top of page

Password Management Solution for Digital Agency

Computer screen showing password screen

Marketing Agency Secures Client Data with Advanced Password Management Solution

Challenge


A marketing agency managing multiple client websites, digital platforms, and multiple API keys were facing challenges with their secure management and storage. Previously, they used on-premise, free software solutions to store both internal and client passwords. The agency encountered several issues:

Lack of visibility: They couldn’t track which team members had access to passwords, when they were accessed, or which passwords were being used.


ISO 27001 Certification: ISO 27001 compliance; demands strict security and auditing, the current system was inadequate.


Security risks: If passwords were compromised owing to a cyber-attack or rogue employee, the impact on the agency could be catastrophic.


The agency was also preparing to migrate from an on-premise Windows server to Google Cloud, which involved a potentially labour-intensive process for updating all passwords. They approached Conformedia with a wish list for a more efficient and secure password management system; they also hoped the solution could streamline the migration to Google Cloud.


Solution

Conformedia introduced Keeper, a dynamic password management system, to meet the agency's requirements. Keeper is not merely a password store but a sophisticated tool that provides secure management of passwords across teams and clients.


Key actions taken:


Created Managed Keeper instance, integrated with Google Workspace for SSO.

Setup managed user groups.

Migrated all passwords from legacy on premise solution to Keeper cloud solution, incorporating granular permissions and access control. 

Enabled advanced auditing features tailored for the agency’s ISO 27001 certification requirements.

Advantages of Keeper Password Manager:

Comprehensive Reporting: The system can generate audit-ready reports to satisfy ISO 27001 compliance.


Security Features:


Enforced Two-Factor Authentication (2FA): Provides an extra layer of security.

Integration with cloud SAML identity providers, such as EntraID and Google Workspace.

Breakwatch: Performs regular scans to check for weak or compromised passwords, ensuring ongoing security.


Access Management:

Different access levels can be assigned to different users or teams, restricting access to only the relevant information.

Password access can be revoked immediately if necessary, such as when an employee leaves the company.


Secure Password Sharing: Allows the secure sharing of passwords with external parties, with the option to create one time links, with expiration dates for temporary access.


Cloud and Cross-Platform Compatibility: The system is accessible via a web browser or standalone app on Windows, macOS, and mobile devices.


Results

The implementation of Keeper provided the agency with several key benefits:


  • Improved security through 2FA and proactive monitoring of password strength.

  • ISO 27001 Compliance was met through thorough reporting and audit capabilities.

  • Cloud Accessibility: The team gained the flexibility to access the system via the cloud on multiple platforms (Windows, Mac, mobile, etc.).

  • Seamless password sharing with external parties in a secure and compliant manner.

  • Passwords were securely and effortlessly migrated to Google Cloud from the Windows server saving the team time.


Outcome

By adopting Keeper, the agency enhanced its security posture, ensured compliance with ISO standards, and eliminated the risks associated with their previous password management system.


For more information and advice, speak to Richard Twigger, Tel: 0113 234 1548

Comments

Featured Posts
Recent Posts
Archive
Search By Tags
bottom of page