Finding the best password manager for the needs of your business or organization requires careful thinking on your part. In a previous article here at TechGenix, we looked at some of the downsides of using a password manager. In this article, we’ll briefly look at seven questions you should always keep in mind when determining which password manager might be best to deploy for your environment.
One: What are your must-have requirements?
It’s always a good idea to break down your requirements into several categories when you plan on implementing something new in your environment. For example, these can include “must-have” features like full encryption everywhere, “nice to have but not essential” capabilities like automated password changes, and perhaps “not sure but might be worth considering for the future” kinds of stuff like, well, whatever you can imagine. While the first two categories are important and it’s easy to understand the difference between them, that third class of capabilities might have caught you off-guard a bit. The point is that as an IT admin or manager, you should always keep one eye glancing toward the future while steadily focusing on the present because technology changes constantly and can evolve in unexpected ways. Good business leaders do this for managing the growth of their business, and we in IT can learn from them in this regard.
Two: Are you comfortable with the cloud?
Where is your password manager solution going to be deployed? On-prem or in the cloud? Where will passwords be safely stored? On a server running in your server room or someone else’s server owned by your cloud provider? Not every business is comfortable with someone else being charged with managing such an important part of your company’s security, namely, its passwords. Company policy can play a big part in the solution you choose here, and it’s a good idea to make sure that you fully understand your company’s policies toward cloud computing and cybersecurity before deciding on which password management product or service you will deploy. Taking to your CEO or company owner might even be a good step here to make sure you get started on the right foot and don’t end up tripping over the other and landing in hot water.
Three: How much encryption is enough?
Encrypting your business data makes it more secure from prying eyes. But encryption can be performed in different ways and to different degrees. How much encryption you want your password management solution to use depends on how valuable your data is to your business. Will it be sufficient if encryption is only performed at the client level? Or would you feel safer if your password manager also fully encrypts data in transit? The question of where encryption is being performed also ties into the previous question because utilizing cloud-based password managers means user authentication involves communications between your own network and the cloud. It also depends on whether your users work remotely or only from known, secure locations like your corporate offices or campus because even if you deploy an on-prem password management solution in your datacenter, packets still have to leave your datacenter and traverse the Internet to reach your remote workers or branch offices. Finally, there’s also the question of which cryptographic protocol suites are supported and used by your password manager. Once again, the question here is how valuable is your data to you?
Four: Is it easy to use?
Usability is more or less inversely related to security when it comes to IT products and solutions. This isn’t an exact inverse relationship, but it’s roughly the case in most instances. Some password management solutions are extremely user-friendly and simple to use with simple to deploy desktop client applications, no-brainer add-ons for web browsers, mobile apps available from both Google Play and the Apple App Store. These kinds of password managers may be marketed both toward businesses and ordinary users. However, other password managers, particularly those intended primarily for large enterprise environments, may have stronger security, greater functionality, and more advanced features but can feel like they lack the “prettiness” that today’s younger, modern user is used to.
Five: How much will it cost?
There are tons and tons of password management products and solutions out there available in the enterprise vendor marketplace today. Once you’ve checked out a bunch of them that look like they may possibly meet the needs of your organization and you’ve narrowed the field down to a handful of final candidates for consideration, it’s time to perform a full examination of the cost of implementing each solution. Your cost analysis should include licensing, training, administration, and support — hence both CapEx and OpEx should be involved in your considerations of this matter. Otherwise, you may get hit by unexpected costs that might impact your budget, resulting in ripples that could cause other problems with IT projects you’re currently planning or implementing.
Six: Will it integrate well with my environment?
Besides the well-known tradeoff between usability and security, there is also a similar relationship with manageability. Those of us who work in IT are well aware that solutions integrated into your existing environment are easier to manage and support than one-off solutions that stand well outside your infrastructure. Are you looking for a password manager that can integrate with your existing line-of-business (LOB) applications? Do you need one you can deploy internally on that Red Hat Enterprise Linux server running in your server room? Do you want the auditing capabilities of your password manager to be able to surface its reports within your service desk software?
Seven: Can I please have some extra time to try it out?
Finally, most if not all password management products offer some kind of free trial period, so you can try them out. Don’t be afraid to push your vendor on this — ask for an extended trial period and a dedicated support contact so you can really put it through its paces before you decide whether to buy the product or not. And if they won’t budge on your request, then maybe you should walk because a lack of willingness at the start could signal problems with vendor support in the future.
Featured image: Designed by Graphiqa Stock / Freepik