IT decision-makers must rake through the morass of cybersecurity vendors out there that often make lofty promises about what their technology can do.
When budgets and staffing are tight and cyberthreats keep growing, it's imperative that organizations choose the right vendor and products for their security needs.
Jason Waits, CISO of Inductive Automation, spoke with MES Computing on the reasons why the company decided to go with 1Password as its password management solution. Inductive Automation offers a platform for critical infrastructure verticals like pharmaceuticals, oil, nuclear, wastewater and manufacturing to build applications for their supervisory control and data acquisition (SCADA) environments. Waits said the company has "thousands" of passwords to manage as well as hundreds of SaaS applications.
Here's why Waits said Inductive Automation went with 1Password.
Need To Use MFA Everywhere
"We're a tech-forward company as a software company. We have hundreds of SaaS applications. We have dozens of applications in our data center. We have hundreds of servers. As a result, we have thousands of passwords cumulatively across our environment. In today's modern landscape, we see so many attacks based on identity, people stealing passwords—reused passwords, weak passwords—so our guidance has always been do not reuse passwords, use strong passwords or pass phrases. And then use MFA wherever you can, and so we were just looking for a password manager that could help us achieve that."
Need To Share Passwords Easily
"At scale across our environment, we also need the ability to share passwords easily. We're constantly spinning up new stuff where people are playing with something, and they need to quickly give their coworker access to it."
Best Security Model For Our Needs
"Fundamentally, we felt [1Password] had the best security model for a password manager with the whole secret key architecture they use that would protect us in the event of 1Password being hacked. We wanted some degree of assurance that our data would then [not] be in the attackers' hands. We feel confident that even if 1Password were hacked, our data and our apps would be safe."
Seamless Sign-On
"The [1Password] rollout was good. The on-boarding team was good. The tech support was good. And they came out with the ability to unlock 1Password with SSO single sign-on very shortly. That's what made it really, really easy for us. Initially, the plan was to sign up and make people set a password to unlock 1Password and then that someone lock them out. We were able to just seamlessly do that, which just made it so much easier because now we don't have to tell people, 'Hey, come up with a new password, right?' They sign into everything with SSO every day."
