E R T N
P
X
E INIO
OP
writing them down on some sort of sheet
or post-it note or keeping it on an Excel
file on their phone or on their desk,
which can easily be infiltrated.
We must figure out an easier way. I am
a believer that at some point we will find
something that’s better than passwords,
but that’s not going to be in the near
future so we need to be able to help and
work better to secure them today.
Is there a barrier between the
‘techies’ and end users?
I think there’s a lot of friction between
the two and I know that IT is really
frustrated with that too. They don’t want
to be considered the bad guy, they don’t
want to be thought of as somebody who
is slowing down the business. They want
to figure out how they can enable the
business. But they’re also responsible
for weighing the risks.
They’re stuck between a rock and a hard
place. But that’s where having a simple
solution that people can actually use,
both in their professional and personal
lives, can help. Not only are you changing
behaviour at work, but you can change
an employee’s behaviour at home.
And this really is a behavioural change.
It’s about us as human beings and what
we do and how we do it. This remains a
challenge for IT, but when that problem
can be met and overcome, you have a
lot of success.
How does LogMeIn’s LastPass
password manager help to
secure remote workforces and
those using BYOD?
We have to make
it easier for people
to manage their
passwords rather
than using the
same one and just
changing that
last number.
they’re everywhere. So as a CISO or
Director of IT, you’re thinking ‘now how
do I do it?’
Having an enterprise grade password
manager in place ensures employees
have secure access to their passwords
no matter what device they’re on. Plus,
they are able to autofill passwords
on any device and into mobile apps.
Having this consistent experience
across devices makes using password
managers much easier.
And again, it goes back to human
behaviour. If the user can have a
consistent experience with a password
management tool at work, at home and
on their device, they will eventually
change their behaviour. And for IT, it will
at least relieve some of the pressure on
employees to remember all this stuff.
Will passwords ever be replaced?
I think without a doubt both of these are
huge trends that are not going to change. I think what will happen first, is that
passwords will be remediated, something
will take their place. They’ll be made a
little bit more invisible to the end user.
With these, you have a lack of control
again from IT. Before the advent of
BYOD, IT only had to worry about
protecting the company perimeter. But
now, there are the cloud apps, the
devices, there are many employees, and Even right now, think about using your
face as an ID or using your fingerprint
for biometric authentication. In many
cases there are still passwords behind
that, but this is just putting a much
easier user interface in front of it. So, I
42
would expect there to be many
more advances in technology, that
makes accessing things easier, but
actually replacing the password, will
take a very long time. And so, until
then, let’s just make it as easy as
possible to manage passwords.
One important thing for the enterprise
is, and we talked about this a lot, is
consumers or end users – they’re
critical, if you don’t have them, you
have nothing.
But there is also an element of control.
It’s what we bristle against with the
enterprise. And I think one thing that
password management systems like
LastPass do give, is a much better
sense of control over your organisation’s
password polices.
You’re able to set a variety of policies
and get an organisational security score,
Issue 09
|
www.intelligentciso.com