For some time now, many organisations have claimed they will go passwordless, as convenience has become a top priority for boosting employee productivity and performance. However, passwords remain the primary form of authentication in Gmail, Outlook, and other major enterprise applications.
Unlike algorithms in biometric scanners and facial recognition, passwords do not tolerate a margin of error. A single incorrect character can prevent users from accessing resources. This feature has helped passwords stand the test of time, 62 years after their first use in computing. Passwords also offer other benefits that make them the most effective security measure across organisations. For instance:
- Passwords are backwards compatible, meaning that they work on any system and comply with the policies set by IT teams.
- In case of a breach, passwords can be changed.
- Passwords generally do not carry personally identifiable information.
All these advantages—combined with their better usability and cost-effectiveness as well as the advent of IoT devices—mean that passwords are not going away any time soon. Passwords have remained a ubiquitous form of authentication for several decades now, despite the introduction of several alternate solutions. Biometrics, smart cards, and other forms of authentication have certainly added another layer of security, but they cannot replace passwords entirely.
However, passwords have a critical drawback: Poor Password management can lead to security breaches, a poor employee experience, and a loss of customer and stakeholder trust. To make matters worse, when users forget their passwords, IT teams are often called upon to quickly reset them to maintain operational consistency. This added responsibility serves only to overburden the IT team members, diverting their focus from more critical issues such as service disruptions and cyberthreats.
Therefore, managing and monitoring passwords is still essential. Companies must ensure that users create strong passwords, that they are not reused across platforms, and that they are changed regularly. Passwords must also be encrypted and stored securely to prevent unauthorised access. Organisations can free themselves of the shackles of manual password management through password management solutions that empower users with self-service resets and single sign-on (SSO) access.
How Tele-centre solved its password management issues
Tele-centre Services Pte Ltd, established in 1999, aims to provide customer experience management solutions. It specialises in enabling client outsourcing of various customer service channels, including call centres, help desks, email, web chat, and social media. The company serves a diverse client base comprising government and corporate entities in sectors such as public transportation, telecommunications, banking and finance, retail, insurance, petroleum, and IT.
According to Philip Chua, the head of IT at Tele-centre, the company faced several challenges. These included a time-consuming manual process for responding to password service requests and difficulties in managing user accounts in Active Directory (AD). These issues hindered his support teams from focusing on proactive, strategic, and time-critical tasks. To streamline these processes, Chua opted for an integrated identity and access management (IAM) solution. A key feature of this IAM solution was a self-service password management system, which allowed the company to manage employee passwords comprehensively at a reasonable cost.
Through this solution, Tele-centre is able to give its employees the ability to reset their own passwords directly without having to rely on the support teams. Additionally, the solution enables Tele-centre to synchronise passwords across various applications, reducing the burden on users who otherwise would have to manage multiple credentials. The system also encourages employees to adopt password best practices by providing password expiry reminders, thereby reducing the risk of cyberattacks.
By implementing the IAM solution, Chua was able to reduce the time spent on administrative tasks by 50%. This efficiency gain has lightened the workload for the support teams, allowing them to shift their focus to other critical areas. The IAM solution also includes audit reporting features, enabling Chua to review active and inactive passwords for easy decommissioning and deletion from databases. As a result, Tele-centre has lowered the risk of security breaches related to credential theft.
What can other organisations take from this?
Contrary to the belief that passwords are becoming obsolete, they are likely to remain a primary security measure for the foreseeable future. Currently, passwords serve as the first line of defence in authenticating users and preventing unauthorised access. However, their effectiveness is contingent upon proper management to ensure that unauthorised individuals do not gain access to secure resources.
By incorporating the right solutions into their technology stacks, organisations can empower employees to manage their own passwords. This not only streamlines work but also minimises operational downtime. The result is a positive working environment that maintains strong security measures for critical assets and operations. Therefore, every organisation should aim to involve employees in reinforcing cybersecurity measures without impeding their work performance.
