Companies continue to switch to more cloud-based services, and this trend has only increased as workforces transition to remote or hybrid environments. But, many organizations face significant challenges in securing their cloud infrastructure.
To start, employees use numerous devices – personal computers, tablets, and smartphones – to remotely log in to cloud services. In fact, Gartner predicts remote workers will use at least four different device types for remote working through 2024.
Many organizations also have a multi-cloud strategy that sometimes involves managing account credentials for three, four, or five clouds.
Large, global, distributed teams accessing networks around the world require thoughtful and proactive credential management, including enabling users with the ability to generate strong and unique passwords to prevent breaches. According to a recent report by Palo Alto Networks, a majority of cloud accounts – 53% – allow weak passwords consisting of under 14 characters, while 44% of cloud accounts allow the user to re-use a password that is linked to another account. And weak passwords remain vulnerable to cyberattacks. It may not come as a surprise, then, to learn that the 2022 Thales Global Cloud Security Study found that 45% of organizations had experienced a cloud-based data breach in the past year.
It’s stated often, but bears repeating: Passwords are a critical component of security. A strong password is one of the first barriers to preventing a data breach. Cyber-criminals who guess a password can easily use that password to escalate their privileges and access highly sensitive or business-critical data.
Password managers help secure multi-cloud environments
Solutions such as identity access management (IAM) or single sign on (SSO) help manage credentials on company infrastructure or known devices, but do not always reach hybrid setups in employees’ homes and workplaces.
A versatile credential management tool, such as a password manager, is a much more cost effective and secure solution. Password managers enable employees to safely access any cloud service with a unique password, reducing potential data breach risks. With a password manager, employees can securely share credentials and navigate login information across multiple clouds securely.
The facilitation of secure password sharing is crucial for companies concerned about cloud security – especially when considering people tend to utilize insecure methods for sharing passwords, such as email, spreadsheets, text messaging, and sticky notes. Remembering lots of strong and unique passwords manually is also tricky, if not impossible, for the average person. Because complex passwords are hard to remember, people tend to write them down or store them on their computers, which undermines the point of creating a strong password. Fortunately, password managers obviate the need to remember tens or even hundreds of passwords and guard against inevitable reuse that occurs with a large number of credentials in play. While practices such as password reuse are common according to the second annual World Password Day survey, 32% of respondents reuse passwords across at least 5-10 sites and indicators point to employee awareness of security risks. In the same survey, a majority (64%) of respondents said workplaces should provide employees with a password manager to protect credentials. Clearly, there is an appetite for leadership in this arena.
What to focus on when selecting a password manager
Organizations should prioritize password managers that offer some form of two-factor authentication (2FA) because it helps increase user security for websites and applications. Two-factor authentication expands the login process beyond a single step, making it more secure than simply using a us
share codes that expire within a set timeframe, adding additional protection. Ideally, the password management solution enables 2FA for vault access and for individual websites and accounts stored within the password vault. Fortunately, 2FA has gone global. In the World Password Day survey, 73% of respondents reported using 2FA for work accounts and 78% reported using 2FA for personal accounts. This type of familiarity indicates the technological implementation of 2FA could prove relatively straightforward.
Another benefit conferred by leading password managers is their cross-platform accessibility, which allows users to access them from all types of devices. Password managers should work across phones, laptops, and tablets and across multiple devices including Widows, Mac, Linux, iOS, and Android and many browsers such as Chrome, Firefox, Safari, Edge.
There’s also the important matter of end-to-end encryption. How can organizations trust a password manager to keep all their secrets secret? The answer lies in end-to-end encryption. Any password manager worth its salt should encrypt sensitive data as soon as it enters into their client – and be able to explain the type of encryption it utilizes to both encrypt data and derive encryption keys.
And finally, a critical piece of the puzzle: Password managers need to be easy-to-use for every level of user, from beginner to advanced. When considering a large or distributed employee-base, the applications should be intuitive and easy to deploy.
Navigating many different cloud environments and many different employees who are toggling between many different devices is hard, but getting a password manager can make it easy.