Key Criteria for Evaluating Enterprise Password Management Solutionsv1.01

An Evaluation Guide for Technology Decision-Makers

Table of Contents

  1. Summary
  2. Enterprise Password Management Primer
  3. Report Methodology
  4. Decision Criteria Analysis
  5. Evaluation Metrics
  6. Key Criteria: Impact Analysis
  7. Analyst’s Take

1. Summary

Every enterprise has employees, perhaps hundreds or thousands, all of whom are buried in dozens of username and password combinations. How can they keep track of them? The answer is, they can’t. Not without help. No one is memorizing all those passwords; they are reusing them or writing them down (on paper or a device). Or, if they’re smart—or their company is—they’re using a password manager.

Enterprise password management ensures that users are not being left to their own devices, at least for work passwords. Implementing a password manager allows enterprise IT to set a password policy no matter where a business account is located.

Password management also enables IT to actively control who has access to passwords, and to grant entire groups access to a single login without giving each member of the group the actual password. These two capabilities significantly enhance password security in an organization by reducing the number of employees who know sensitive passwords, and by reducing the number of passwords employees need to remember.

Onboarding new employees can be painful, as users may need to keep track of multiple new accounts. Meanwhile, offboarding holds an increased element of risk because users might still have sensitive passwords in their possession after they leave. Password management helps resolve this by requiring only a single password be changed to lock former employees out of most accounts. If password management is ubiquitous in the environment, that single password will protect all others.

Enterprises can combine password management with single sign-on (SSO) to create a simple, easy-to-use scenario that’s far more secure than leaving password management up to individual employees. Between the two, the employee needs to sign in only once (twice if SSO does not actively sign users into the password management system), and all other passwords are taken care of—and can still be unique. This limits how far an attacker can get internally if they get a single password.

The GigaOm Key Criteria and Radar reports provide an overview of the enterprise password management market, identify capabilities (table stakes, key criteria, and emerging technology) and evaluation metrics for selecting a password management platform, and detail vendors and products that excel. These reports will give prospective buyers an overview of the top vendors in this sector and will help decision-makers evaluate solutions and decide where to invest.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.