The next evolution in password security is a new breed of browser with all the security features, visibility, and policy controls the enterprise needs, built-in — including sophisticated password management.
The need for robust password management in business environments has never been higher.
For one, despite our best efforts to ramp up cybersecurity education, most employees still don’t practice good password hygiene. At the same time, bad actors are using increasingly sophisticated methods — phishing powered by AI, for one — to breach enterprise accounts.
Against this backdrop, single sign-on (SSO) and password managers like 1Password, LastPass, Dashlane, and Keeper have grown in popularity.
Now a mature technology, single sign-on is an essential first step for improving security. Whether with a saved password or a biometric, SSO gets users into many applications securely, with a single click.
However, SSO rarely covers 100% of the applications in the enterprise environment. Some apps are simply too old to link up to SSO, or they're managed by a third-party supplier or website external to the business. (Take airline employees for example, who, in order to access the manuals needed to operate and repair their planes, have to log into apps managed by airplane manufacturers.)
All these non-SSO apps? They need to be managed by the employee themselves, with their own user IDs and passwords.
The natural evolution to solving conventional password security issues not covered by SSO is the password manager. When implemented correctly, a password manager offers the convenience of SSO by automatically retrieving the password for each login.
However, there are limitations to traditional password manager solutions, not to mention potential security vulnerabilities. Password managers that offer cloud syncing add third-party security risk — and there have been no shortage of headlines around this manner of data breach.
Another shortcoming relates to the use of consumer browsers with password manager extensions. Imagine a scenario where the password manager pulls a password from the vault and auto-fills it into the website — as it’s meant to do. However, the browser then turns around and asks, “Do you want to save that password in the browser?” If the user clicks “yes,” now that password is exposed in the browser’s (far less secure) password store.
That scenario grows far worse when using a consumer browser with personal profile syncing. Any password saved is now available across all of their devices — including those outside of enterprise visibility.
Even if you deploy a password manager that offers world-class security, it can still run on insecure browsers and not-up-to-date operating systems, each of which can be breached putting sensitive data at stake.
While they have their drawbacks, password managers are a modern cybersecurity necessity. But evaluating traditional password management solutions against each other can become a serious pain.
Case in point: a CIO recently reported to me that he and his team had just spent nine months in a “password manager bake-off.”
Why? Because password managers have become ubiquitous. Each of them have virtually identical features, benefits, and weaknesses. There is no standout winner. And, as a result, IT teams waste precious time hemming and hawing over how to choose between largely interchangeable solutions.
But here’s the good news: CIOs no longer need to choose a password manager. The next evolution in password security isn’t a stand-alone password manager. It’s the enterprise browser: a browser with all the security features, deep visibility, and hyper-granular policy controls the enterprise needs, built-in — including sophisticated, enterprise-grade password management.
Here is how the enterprise browser tackles all the challenges password managers do, and much, much more:
We’re no longer having a conversation about features; the enterprise browser delivers password management in an entirely new, built-in way.
If you’re in the middle of evaluating enterprise password managers, it’s time to throw out your spreadsheets and your pro/con lists.
The enterprise browser doesn’t just do everything password managers can do; it also packages these capabilities in an entirely new way — one that is seamless and error-proof to the user, and configured for the enterprise. It vastly simplifies enterprise-wide adoption of password best practices while creating new protections around their use within corporate applications. And it eliminates password abuse, helps ensure organizational custody of corporate passwords, and embraces passwordless user authentication flows.
Even more importantly, it creates a tightly controlled, full-visibility, zero-trust environment that goes far beyond password management — achieving true security, without the cost and burden of bolt-on solutions.
In short, the enterprise browser is easy for users, and secure for enterprises.
Now, that’s a clear winner.
→ Download our Guide to Thwarting Password Attacks
Jason Trunk serves as Enterprise Architect at Island with over 20 years of experience with emerging technologies including server side code optimization, network decryption, and front-end browser performance. Before Island, Jason served as field CTO for AppDynamics (now Cisco), executive director at JPMorgan Chase, vice president at BigPanda, and other technical leadership roles at Mercury Interactive, Quest Software, and CA Technologies.