Skip to main content
Granular Password Policy
Passportal Insights

The Importance of Granular Password Policy and Access Control for IT Businesses

By SolarWinds MSP

Password policies refer to a standard set of password requirements that apply for all of the users across an organization. To safeguard customer accounts, managed services providers (MSPs) should build password policies that provide a good balance of security and convenience. A password policy will usually include password complexity requirements, such as minimum length and the need for special characters as well as rules around password resets and changes.

Additionally, granular access refers to limitations that an organization places on access to their system. Granular access helps dictate which users have the permissions in place to view certain parts of a system—and what those permissions enable them to do. Granular access control is important because it allows employees to hit the ground running. They can work within the various levels of the systems they need, and nothing more. Not only does this elevate your organization’s security, but it can also help increase productivity.

By applying granular access control at varying levels—such as clients, subfolders, and systems—you can help ensure each of your technicians has the appropriate level of permission to execute their role while maximizing security for the organization. For convenience, you should also be able to designate access for a predetermined amount of time if necessary.

The importance of a granular password policy 

Adding granularity to your password policy allows you to better align password requirements with the elevated privileges of various users for a more secure environment overall. To implement a granular password policy, here are a couple of key elements of password policy you should be thinking about for your MSP or customer organizations:

1/ Password complexity 

For your default password policy, you likely will have settled on a number of minimum password complexity requirements like length, a designated number of special characters, and a restriction against the use of the username in the password. On top of these default settings, elevated users should have more stringent requirements to meet. For example, this may work by increasing the minimum length, enforcing a passphrase rather than a password, or blocking consecutive identical characters.

2/ Settings for account lockouts

Account lockouts occur when users unsuccessfully attempt to log in to their account too many times. After a certain number of attempts, the account automatically freezes to protect the network from what it perceives as a possible hacking attempt or brute force attack. This specified number of incorrect attempts needs to be decided upon by administrators, who may want to set a lower threshold for users with higher levels of access. For instance, it is reasonable to only grant privileged accounts one failed attempt before a lockout, while groups with less access might have three failed attempts.

The importance of granular access control 

One of the greatest challenges associated with IT security is that the IT landscape is constantly evolving. If your organization hopes to maintain complete and continuous control with an accurate overview of access and users across multiple systems, then you have a challenging task on your hands.

Large organizations may well have thousands of users, and retaining consistency across an array of systems is a time-consuming and highly complex process that is often prone to error.  Access rights are constantly changing as users enter, leave, or move within the organization, and there is a complicated mix of IT systems, organizational structures, and users to manage simultaneously.

In 2020, cyberthreats are highly sophisticated and every organization is at risk of external and internal attacks. Moreover, compliance demands are higher than ever before, heaping on the pressure to effectively manage access rights and achieve optimal security levels with the right password management. To manage these complex requirements, however, it’s often a good idea to use a password management tool that can help you implement advanced granular policies.

A password management tool that supports both password granularity and user access granularity

The right client password management tool can help your MSP implement a granular password policy that is both robust and effective. SolarWinds® Passportal is a highly efficient password management tool that doubles as a documentation platform built specifically for MSPs. Among its robust password features are credential injection, auditing, reporting, password change automation, and privileged client documentation management.

Passportal helps you achieve granular password policy best practices and implement access controls for your technicians. With credentials stored in an encrypted password vault safeguarded by multifactor authentication (MFA) and role-based permissions, Passportal makes managing complexity easy and secure. To learn more, request a demo of Passportal here.

Additional Reading:

Welcome to the Passportal Blog

Into cybersecurity? Read up on current trends in IT Services and ensure you’re up to speed on best practices on how to grow your business.

Want to stay up to date?

Get the latest N-able tips, tricks, and ideas sent to your inbox each week.

Loading form....

If the form does not load in a few seconds, it is probably because your browser is using Tracking Protection. This is either an Ad Blocker plug-in or your browser is in private mode. Please allow tracking on this page to request a subscription.

Note: Firefox users may see a shield icon to the left of the URL in the address bar. Click on this to disable tracking protection for this session/site

Automated password protection with documentation management integrated with the MSP tools you already use

Manage passwords with ease