Problems with Employee Passwords

In a corporate environment, employees are allowed to access many external SaaS services.  They access those services in the role of employee of their firm.  Employees have accounts at those SaaS services along with logon credentials, typically an ID and Password or other token.   The employees are typically responsible for managing their logon credentials.

This access model presents many different technology related risks:

  • Each employee has to manage their Ids & Passwords across many different SaaS vendors.  This password proliferation is an ongoing nuisance and to keep track, the employee may write the passwords down, have a spreadsheet with all their credentials, etc.
  • Typically, those Ids & Passwords can be used from any computer – their work desktop, the home computer, a random computer.  A non approved computer could be compromised and put the SaaS account at risk.
  • Passwords can be intentionally shared, where an employee willingly provides their account information to a peer for a valid (or invalid) reason.
  • Passwords can easily be stolen, via phishing, malware or other attacks.  Stolen passwords obviously put the SaaS account at risk.
  • Having the employees manage their accounts puts their employer at risk.  If accounts are compromised or misused after an employee leaves the firm, the employer is ultimately responsible.

Our Solution

Our service addresses these concerns by providing a credential to each employee that is reusable across multiple SaaS services, that is managed by their employer, provides strong authentication that defends against phishing, credential sharing and theft, can be disabled across all participating SaaS services AND can only be used from a corporate device.  The first phase of this service will issue credentials to corporate desktop computers.  Future phases will include other corporate managed devices, including laptops and other mobile devices.