Best enterprise-grade password managers 2018

Southeast Asia is no stranger to data breaches. Here are six password management solutions to help keep your enterprise secure.

login password - user permissions - administrative control
Thinkstock

Cyber attacks are on the rise and Southeast Asia is no less immune to this ever-growing threat than the rest of the world.

As the digital economy of the bloc continues to flourish, threat actors are seeing the potential in both targeting the region and using it as a launch pad for large-scale cyber attacks.

Just last month, a leading healthcare company in Singapore had the data of 1.5 million patients stolen, including the medical records of their Prime Minister. It is thought the criminals gained access to the database via a malware infected computer.

When it comes to data protection, both companies and individual employees need to take responsibility for security practices.

Organisations that aren’t regularly patching and upgrading their security software are just as responsible for a data breach as an individual who has been fooled by a spear phishing link.

Having a basic security strategy in place is a must and in 2016 Thailand suffered a breach which proved what can happen if you don’t take security seriously.

Read next: The biggest data breaches in Southeast Asia.

A website commissioned by the Thai immigration police was inadvertently made public during its testing phase, containing the personal details, names, addresses, job titles, passport numbers and exact locations of more than 2,000 foreign nationals living in Thailand’s southern provenance. The website was password protected however, users were able to gain access to the information by correctly guessing the admin password: ‘12345’.

We all know the importance of using unique, complex passwords for each account we create, however, there’s a self-fulfilling prophecy that the longer and more complicated a password is, the more likely we are to forget it.

Research has shown that the second most common password is still ‘Password’ and over half of employees reuse old passwords.

So, what’s the solution to all this password misuse? Answer: A secure enterprise password manager that can organise and encrypt all your credentials.

But, as the market becomes increasingly saturated with different vendors all claiming their solution is the best, how can you be sure which one is right for your business?

Here is an overview of six of the best enterprise password managers currently on the market.

Keeper

Keeper allows you to access your credentials on up to five devices meaning you can gain access to your accounts from home, work and even remotely.

The solution has both multi-factor authentication and a biometric log-in system, encrypting and decrypting all your data and device-level so it is protected from the vulnerabilities associated with the cloud.

Each piece of data is stored in the user’s vault, protected by individual, randomly generated AES record keys and a further, master Data Key.

Keeper can be used on Android, iOS, Mac and PC devices and costs £2.08 for the business plan and £3.33 for the enterprise plan. Both come with a free month-long trial.

CyberArk Enterprise Password Vault

CyberArk Enterprise Password Vault centrally manages all your privileged account credentials, preventing unauthorised individuals from gaining access without legitimate business purposes.

It uses a highly secure central repository to store and protect both SSH keys and passwords for use in on-premises, hybrid and cloud environments.

In addition, its auditing and control features mean you can track and identify the misuse of any privileged accounts.

CyberArk mean business with this solution, even so the price tag is somewhat hefty. The total cost for the EPV server is $25,000, with user pricing starting at $220 per user.

Thycotic Secret Server

Thycotic Secret Server is also available for use on-premises and in the cloud, helping you to create, manage, share and automatically change thousands of enterprise passwords, depending on the package you opt for.

The solution uses a whole host of different security features to keep your credentials protected, offering, amongst other things, AES 256 encryption, two-factor authentication and 100-character passwords that are all automatically backed up in real time.

Thycotic Secret Server offers four different packages, ranging from a free solution with limited features right through to a platinum package. Pricing for the more premium packages starts at $5,000.

LastPass

LastPass offers users the choice of a browser extension and a mobile device application to manage their passwords. The browser extension is supported by all major browsers, including Opera and Safari.

It stores the passwords for all your online accounts in one centralised vault which is secured by a master password, AES-256-bit encryption, salted hashes, two-factor authentication and device level encryption.

The mobile application uses the same centralised vault setup and offers an added layer of security through fingerprint access.

LastPass offers both a ‘Teams’ and ‘Enterprise’ package, costing $2.50 and $4 per user/per month respectably.

Lieberman RED Identity Management

The solution offered by Lieberman aims to protect your organisation from malicious insiders by simplifying how you manage your passwords and allowing you to track which users access your privileged accounts.

Each account is provided with a unique password that frequently changes, preventing unauthorised and anonymous access.

Credentials are stored and secured in a backend database that has military grade AES encryption and passwords are configurable in complexity and length; a maximum of 127 characters depending on the system.

Lieberman RED Identity Management supports on-premises, cloud and hybrid environments and has a starting price of $299.

Dashlane

Dashlane provides users with a more secure way to manage their logins, passwords and payment information online.

It includes a password generator which creates and stores unique and complex passwords for you, removing the stress of having to think of and remember a different, strong password every 90 days. Credentials are protected using AES-256 encryption and accessed using a single master password.

Dashlane also scans the internet for leaked or stolen personal data, automatically alerting users if their information is found somewhere it shouldn’t be.

Dashlane’s premium plan allows you to use their solution on multiple devices and costs $3.33 a month. Their business plan costs $4 per user/per month.