Startup Consulting
3
Answers
Software startup advisor, mentor & coach
If you mean in Clarity then contact support from your profile dropdown.
If you mean in a product you are creating (as this question if filed under 'Startup Consulting') then most definitely yes.
As this is a complex area when requirements gathering, I setting up a call with me. I help software startups from idea to launch and beyond in a number of ways.
Kind regards
Stuart - Software Startup Coach
Answered over 2 years ago
Information Security Specialist
You would need to expand on your question, but assuming you're building a new business and you want to have individual logins for each employee as opposed to shared credentials, that's a definite yes. Shared credentials should be avoided if not banned unless needed for very special cases. This is part of the very basic security guidelines nowadays.
It should be part of your Information Security Policy.
Answered over 2 years ago
🌎Harvard Certified Global Corporate Trainer🌍
Yes, it is common and recommended for organizations to provide individual login credentials to employees. Here are some best practices for doing so securely:
Create a unique username and strong password for each employee. Don't reuse the same credentials across accounts.
Use multifactor authentication whenever possible to add an extra layer of security beyond just a password. This could include one-time passwords via an authenticator app or security keys.
Store credentials in an access management system rather than sharing them over email or documents. This allows for centralized management, auditing of access, and easy revocation when needed.
Only grant employees access to the specific systems and resources needed for their job functions. Don't share broader credentials that give more access than necessary.
Educate employees on secure password habits like not sharing credentials, avoiding weak or public passwords, and reporting any suspicious access attempts.
Rotate employee credentials periodically, such as every 90 days, to mitigate the risk if a password gets compromised.
Have strong password policies in place, like minimum length, complexity requirements, and password blacklists.
Monitor login activity for anomalies that could indicate unauthorized access attempts. Respond promptly to any issues detected.
Providing unique, properly secured credentials per employee is standard practice for restricting access to authorized users only and maintaining appropriate security controls.
Answered 11 months ago