How to Strengthen the Weakest Link in your Data Security

Password Sticky Note

Since over 80% of hacking-related data breaches are the result of weak and/or stolen passwords, the weakest link in your data security is … you guessed it: Passwords.

Employees use weak passwords, re-use them across accounts and forget them or store them in un-safe locations. They get frustrated, productivity is lost, and security is compromised. It isn’t their fault. Forrester found the average employee has 25 work accounts to manage and creating strong, unique passwords for each account is next to impossible. In addition to work accounts, everyone has a list of personal passwords to keep track of.  Did you know the security of personal passwords could impact your organization’s security?  Consider what could happen if the same passwords used for certain personal accounts are used for business credentials, and one or more of those personal passwords gets breached or stolen. That could open the door to your corporate network too.

The Password Solution

The solution to this problem is a password manager designed for business and personal use.  A password manager is a tool that does the work of creating, remembering, and filling in passwords. Simply log into an online account for the first time and the password manager will store your username and password, so every time you go back your credentials will be filled in automatically.  There are many on the market, but the password manager we have chosen to endorse is LastPass.  LastPass is the number one preferred password manager with 17.8 million users.

Password Manager Features 

The key features included with LastPass Business are:

  • Manage passwords with a private, encrypted storage vault.
  • Remember only one master username and password to access your entire vault.
  • Populate usernames and passwords on websites or applications with just a click.
  • Access your vault in the cloud from any device – desktop, laptop, tablet, smartphone.
  • Easily generate random, high-strength passwords for all your websites and applications.
  • Fill in online forms with just a click, with stored information such as name, title, address, email etc.
  • Share login information securely though LastPass either with your team at work or with your family at home
  • A Security Dashboard identifies weak and re-used passwords in your vault, prompting you to change them
  • LastPass monitors your email addresses continuously within a database of breached credentials and immediately alerts you via email if any have been compromised.
  • An Admin Console allows control over company’s accounts and 100+ customizable security policies.
  • Produce reports on new users, user activity, policy setting changes, access requests, security reports
  • Every LastPass Business account comes with a free Families Account for your personal use plus 5 additional licenses you can give to family or friends.

What About Security?

LastPass Password Manager has been designed so they never have the key to your account.  Strong encryption algorithms ensure complete security in the cloud.  All encryption and decryption processes take place on your computer or mobile device.  Your master password, and the keys used to encrypt and decrypt data, are never sent to LastPass’ servers, and are never accessible by LastPass. Multifactor authentication adds extra security to your LastPass account by requiring a second login step before authorizing access to your vault.  LastPass is SOC 2 Type 2 compliant.

Summary

The cost of a password manager will prove minimal once you’ve experienced all the benefits.  We can assure you it will be infinitely less than the cost of a data breach, and greatly reduce the risk of one.

LastPass can be implemented company-wide (recommended), or just for those with the greatest number of passwords to keep track of.  Pricing through BSC Solutions Group is month-to-month on a per user basis.  For more information and pricing, contact us today.