Connect with us

Technology

Five tips for choosing the right password manager for your team

Five tips for choosing the right password manager for your team 1

By Gary Orenstein, Chief Customer Officer at Bitwarden, open source password manager for businesses and individuals

Digital financial services adoption, like online banking, has skyrocketed over the past decade, with consumers favouring them for convenience, speed and efficiency. But with most online conveniences comes a notable concern: security.

Financial information is among the most sought-after data by hackers. Once stolen, they not only comb through it for valuable insights, but also have a variety of ways to monetize the data; including fraudulent online purchases or selling the data on the dark web for as little as 50 cents, according to Kaspersky. The research also found financial information is still as in demand as around a decade ago.

As a result, banking organisations now recognise the importance of cyber security as a top business priority, specifically how to combine cutting-edge technology and industry best practices to protect their consumer’s financial information. But with scams becoming increasingly sophisticated, problems still often arise — mainly as a result of employees’ poor cyber hygiene habits seeping into the workplace. This is now magnified with the majority of industries being forced to work virtually due to the COVID-19 pandemic.

Poor cyber habits in the workplace

Research by the NCSC highlights that people are still choosing weak, hackable passwords, even within the workplace. However, this comes as little surprise given the amount of information employees need to retain in an ever-growing digital world. For passwords to be secure, they need to be complex and unique for each system or service being accessed, making the information much harder to remember.

The risks of cyber breaches are made even greater by employees still failing to spot basic phishing scam – as part of their increasingly targeted campaigns, hackers may use information about employees or the company to make their messages even more persuasive and realistic for their victims.

Therefore, given the range of different potential cyberattacks, successfully defending an organisation requires a multi-layered approach. The adoption of password managers, alongside traditional security measures, can significantly reduce the occurrence of cyber breaches within banking organisations.

Password managers work by providing employees with strong, unique passwords for all the applications, accounts and systems they access. Organisations can create password policies to ensure passwords are not reused and minimise the risk of employees using weak and vulnerable passwords.

Most password managers are easy-to-use and can be integrated into workflows without disruption. With that in mind, we’ve put together five tips for picking the right solution for your organisation.

Think of the user experience

Selecting the right balance between usability and security is vital. Good password managers should serve all employees, regardless of technical expertise. Solutions that fit existing workflows with cross-platform capabilities across a range of operating systems, browsers, and applications provide easier integrations.

Choosing a password manager that uses biometric logins and two-factor authentication options also adds an extra layer of security. With these capabilities in place, banking organisations can secure credential management for all employees.

Ensure ownership of data

Organisations should choose a credential management system that offers deployment flexibility. Some banking firms, depending on location, must meet regulatory standards for hosting data. Choosing a password management tool that offers cloud, private cloud, and on-premises hosting gives the organization more options for data oversight.

Look for an end-to-end encryption model

Banking firms need to ensure complete encryption of all data when choosing a credential management system. Starting with a tool that uses end-to-end encryption sets a foundation for a secure architecture. To ensure data is protected, everything needs to be encrypted — starting as soon as it enters into a client application.

Additionally, data should be encrypted in-transit (between the application and server) and encrypted at rest.

Place value on open source and third-party audits

Open source solutions allow the community to regularly examine the source code, understand its operation and identify potential vulnerabilities in software. Working together, potential security risks are identified and remedied sooner.

Firms should look for password managers that have been audited by third-party professionals; as a general rule – if security pros are using the product, it’s a good one!

Pick your own controls

No bank is the same, so being able to customise configurations means organisations can choose the right security tools for their team. Enterprise policies include the ability to select add-ons such as certain password requirements, two-factor authentication, and login path selections for users.

When employees are left to choose their passwords without guidance or effective tools, it leaves organizations open to bigger security problems. A password manager can ensure employees are armed with the right tool to guard against bad password hygiene and ultimately leaves your organization safer.

Editorial & Advertiser disclosure
Our website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.
Global Banking and Finance Review Awards Nominations 2021
2021 Awards now open. Click Here to Nominate

Recommended

Newsletters with Secrets & Analysis. Subscribe Now