Beachhead Solutions, provider of cloud-managed PC & mobile device encryption, security, and data access control for businesses of all sizes, today announced the immediate availability of Managed Password Policy controls for all customers and partners using its SimplySecure Management System. The addition of this powerful password policy manager to the SimplySecure platform is designed to serve the data security needs of small-and-medium-sized businesses, and demonstrates the company’s commitment to SMBs in providing comprehensive data protection. Managed Password Policy controls are available at no additional cost to Beachhead’s transparent per-device pricing.
While SMBs require vigorous data security just as much as enterprises, they remain far less likely to have complete solutions in place. Despite the fact that data breaches incidents at major companies receive an outsized portion of media attention, industry research finds that 70% of data breaches occur at businesses with fewer than 100 employees. This points to a critical need among SMBs for improved data security capabilities – which SimplySecure’s Managed Password Policy is tailored to address.
Policies that bolster password security operate in tandem with encryption, which is increasingly a requirement for legal and regulatory mandate compliance (as is the case with HIPAA, FINRA, PCI-DSS, and more). Even where the letter of the law doesn’t specify encryption, auditors can and will enforce it as a de facto requirement. These compliance requirements are arriving in an expanding number of jurisdictions: New York State recently enacted what may prove to be seminal regulations for the financial industry at the state level. In addition to being more commonly required, putting encryption in place is a prudent business practice, protecting data by making it unreadable even in advanced hacking scenarios, such as where a drive is stolen and booted from another system.
However, encryption is only as effective as the password used to access decrypted data is secure. No encryption technology can protect data once a device is authenticated, meaning that a weak password – those with short, simple, or repeating characters – can be the fatally weak link that causes data security efforts to fail. These simple passwords are also more vulnerable to social engineering attacks where employees are tricked into divulging the password, or they may simply be guessed. To curtail poor password choices, larger companies often utilize the capability of centrally managing and enforcing password policies on domain computers through Active Directory. However, until now, smaller businesses that do not have domains had not had access to this capability.
SimplySecure’s Managed Password Policy addresses this issue by enabling administrators at smaller businesses to easily create, enforce, and centrally manage a sound and rigorous password policy, one that enforces requirements such as minimum and maximum password length, and maximum password age. Policies created with SimplySecure can and should also require password complexity, including the use of alphanumerical or special characters, upper and lower case characters, and blocking the use of account user names in passwords. Additionally, SimplySecure can be used to create lockout policy, enforcing the threshold of time before an account session requires re-authentication, as well as the account lockout duration.
“The technology to effectively manage password security policy is critical to the protection of sensitive data at any organization,” said Scott Pierson, Beachhead’s Director of Sales Engineering. “Unfortunately, these capabilities haven’t previously been easy to come by for businesses which aren’t large enterprises. Now, with the introduction of Managed Password Policy into our SimplySecure platform, we’re proud to provide the solution smaller businesses need to implement robust password security and keep their data secure.”