A password break up letter all CIOs need to write

A password break up letter all CIOs need to write

Dear passwords, we need to talk.

This letter has been a long time coming, and it can’t wait anymore. I don’t really know where to begin, so I am just going to cut to the chase. I’m breaking up with you. It’s over. We are done-zo. Finito. Ancient history. Here’s why.

For too long I’ve put my trust – and the entire company’s data – in your hands. But it’s just not working. I can’t take the stress anymore…I mean have you been reading these headlines? (I heard all about your involvement in that Ashley Madison fiasco…I mean, how could you!?)

Simply put: I deserve better.

Now, I know what you’ll say. “I can change.” Save it, buck. I’m sick of the excuses. And quite honestly, so is every single user in the company. Did you know my team doesn’t go a single day without getting at least a handful of password reset requests? Dealing with you is actually one of the most expensive uses of IT’s time.

How things got so bad: Mobile, Cloud and User Expectations

It’s not all your fault, though. There’s been a few of your “friends”, and they certainly made matters more complicated in recent years. First there was mobile and your whole BYOD phase. All of a sudden, you were being required countless times a day, from different devices, on different operating systems and networks. What a pain.

Next, came Cloud. We all love Cloud, don’t get me wrong. But with it, I can no longer count on having all my critical apps behind my trusty firewall.

And the last straw was with User Centricity. These days I want a workforce that actually likes to use the technology we put in front of them. It’s called “ease of use,” ever heard of it? I’m sure you haven’t. But the fact is that my users want an experience in line with the apps on their personal smartphone; asking them to pause, sign in with you, and make sure they aren’t using something as banal as “12345” or – my favorite – “password” is simply unrealistic, and a real hassle for everyone.

The Problem is - Passwords are bad!

Copyright © 2015 Symantec Corporation

Something better: Two-Factor Authentication (2FA)

Before you even ask me, yes, there is someone else. Someone far better.

2FA has been around for a long time, mostly in the enterprise space and with a few of the more common consumer apps (like Gmail). And you know what? It’s amazing. I just read the other day that 8 in 10 of every single breach could have been avoided if people had wised up and replaced you with 2FA from the beginning.

I know what you’ll say next. “But 2FA is expensive – how can you even afford it?”

Well, first off, I already mentioned above that you’re not on the cheap side yourself. Roughly thirty-percent of all helpdesk calls are related to you, passwords, and as more and more organizations adopt SaaS apps requiring passwords, that cost is set to go even higher.

But the other salient point here is that secure access with 2FA isn’t as costly as it once was. While it’s true that in the past, if we wanted to avoid our dependency on you we had to invest heavily in expensive hardware such as dongles that served up constantly changing codes, something only the major enterprises could afford. But that cost barrier is no longer the case.

Meet Symantec VIP

You might as well get introduced to Symantec VIP – someone at Softchoice recommended to me as a good, solid replacement for you. VIP is an innovative cloud-based service that offers secure access from any device, enables mobility without the headaches of remembering passwords, and is as easy and secure as required for the modern workforce I want to build.

Actually it’s pretty amazing how it works. While some 2FA’s still rely on using you, Symantec VIP has totally gotten rid of passwords, relying instead on a user’s own thumbprint and his/her mobile device to authenticate with an application. And because VIP is password-less, it removes the need to type in codes on small mobile devices and as a result, reduces errors and helpdesk calls.

Symantec Makes Strong Authentication Easy

Copyright © 2015 Symantec Corporation

And just because it’s easy doesn’t mean it’s not secure. Each time a user attempts an authentication, a popup appears that informs them of the attempt and asks for approval – if they aren’t attempting to sign-in they can deny the attempt and contact the IT department. Otherwise, they can easily approve with a fingerprint, which is the second factor of authentication. The first is the 2048-bit key that uniquely identifies their device.

I don’t know what else there is to say. Take care, Passwords. It was quite a roller coaster, one I’m happy to be done with and onto firmer ground.

Sincerely,

Your CIO

Thinking of breaking up with passwords at your company?

Get in touch with your Softchoice representative today, or leave a comment below, to learn about how you can start a free 60-day trial of Symantec VIP.

Related Posts

About Tobin Dalrymple

Tobin Dalrymple is a longtime Softchoice contributor and the IEF program writer living in Montreal.