Marketing Agency Secures Client Data with Advanced Password Management Solution
password IT
A marketing agency managing multiple client websites, digital platforms, and software was facing challenges related to secure password management. Previously, they used on-premise, free software solutions to store both internal and client passwords.
Conformedia introduced Keeper, a dynamic password management system, to meet the agency's requirements. Keeper is not merely a password store but a sophisticated tool that provides secure management of passwords across teams and clients.
Key actions taken:
-
Migration to Google Cloud: All passwords were securely moved from the Windows Server environment to Google Cloud, eliminating the need for on-site physical servers.
-
Robust Password Management: Keeper offers enhanced security, including two-factor authentication (2FA), user access controls, and auditing features tailored for the agency’s ISO 27001 certification requirements.
Advantages of Keeper Password Manager:
Comprehensive Reporting: The system can generate audit-ready reports to satisfy ISO 27001 compliance
Security Features:
Two-Factor Authentication (2FA): Provides an extra layer of security
Breakwatch: Performs regular scans to check for weak or compromised passwords, ensuring ongoing security.
Access Management:
Different access levels can be assigned to different users or teams, restricting access to only the relevant information.
Password access can be revoked immediately if necessary, such as when an employee leaves the company.
Secure Password Sharing:
Allows external parties to access passwords in a secure manner, with the option to set expiration dates for temporary access.
Cloud and Cross-Platform Compatibility:
The system is accessible via a web browser or standalone app on Windows, macOS, and mobile devices.
The agency encountered several issues:
-
Lack of visibility: They couldn’t track which team members had access to passwords, when they were accessed, or which passwords were being used.
-
ISO 27001 Certification: As part of compliance with ISO 27001, which demands strict security and auditing, the current system was insufficient and vulnerable to cyber-attacks.
-
Security risks: If passwords were compromised due to a cyber-attack, the impact on the agency could be catastrophic.
Thus, the agency approached Conformedia with a wish list for an improved, secure solution and a transition from their Windows Server system to Google Cloud.
The implementation of Keeper provided the agency with several key benefits:
-
Improved security through 2FA and proactive monitoring of password strength.
-
ISO 27001 Compliance was met through thorough reporting and audit capabilities.
-
Cloud Accessibility: The team gained the flexibility to access the system via the cloud on multiple platforms (Windows, Mac, mobile, etc.).
-
Seamless password sharing with external parties in a secure and compliant manner.
By adopting Keeper, the agency enhanced its security posture, ensured compliance with ISO standards, and eliminated the risks associated with their previous password management system.
