The importance of adopting mature password management practices is well understood across the IT industry, yet some organizations are still to commit time and effort in maturing in this area. One of the contributing factors delaying the adoption is functional requirements are not always clear when the evaluation process for Password Management Software begins.
As an aid to choosing your own Password Management Software, please use the following functionality as a guide.
Multiple User Password Sharing Probably the most essential elements of Password Management is ensuring all employees who work on exactly the same IT systems can effectively share the passwords utilized to secure IT systems. An enabler for teams of people sharing passwords is the platform on which it is run on. Because of its nature of multi user sharing, an internet based platform for discussing passwords is among the most suitable and flexible choice, and definitely the simplest platform to set up improvements on.
Traceability As people start to share passwords, its important you know which users are making changes to which IT systems. Not only is this required for regulatory compliance in some countries, but it's important a full audit trail is maintained so any issues which may arise can be discussed with the individuals who made the change. As passwords are added, updated and deleted from the system, information about the change, the person who made the change and details of which computer the change was made from should be recorded.
Historical Password Records It is not uncommon for password details to generally be updated inside the password management software, then again not modified accurately across all IT systems in which the passwords can be applied to. This can end in devices turning into unavailable to users, or prevent devices managers from logging on to key business systems or servers. If this was to happen, it's quite crucial you'll be able to review previously recorded passwords for these systems, so you can revert back in the password value if necessary.
Granular and Flexible Permissions Not all IT professionals require the same level of access to password records as each other. Some users will require administrative rights, some may only need to have modify rights, and some users only need to be able to read the password records without the ability to make any changes. Similarly when administering your password management system - you may want different delegation models for who can make certain system wide changes. Ensure you consider this type of flexibility when choosing your password management software.
Promote the use of Strong Passwords How often do users use passwords which are easy to remember, or use the same password across multiple systems - unfortunately it happens all too often. Your password management software should be able to educate your users on how to use strong and complex passwords. It should provide a password generator so your users don't need to think of complex passwords, and there should be no reason for them to try and remember the passwords as you have a capable system for them to store them in.
Multiple Authentication Options Not every company has the same requirement for authenticating against their IT systems. Your password management software should provide multiple authentication options such as integrated Windows Authentication, forms based authentication or some form of randomized pin number versus alphanumeric scramble pad option. As an additional option, some form of two-factor authentication would also be desirable such as RSA Tokens or Crypto Cards.
Secured from Unauthorized Accessibility One crucial thing to consider that is normally unnoticed when choosing password management software program is how secure can it be. Can users write their own code to gain access to password details they've got no approval to look at? Or can the database administrators view the passwords in the repository or grant themselves accessibility by manipulating data in the database? You must be sure that your assessment criteria comes with assessing how secure the perfect solution is is.
Password Reset Reminders One aspect of mature password management practices is to renew passwords on a regular cycle. The mechanics of such a task can be quite daunting and time consuming, and any improvements in this area can only improve the process. Ideally your password management software should be able to remind your users when passwords should be reset. This reminder should either be visually on the computer screen, or via an automated method such as email reminders.
Suitable for Small and Large Enterprises Imagine how beneficial it can be to choose one Password Management Software solution which can scale from small businesses to large enterprises? The product will be able to grow with you, and scale as required, without the need to look for a different product. Ideally you should be able to choose a product which is completely free initially, and only cost money as your company grows larger. The backend infrastructure it's installed on should also be able to scale at no additional cost.
Timely and Quality Technical Support Choosing a password management software product is more than simply the software itself. It's vitally important your software vendor has a proven track record of providing quality technical support in a timely manner, evident by the customer base happily acting as customer references if required. As part of your evaluation, ensure you send a test inquiry email to the software vendor, and validate how quickly they respond to you.
As an aid to choosing your own Password Management Software, please use the following functionality as a guide.
Multiple User Password Sharing Probably the most essential elements of Password Management is ensuring all employees who work on exactly the same IT systems can effectively share the passwords utilized to secure IT systems. An enabler for teams of people sharing passwords is the platform on which it is run on. Because of its nature of multi user sharing, an internet based platform for discussing passwords is among the most suitable and flexible choice, and definitely the simplest platform to set up improvements on.
Traceability As people start to share passwords, its important you know which users are making changes to which IT systems. Not only is this required for regulatory compliance in some countries, but it's important a full audit trail is maintained so any issues which may arise can be discussed with the individuals who made the change. As passwords are added, updated and deleted from the system, information about the change, the person who made the change and details of which computer the change was made from should be recorded.
Historical Password Records It is not uncommon for password details to generally be updated inside the password management software, then again not modified accurately across all IT systems in which the passwords can be applied to. This can end in devices turning into unavailable to users, or prevent devices managers from logging on to key business systems or servers. If this was to happen, it's quite crucial you'll be able to review previously recorded passwords for these systems, so you can revert back in the password value if necessary.
Granular and Flexible Permissions Not all IT professionals require the same level of access to password records as each other. Some users will require administrative rights, some may only need to have modify rights, and some users only need to be able to read the password records without the ability to make any changes. Similarly when administering your password management system - you may want different delegation models for who can make certain system wide changes. Ensure you consider this type of flexibility when choosing your password management software.
Promote the use of Strong Passwords How often do users use passwords which are easy to remember, or use the same password across multiple systems - unfortunately it happens all too often. Your password management software should be able to educate your users on how to use strong and complex passwords. It should provide a password generator so your users don't need to think of complex passwords, and there should be no reason for them to try and remember the passwords as you have a capable system for them to store them in.
Multiple Authentication Options Not every company has the same requirement for authenticating against their IT systems. Your password management software should provide multiple authentication options such as integrated Windows Authentication, forms based authentication or some form of randomized pin number versus alphanumeric scramble pad option. As an additional option, some form of two-factor authentication would also be desirable such as RSA Tokens or Crypto Cards.
Secured from Unauthorized Accessibility One crucial thing to consider that is normally unnoticed when choosing password management software program is how secure can it be. Can users write their own code to gain access to password details they've got no approval to look at? Or can the database administrators view the passwords in the repository or grant themselves accessibility by manipulating data in the database? You must be sure that your assessment criteria comes with assessing how secure the perfect solution is is.
Password Reset Reminders One aspect of mature password management practices is to renew passwords on a regular cycle. The mechanics of such a task can be quite daunting and time consuming, and any improvements in this area can only improve the process. Ideally your password management software should be able to remind your users when passwords should be reset. This reminder should either be visually on the computer screen, or via an automated method such as email reminders.
Suitable for Small and Large Enterprises Imagine how beneficial it can be to choose one Password Management Software solution which can scale from small businesses to large enterprises? The product will be able to grow with you, and scale as required, without the need to look for a different product. Ideally you should be able to choose a product which is completely free initially, and only cost money as your company grows larger. The backend infrastructure it's installed on should also be able to scale at no additional cost.
Timely and Quality Technical Support Choosing a password management software product is more than simply the software itself. It's vitally important your software vendor has a proven track record of providing quality technical support in a timely manner, evident by the customer base happily acting as customer references if required. As part of your evaluation, ensure you send a test inquiry email to the software vendor, and validate how quickly they respond to you.
About the Author:
If you are interested in finding out some more information about Password Management Software, please visit Click Studios at http://www.clickstudios.com.au
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.