RIAs deal with highly sensitive information. This means that every measure must be taken to ensure that sensitive data is never stolen, lost, or leaked, including creating passwords for the various accounts RIAs use. However, creating, remembering, and managing complex passwords for every app you use is not the funnest thing we do every day. As a result, a few things happen:
- Employees use weak passwords that are easy to remember (unless your system or your apps don’t allow them too)
- Employees reuse passwords so they don’t have to remember as many
- Employees use a spreadsheet or sticky notes to keep track of their passwords
- Employees use the “forgot password” option frequently because they forget or don’t keep track of everything
None of these are good and they all present some significant risks. Because, the truth is, stealing credentials like usernames and passwords is one of the most common ways hackers get into a network.
Your RIA should have a strong password policy and should use technology to mandate it. Along with that, you should offer your team a simple way to manage all their credentials, specifically a password manager. But many RIAs settle for their Chrome or Google password managers — tools that are adequate for personal users, but definitely not sufficient when it comes to safeguarding access to the financial information of clients.
Are consumer-grade credential managers secure enough?
The consumer-grade credential managers many of us use for our personal passwords like LastPass, Dashlane, and NordPass are useful, providing cheap (or even free) password management for individual users. But just because they work well for personal use doesn’t mean they’ll be as reliable for business users, particularly businesses like RIAs that deal with sensitive information. This is because consumer-grade password apps typically don’t have proactive security measures, enterprise software integrations, and other features that not only protect sensitive data, but also improve productivity.
Furthermore, enterprise data needs to be secured at scale, and enterprise-grade password managers allow you to manage access for employees in different roles at your RIA. For instance, an enterprise-grade credential manager can be used to revoke access for people who are leaving the company. It can also be used to control which apps and documents certain employees can view, edit, and share.
Be a smart RIA by using Microsoft Single Sign-On
One of the top password management tools available today is Microsoft Azure Single Sign-On (SSO). SSO is a modern authentication identity and access management (IAM) tool that protects user credentials throughout the Microsoft ecosystem. It also helps protect non-Microsoft add-ons and peripheral software that are integrated into your Microsoft system. Here are some of its most important features for RIAs:
- It is probably already available to you, through your existing Microsoft subscription
- It can accommodate both cloud-based and on-premise-hosted apps
- It accommodates multifactor authentication
- It has autofill features
- It ensures you never use bad passwords
There are many enterprise-grade credential managers out in the market, but Microsoft Azure SSO beats them to the punch in many ways. For example, a subscription to Dashlane, its closest competitor in terms of functionality and reliability, will set you back $120 a year. Microsoft SSO, on the other hand, is included on all four Azure Active Directory editions (free/basic, Office 365, Premium P1, and Premium P2). Or take the affordable NordPass for instance. NordPass provides password management and two-factor authentication for $36 for two years, but it has no autofill form functionality. Microsoft Azure SSO has all these features and more.
Single Sign-on really does simplify the whole password management problem for an RIA. It stores and helps you keep track of your login credentials, helping keep your productivity unhindered and your clients’ sensitive data uncompromised. Whether you opt to use the Microsoft tools or not, you should ensure you’re using a solution designed for businesses instead of relying on consumer-based options.
Make password management and data security a breeze with RIA Workspace. We provide specialized IT services to RIAs across the United States. Simplify your RIA practice today — contact us to learn more.