August 28, 2018
What to do about Password Storage
August 28, 2018
What's wrong with our current password storage?
We store our passwords on sticky notes, on our phones, and in Excel… We all know we shouldn’t do it, yet we all know we’ve done it. But why are we so guilty of continuing to use solutions which were never intended to be a password management solution?
IT administrators and IT security professionals understand that it is not best practice to use these solutions as a means of storing and tracking privileged accounts and passwords. However, to some, it is the most viable option. Often, there are many barriers which prohibit IT professionals from using more sophisticated platforms to manage their passwords; some include budgets and departmental priorities that put privilege user management on a low priority list. It is not just those who work in IT who are guilty of incorrectly storing their passwords, but all employees.
For some individuals, the step up from a sticky note to Excel is already perceived as a step in the right direction, but there is more we can do! Yes, Excel is a brilliant tool for calculations, but not so much for storing passwords. That is because Excel was not designed with security in mind. Storing passwords in Excel greatly increases the security risks for your organization.
Given the common attitudes that many have towards storing passwords in Excel and the availability of the platform, in addition to its primary use of holding sensitive information, Excel is a prime target for hackers to access privileged accounts. Storing passwords in this application can create highly unnecessary risks for your organization and is ultimately an inefficient and dangerous tool for managing and securing passwords.
So where can we store our passwords then?
There are many options on the market to explore that offer basic password protection. However, in the instances of privileged users, it is advisable to look at more sophisticated solutions. There are purpose-built solutions that have been designed and are being employed specifically for this. Privileged Account Management (PAM) security solutions enable you to conduct your daily business knowing that your sensitive credentials and passwords are secured and protected in a vault, away from the prying hands of hackers.
We all know that inadequate securing and managing of passwords can pose serious security threats for organizations, but it is agreed that budgets and departmental priorities often do not allow this. However, if we look into available solutions on the market, there are many password management solutions that are both affordable and easy to deploy.
You can use this Gartner comparison tool to see which applications are the best Privileged Access Management solutions on the market.