6 Steps to Using a Password Manager for your Small Business
If you set up the right processes and systems for password sharing, you'll never have to waste time worrying about password management again. Read on to learn six password strategies that will let you get back to working on your core business.
Table of Contents
1: Divide your team based on account access needs.
Your employees will need access to specific passwords, but it's also likely that outside vendors may need to access certain accounts as well. Does your bookkeeper need access to your credit card account? Does your marketing consultant need access to your Twitter account? Make a list of everyone who will need access to your company's passwords, and then dole out password information accordingly.
2: Identify shared password groups.
Once you've identified everyone who will need access, organize those team members into different password access groups. For example, your technical team likely won't need access to the same passwords as your marketing team. Here are a few common groups we see small businesses using:
- Administrative: Admins and office manager types need access to accounts like Staples, Amazon, hotels, and airlines.
- Finance: Bookkeepers and accountants need access to accounts like your commercial bank, credit cards, and payroll system.
- Marketing: Your internal team, consultants, or agency will need access to accounts like Twitter, Facebook, Hootsuite, Mailchimp, GoDaddy, and any Content Management Systems (CMS) you or your clients use.
Creating groups in TeamPassword is easy and ensures that the appropriate people--and only the right people--have access to the passwords they need.
3: Update your hiring procedures.
You likely already have a process for hiring people that includes collecting tax paperwork and inputting information into payroll. We suggest you add one more step--add the new hire to the appropriate password groups in your password management app. This way, the new hire will never be held up waiting for someone to give them the password for a site they need to do their job.
4: Update your termination procedures.
No one likes to think that an employee isn't going to work out, but let's be realistic. Preparing for when someone leaves (or is asked to leave) is essential. You don't want an unhappy ex-employee to have full access to your bank accounts, social media, or any sensitive company information.
To minimize risk, even if an employee left your company amicably, you should remove them from your TeamPassword account. If an ex-employee has poor password management habits, they could jeopardize your company without doing anything malicious. If one of their accounts gets hacked, your password security (and thus bank accounts, credit cards, and reputation) could be in danger.
5: Don't forget about the all-too-important consultants and vendors!
Don't forget to add them to the appropriate password groups when working with a vendor or consultant when working with a vendor or consultant. And, of course, if you stop working with a consultant or vendor, you should treat it just like an employee termination and remove access to your passwords.
6: Double-check password access regularly.
People are, well, human, and we all make mistakes. You should set a regular schedule to sign in and review your password groups, perhaps once a quarter. First, make sure the users on your account are current. Second, check the groups to which your users are assigned. For example, if Joe changed from an administrative assistant to a marketing role, he would likely no longer need the password for your Amazon account. Plus, regular check-ins will help make sure no one accidentally gave your tech intern access to all of your banking passwords.
We created TeamPassword to help people manage their team's passwords correctly. Following this simple system can say goodbye to shared Google documents, outdated Excel spreadsheets, and password security breaches. Give it a try with our free 14-day trial!