Password Management in a New Era of Remote Working


2020 was a year of tremendous chaos and stress on many levels and stretched the limits of IT teams who were responsible for securing corporate assets, as entire companies sent employees home to work, including those same IT teams. A new generation of IT heroes was born, and CIOs, CISOs, and IT analysts and managers stepped up to address uncommon challenges, even as cyberattacks grew to all-time highs.

Among the many puzzles to be solved were password policies, monitoring, management, and – above all – automation. As the Verizon DBIR reported last year, most cyber breaches happened due to mismanaged passwords, either shared, easily compromised, or stolen. Whether accidentally or intentionally leveraged, individuals continued to be at fault for most hacks, whether full or part-time employees, or consultant and contractors, or even third-party vendors with access to critical infrastructure.

Something as simple as maintaining a complex password could go a long way, but doing so can be anything but simple as the dispersion of the workforce threw a wrench into the more stable environment where most employees were within the physical perimeter of workplaces.

Nearly every worker is aware that weak passwords (like 12345 or ABCDE) are not secure, even as consumers are now prompted to use passwords with certain combinations of upper case, lower case, numbers, and symbols and are increasingly opting in to allow the platforms for services they subscribe to, to automatically generate and store complex passwords in a personal vault.

It goes without saying that every organization should go beyond requiring the use of strong passwords on all devices, whether company-owned or not. The best cybersecurity systems are virtually useless if remote users use weak passwords.

We asked Michael Fritzlo, Executive Chairman of Ironsphere, a privileged access management software company, what they recommend as we embark on a new year, where few doubt the workplace will ever return to what we used to consider “normal.”

“The strongest passwords are long and random, contain a mix of alpha, numeric, and special characters, have both upper- and lower-case letters, and are essentially impossible to guess,” Fritzlo said. “Strong passwords are also changed frequently to ensure that if the password were to become compromised, it would be replaced immediately, which is where password vault automation comes in.”

In addition to remote working security basics (for example, security software on all devices, continual updates to operating systems to address new vulnerabilities, the use of a Virtual Private Network with data encryption, a minimum of two-factor authentication and preferably multi-factor authentication, and clear policies and guidelines on sharing and saving information) Michael Fritzlo indicated “Advanced software-based approaches and cybersecurity automation enable organizations to protect themselves from one of the primary causes of breaches – adversaries taking control of privileged accounts by being able to “crack the code” on privileged users’ passwords.”

“Rather than trusting privileged users to set up and remember passwords, modern approaches automate this process, where users’ credentials are securely stored within a vault where access is determined by Role-Based Access Controls, and passwords are encrypted with algorithms. Advanced Password Vaults update passwords across the entire IT infrastructure, ensuring the protection of networks, servers, applications, and data. For comprehensive coverage, automated systems can also secure end-point devices from being compromised, even if credentials are lost, shared, or stolen.”

While a variety of solutions are available in the market today, and hundreds of thousands of organizations, from small to medium businesses to government agencies and educational institutions, have certain policies and authentication capabilities in place, Fritzlo said given the growth and sophistication of attacks, an advanced password vault posture is critical.

“A systematic approach is key; this is not something that should be done half-way. IT leaders should ensure that their password vault manager will be able to work with all relevant systems, including remote desktops, virtual desktops, web and browser-based applications, across all mobile devices including smartphones and laptops,” Michael Fritzlo said. “The installation and configuration should be easy or invisible to end-users, and auto-discovery should be included to minimize work time and mistakes.”

Fritzlo also said filtering, alerting, reporting, analytics, and cost should be part of the evolution of password automation and pointed out the relationship to data governance and risk.

For example, does the solution interoperate with third-party vendor products (web servers, app servers, routers, and other networking equipment?

Does the solution work seamlessly with ITSM solutions for change management and governance control?

Is 100% keylogging and recording included to support compliance and audit requirements?

“With the right password vault technology, organizations prevent unauthorized access to critical systems and stop attacks using stolen privileged credentials,” Fritzlo concluded. “Imagine the difference when more organizations use this technology to prevent adversaries from breaking into their infrastructure; while cybercriminals are increasingly sophisticated, they will have to work harder, and they will learn that even if they attempt to circumvent systems, the systems are recording their every keystroke, which will enable law enforcement to track down intruders, making the investment in stealing information or taking control of assets less attractive.”

Edited by Maurice Nagle

Content Contributor

Related Articles

Generative AI Expo Launches as Newest Event in the ITEXPO #TECHSUPERSHOW

By: TMCnet News    1/27/2023

Generative AI Expo is the starting point for you research the countless potentially game-changing pillars that may solidify generative AI as THE indis…

Read More

Can Machine Learning Models Help Fight Cybercrime?

By: Contributing Writer    1/25/2023

A machine learning model is a mathematical representation of a system or process that is trained to make predictions or decisions based on data. It is…

Read More

What Are the Risks of Continuous Deployment?

By: Contributing Writer    1/25/2023

Continuous deployment (CD) is a software development practice where code changes are automatically built, tested, and deployed to production without h…

Read More

The Benefits of Implementing a Master Data Management Platform

By: Contributing Writer    1/19/2023

A master data management (MDM) platform is invaluable for any business. By centralizing data into one cohesive system, companies can improve their ope…

Read More

What Is an SBOM and Why Is It Critical for Software Compliance

By: Contributing Writer    1/17/2023

An SBOM, or software bill of materials, is a list of all the components and dependencies that make up a piece of software. This can include things lik…

Read More