Deploying a password management solution would indeed be the best start towards information security this festive season!

2012 is fast drawing to a close. While looking ahead for a great holiday season and a wonderful New Year 2013, we just looked back and reflected on the year just gone by.

2012 had been fabulous in many counts, but when it comes to information security, it had indeed been a year of high profile security breaches and identity thefts across the globe. Individual users and mighty enterprises alike have fallen prey to hackers. High profile cyber-attack victims this year include Zappos.com, one of the largest online retailers dealing with shoes and apparels; Linkedin, Dropbox and numerous others.

And early this month, a shocking report revealed that a disgruntled IT administrator at a Swiss-based spy agency had allegedly downloaded terabytes of counter-terrorism information shared among the intelligence agencies in US & UK and was eyeing at selling that off to foreign and commercial buyers.

If you dig into most of the cyber-security incidents reported this year, you would realize that password reuse and insider threats have emerged the most dangerous security IT security issues in 2012. Incidentally, the solution to combat both the issues lies in deploying a Password Manager!

Password Reuse Affects All – Individuals & Enterprises Alike

With even tech-savvy users tending to reuse the same password across many IT applications and websites, identity theft at one place leads to a comprise at numerous other places. Nowadays, it is quite common for users to use the same login credentials for multiple sites – social media, banking, brokerage and other business accounts. If the password gets exposed in any of the sites, in all probability, hackers would be able to easily gain access to all your other accounts too.

If you have the habit of using a single master key for all your accounts, be prepared for security surprises and shocks!

As we had been pointing out in this blog series repeatedly, it is always prudent to have unique passwords for every website and application and supply it ONLY on that site/app. When there is news of password expose or hacks, you can just change the password for that site/app alone and frequently changing passwords, as a habit is always a great one to have.

But, here comes the problem: You will have to remember multiple passwords – sometimes in the order of tens or even hundreds. It is quite likely that you will forget passwords and at the most needed occasion, you will struggle logging in.

The way out: Use a Password Manager

Just like you have an email account; consider using a password management application too. In order to combat cyber-threats, proper password management should ideally become a ‘way of life’. Password Managers help securely store all your logins and passwords. In addition, you will get an option to launch a direct connection to the websites / applications from the password vault’s GUI itself. Saving you even the ‘Copy & Paste’ task, logging in is just a click away. Once you deploy a Password Manager, you can say goodbye to password fatigue and security lapses.

Insider Threat – The Emerging Issue

As things stand today, the biggest threat to the information security of your enterprise might be germinating inside, right at your organization! The business and reputation of some of the world’s mightiest organizations have been shattered in the past by a handful of malicious insiders, including disgruntled staff, greedy techies and sacked employees.

In most of the reported cyber-sabotages, misuse of Privileged Access to critical IT infrastructure has served as the ‘hacking channel’ for the malicious insiders to wreak havoc on the confidentiality, integrity and availability of the organization’s information systems, resulting in huge financial losses. In government agencies, insider threats might even result in jeopardizing the security of the Nation.

Lack of internal controls, access restrictions, centralized management, accountability, strong policies and to cap it all, haphazard style of privileged password storage and management makes the organization a paradise for malicious insiders.

Tightening Internal Controls – Need of the Hour

One of the effective ways to combat insider threats is to tighten internal controls. Access to IT resources should strictly be based on job roles and responsibilities. Access restrictions are just not enough. There should be clear-cut trails on ‘who accessed what and when’.

Internal controls could be bolstered in organizations by automating the entire life cycle of Privileged Access Management enforcing best practices. Enterprise Password Management Solutions like ManageEngine Password Manager Pro, precisely help achieve this.

A secure vault for storing and managing shared administrative passwords and digital identities, Password Manager Pro helps eliminate password fatigue and security lapses, achieve preventive and detective security controls, meet security audits and improve IT productivity.

With insider threats looming large, taking preventive action is the need of the hour. Deploying a password management solution would indeed be the best start towards information security this festive season!

Bala
ManageEngine Password Manager Pro
Quick Video | Free Trial Download | White Papers | Success Stories