  • Mobile Optimized Access
  • Password Data Analytics
  • Prebuilt Reports
  • Global Search
  • Co-Managed IT Password Collaboration
  • Password History Retention
  • Technician Disable Workflow
  • Password Rotation Management
  • Client and Password Access Requests
  • Windows Directory Services Control
  • Custom Security Groups
  • Temporary Access Rights
  • Scheduled Automated Data Exports
  • White Labelled / Rebrandable

Other worthy corporate solutions include BeyondTrust, ManageEngine Password Manager Pro and Thycotic to name just a few.

If you want to be absolutely, positively certain as to who accessed what password when and who used what password when and where, a corporate password management solution is a must.  Otherwise, you are simply leaving it to chance and trust that none of your employees will misuse a password or worse.  In today’s world of nearly daily breaches and cyber security issues, I believe these systems are a must in order to keep your passwords safe and in control.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s