The risks of reusing passwords and how EMS can help your business be more secure
How many user names and passwords do you have for the applications you use every day? Amazon? eBay? Twitter? Facebook? Spotify? Your bank account? Your holiday booking? Can you remember them all, or do you re-use your passwords? Is this sensible? Is this secure?
19 September 2017
How about in your business life? Do you have passwords for Outlook? Sage? Your CRM application? Your HR application? Your Skype for Business account? Can you remember them all, or do you re-use your passwords? Is this sensible? Is this secure?
According to a 2015 report in Entrepreneur Magazine, nearly 3 out of 4 consumers use duplicate passwords, many of which have not been changed in five years or more. Unsurprisingly, about 40% of those surveyed say they had “a security incident” in the past year, meaning they had an account hacked, password stolen, or were given notice that their personal information had been compromised. So how can businesses be certain that system security is not compromised by employees writing down their many passwords so they don’t forget them? And how can they be certain that their employees’ productivity isn’t affected by needing to sign in with different user names and passwords?
Microsoft’s solution for this is Active Directory, a directory service which manages user names and passwords within an organisation. Active Directory can provide users with single sign-on access to systems and applications meaning that once logged on to Active Directory, users don’t have to re-enter their credentials to access other applications managed by Active Directory.
This automatic validation of credentials is called “single sign-on”, or SSO. The concept of SSO is made more complex when companies start to access their applications from the Cloud – Office 365, Skype for Business, Cloud PBX – and continue to use applications loaded to their local servers. How can on-premise and Cloud passwords be synchronised to ensure SSO across all?
Today, Active Directory and its Cloud equivalent Azure Active Directory can be ‘federated’ – that is, synced together to provide a single view to every user within a business whether they are working on—on premise, in the cloud, or both. Scoping and deploying both flavours of Active Directory is complex and potentially time-consuming. Supporting daily moves, changes, adds and deletes is an overhead many businesses don’t want to address.
GCI’s managed service for Active Directory and Azure Active Directory, as part of a wider deployment of Enterprise Mobility + Security (EMS), can ensure that single-sign on is scoped and deployed for best practice in security and an improved productivity for all of your users.
Want to know more about our managed solution for Enterprise Mobility + Security? Let us help you make your organisation secure and productive; get in touch at firstname.lastname@example.org to find out more.
Cloud Product Manager