Sitemaps
Education

Questions

Startup Consulting

Can we have employees and give them individual log in credentials?

Answer This Question

3

Answers

Stuart Prestedge

Software startup advisor, mentor & coach

If you mean in Clarity then contact support from your profile dropdown.

If you mean in a product you are creating (as this question if filed under 'Startup Consulting') then most definitely yes.

As this is a complex area when requirements gathering, I setting up a call with me. I help software startups from idea to launch and beyond in a number of ways.

Kind regards
Stuart - Software Startup Coach

Answered about 2 years ago

Roberto Arias

Information Security Specialist

You would need to expand on your question, but assuming you're building a new business and you want to have individual logins for each employee as opposed to shared credentials, that's a definite yes. Shared credentials should be avoided if not banned unless needed for very special cases. This is part of the very basic security guidelines nowadays.

It should be part of your Information Security Policy.

Answered about 2 years ago

Joy Broto

🌎Harvard Certified Global Corporate Trainer🌍

Yes, it is common and recommended for organizations to provide individual login credentials to employees. Here are some best practices for doing so securely:

Create a unique username and strong password for each employee. Don't reuse the same credentials across accounts.

Use multifactor authentication whenever possible to add an extra layer of security beyond just a password. This could include one-time passwords via an authenticator app or security keys.

Store credentials in an access management system rather than sharing them over email or documents. This allows for centralized management, auditing of access, and easy revocation when needed.

Only grant employees access to the specific systems and resources needed for their job functions. Don't share broader credentials that give more access than necessary.

Educate employees on secure password habits like not sharing credentials, avoiding weak or public passwords, and reporting any suspicious access attempts.

Rotate employee credentials periodically, such as every 90 days, to mitigate the risk if a password gets compromised.

Have strong password policies in place, like minimum length, complexity requirements, and password blacklists.

Monitor login activity for anomalies that could indicate unauthorized access attempts. Respond promptly to any issues detected.

Providing unique, properly secured credentials per employee is standard practice for restricting access to authorized users only and maintaining appropriate security controls.

Answered 10 months ago