Secure password management:
How SMEs can do it too
No matter whether it’s a large corporation or a small family business: The protection of internal data is essential. Digitization and the associated shift of almost all business processes into the digital space are both a curse and a blessing: on the one hand, digital processes lead to greater efficiency; on the other, many new gateways for data criminals are created. Small and medium-sized companies in particular are often faced with the budget question and decide against expensive IT security measures. Becoming the target of a hacker attack is dismissed with the motto “it won’t happen to us”. Yet last year alone, 88% of German companies were affected by cyberattacks (Bitkom).
Secure password management – why is it essential?
From phishing emails to brute force attacks and shoulder surfing: cyber criminals are constantly finding new ways to smuggle malware into internal company networks. The credo in IT is therefore: “The question is not if you will be hit – but when”. SMEs are just as much in the hackers’ sights as large corporations. The strongest defense against cyberattacks are complex and unique passwords. However, many employees have neither the time nor the nerve to store a unique password for every account. As a result, the private password “Kastanienweg_23” also secures a company’s bank account.
In a worst-case scenario, hackers use a cracked password to infiltrate malware into internal networks. Such an incident could bring all business processes to a standstill. Every year, hacker attacks cost the German economy a total of 223 billion euros in damages (Bitkom). A successful data theft would have unforeseeable consequences for the company’s existence, because it could lead to blackmail, the sale of customer data or industrial espionage using technical information. If, in addition, personal data falls into the hands of cyber criminals, there is also a breach of the General Data Protection Regulation (GDPR). The resulting damage to the company’s image can lead to difficulties in acquisition. Likewise, high fines of up to 4% of annual turnover are possible.
To protect themselves against a cyber attack, companies should implement a DSGVO-compliant password manager, regardless of their size. This not only makes company processes more secure, but also more efficient.
Password management as a managed service
In order to offer small and medium-sized companies access to such solutions and to facilitate its implementation, MATESO has recently started offering the Password Safe software as a so-called managed service. This has the advantage that the ordering company does not have to take over the hosting of the software itself and this service is taken over by an external service company. Companies without large budgets and their own IT departments can thus access the service flexibly and ensure the greatest possible password security. Companies do not need their own IT department or servers for this – but can still ensure the best possible protection. The data is stored in a DSGVO-compliant manner in secure data centers in the DACH region.
Password Safe MSP is provided by MATESO’s self-certified partners, who also take over the maintenance and administration of the service. SMEs thus save on investment and implementation costs and can calculate expenses and add and cancel additional options with a monthly flexible subscription model.
The top companies in the German economy (21 of the 30 Dax groups) already use the services offered by MATESO and protect their IT structures with the self-hosting model by hosting the data on their own servers.
For many small and medium-sized companies, however, aspects such as calculable costs, short notice periods and variable account expansion play an important role. This is where Password Safe MSP is ideally suited. Password Safe MSP is implemented and managed by IT experts in the company. This means that SMEs need neither IT expertise nor hardware and can benefit from the highest level of password protection. Companies that opt for Password Safe MSP can switch to the self-hosted usage model at any time.