Critical Capabilities for Enterprise Password Management
- Ressourcen
- Critical Capabilities for Enterprise Password Management
Integrate with your existing environment(s)
Deployment options
Corporate Password Policies
Client compatibility
Security and Encryption
Auditing and Logging
Integration
Authentication
Import and Export
Secure Sharing
Useability, Autofill and Biometrics, Offline access, Search
Secrets Management
Passwordless for developers
Compliance
Purchasing
Implementation
Set yourself up for success by including all of the following in an evaluation of enterprise password management.
Feature | Detail | Impact |
---|---|---|
Broad SSO compatibility | SAML | Support wide range of existing identity providers |
OIDC | Support modern identity systems | |
Login with SSO (and decrypt with password manager password) | Additional security via authenticating with SSO and decrypting with main password | |
SSO with trusted devices | Use trusted devices to store users’ password manager passwords for easy retention | |
Customer managed encryption | Complete control with a key connector to retain user vault encryption locally with self-hosted deployments | |
Clear role mapping for users | Tightly managed role assignment for onboarding to ensure utmost security | |
SCIM provisioning | SCIM endpoint for onboarding | Automate user rollout to accelerate your security posture. Operate natively without requiring a bridge |
Principal User Names | Support accounts without an email address | Establish accounts by User Principal Name (UPN) where desired without requiring a user email ID |
Feature | Detail | Impact |
---|---|---|
Cloud deployment | Simple SaaS service | Easily launch password management for any size organization |
Self-hosted deployment | On-premises option | Complete control over password management in a private environment |
Centralized client configuration options | Desktop and mobile deployment and configuration options, compatibility with device and mobility management systems | Central configuration and roll out of the Mac App and extension, the Windows App, the Linux App, the managed Chrome/Edge/Firefox browser extensions, and the mobile apps (preconfigured with optional self-hosted server URL) delivers the enterprise administration companies expect |
Feature | Detail | Impact |
---|---|---|
Generate passwords | Abide by company policy | Ensure employee generated passwords meet company policies |
Policy options | Length, min numbers, min special chars, upper case, lower case, passphrase options | Maintain compliance with existing company policies |
Main password manager password policy | Policy for master passwords | Ensure employees' passwords for their password manager is strong |
Account recovery administration | Automatic enrollment | Guarantee that administrators have the ability to help employees when needed with account recovery, ensuring all individual credentials remain accessible |
Feature | Detail | Impact |
---|---|---|
Comprehensive browser extension support | Supports all major browsers | Delivers maximum flexibility for broad adoption within any organization, including options to deploy centrally for company-controlled browsers |
Chrome | ||
Firefox | ||
Safari | ||
Edge | ||
Brave | ||
Opera | ||
Vivaldi | ||
DuckDuckGo for Mac | ||
Tor | ||
Comprehensive mobile app support | Support all major platforms and application download paths | Deliver maximum flexibility for the highest adoption |
iOS Apple App Store | ||
Android Google Play Store | ||
F-Droid | ||
Direct from GitHub | ||
Comprehensive desktop app support | Supports all major desktop operating systems | Deliver maximum flexibility for the highest adoption |
Windows | ||
MacOS | ||
Linux | ||
Web app support | Functions available in stand alone web app | Ensure credential access securely in any environment |
Command Line Interface (CLI) | Fully featured CLI | Easily enable programmatic actions and integration to fit existing enterprise workflows |
Feature | Detail | Impact |
---|---|---|
Trusted open source architecture | Ability to see and examine codebase | Provide the utmost in trust and transparency for a mission critical software solution |
Minimum vault encryption 256-bit (AES-CBC or similar) | Including PBKDF2 SHA-256 or Argon2 | Strong encryption protects data should it get into the wrong hands. Advanced algorithms such as Argon 2 provide advanced encryption methods |
Zero-knowledge encryption | Entire Vault is encrypted | |
Breach reports | Integrate with services like HIBP | Breach reports help identify potential risk areas, warning users of breached sites and reused passwords |
Exposed Passwords report | Identifies passwords that have been uncovered in known data breaches that were released publicly or sold on the dark web by hackers | |
Reused Passwords report | Identifies non-unique passwords in your vault | |
Weak Passwords report | Identifies weak passwords that can easily be guessed by hackers and automated tools that are used to crack passwords | |
Unsecured Websites report | Identifies login items that use unsecured (http://) schemes in URIs/URLs | |
Inactive 2FA report | Identifies login items where: Two-factor authentication (2FA) via TOTP is available from the service, and you have not stored a TOTP authenticator key |
Feature | Detail | Impact |
---|---|---|
Full audit trail | Viewable and exportable logs of relevant events | Comprehensive event coverage ensures detail to identify auditable steps |
SIEM Integration | Easy API access | Integrate with existing systems to collect event log information for fast analysis |
Feature | Detail | Impact |
---|---|---|
Fully featured CLI | Command Line Interface | Enable programmatic integrations with existing company workflows, including handling of encrypted items. Easily handle bulk operations |
Robust API | Application Programming Interface | Enable programmatic integrations for managing members, collections, groups, event logs, and policies |
Feature | Detail | Impact |
---|---|---|
Multifactor authentication for the password manager | Including authenticator app, WebAuthn, Yubico, email, Duo | Adding multifactor authentication delivers an additional layer of security |
Ability to store MFA tokens | Store TOTP codes within password manager | Allow for multifactor authentication logins to be easily shared while retaining MFA |
Integration with Duo | Out of box functionality | Additional security with existing multifactor solutions |
Feature | Detail | Impact |
---|---|---|
Import Passwords | Import from all major password managers across .csv and .json formats | Quickly consolidate disparate solutions into a unified enterprise password manager |
Encrypted Exports | Export in account encrypted, independently encrypted, and unencrypted formats | Robust export mechanisms serve as backups and freedom to migrate if desired |
Feature | Detail | Impact |
---|---|---|
Share items with a user or a group of users | Include organization of multiple items in shared folders | Secure sharing keeps sensitive information protected with controlled access |
Send and receive encrypted passwords externally with a limited lifespan | Handle encrypted sensitive information with automatic removal | Sensitive information shared through email and messaging channels is not encrypted and could be exposed. Using encrypted, limited lifespan methods reduces risk |
Quickly revoke access when needed | Disassociate user from company credentials | With employee succession, removing access quickly ensures smoother transitions |
Feature | Detail | Impact |
---|---|---|
Client app localization | Language support | |
Browser extension and mobile apps can autofill username and password | Including options for managing Uniform Resource Identifiers (URIs) | Autofill provides user convenience and serves as a means to recognize and prevent phishing |
Browser extension and mobile apps can autofill MFA tokens | For accounts with integrated multifactor authentication | For fast, secure logins |
Biometric access across mobile, browser extension and desktop apps | Fingerprint or face identification | Convenience and security of biometrics leads to broader adoption and more use |
Account switching | In-App account selector | Provide simple switching between multiple Bitwarden accounts |
Offline vault access | Vault remains accessible offline in browser extension, mobile, and desktop apps | Ensure business continuity with read access to the vault even if connection to the server is interrupted |
Intelligent Search | Including options for advanced search | Detailed search including wildcards allows for quick retrieval of logins within a large vault |
Individual vault | User-specific credentials | Allow for an individual vault that cannot be accessed by others |
Feature | Detail | Impact |
---|---|---|
Secrets Management Option | i.e. non human interaction for certificates or API key handling | Availability of a secrets management platform for use cases beyond general password management |
Feature | Detail | Impact |
---|---|---|
Passwordless and passkey infrastructure | Passkey software development kit to enable websites and enterprise apps | Rapidly transform your company to a passwordless organization, freeing employee and IT time to focus on their primary objectives |
Feature | Detail | Impact |
---|---|---|
SOC 2 and SOC 3 reports | Third party audits | Audited validation of business practices |
HIPAA | Including the option to sign a business associates agreement | Compliance for healthcare related companies |
GDPR | Data privacy | Assure data privacy |
Annual security assessments | Network and security scans | Audited security reports showcase detailed attention to security |
Independent security researcher program | Such as HackerOne | Proactively identify potential issues |
Feature | Detail | Impact |
---|---|---|
Simple purchasing process | Direct or through channel | Easy to procure |
Billed via invoice | 30-day terms | Flexibility of an invoiced model |
Complimentary Family plan for Enterprise users | Employee benefit | Security at work and at home leads to better overall habits |
Feature | Detail | Impact |
---|---|---|
Comprehensive documentation | Publicly accessible on web | Easily understand product operations and self-serve product knowledge |
Online training | Pre-recorded and live | Provide accelerated ramp for administrators as well as end users |
Onboarding templates | Admin enablement | Pre-built email templates facilitate employee onboarding |
24x7x365 Support | Business and end user | Support for Administrators and Users around the clock |
Integration support | Deployment success | Detailed technical expertise ensures smooth deployments |
Have questions or comments on this list? Please contact us via bitwarden.com/help.
Want to see Bitwarden in action? Join our live demo via bitwarden.com/weekly.
Erhalten Sie jetzt leistungsstarke, vertrauenswürdige Passwort-Sicherheit. Wählen Sie Ihren Plan.
Kostenlos
$0
pro Monat
Für immer kostenlos
Holen Sie sich einen Bitwarden Datenspeicher
- Unbegrenzte Geräte
- Verwaltung von Zugangsschlüsseln
- Sämtliche Hauptfunktionen
- Immer kostenlos
Teilen Sie Objekte im Datenspeicher mit anderen Nutzern
Hochwertig
Less than$1
pro Monat
10 EUR mit jährlicher Rechnungsstellung
Genießen Sie Premium-Funktionen
- Bitwaren Authentifikator
- Dateianhänge
- Zugang im Notfall
- Sicherheitsberichte und mehr
Teilen Sie Objekte im Datenspeicher mit anderen Nutzern
Familien
$3.33
pro Monat
Bis zu 6 Nutzer, 40 EUR mit jährlicher Rechnungsstellung
Sichern Sie die Logins Ihrer Familie
- 6 Premium-Konten
- Unbegrenztes Teilen
- Unbegrenzte Sammlungen
- Speicher für Ihre Organisation
Teilen Sie Datenspeicher-Objekte zwischen sechs Personen
Die angezeigten Preise sind in USD und basieren auf einem Jahresabonnement
Mannschaften
Widerstandsfähiger Schutz für wachsende Teams
$4
pro Monat/per Nutzer
Teilen Sie sensible Daten sicher mit Kollegen, über Abteilungen hinweg oder im gesamten Unternehmen
- Sicherer Datenaustausch
- Ereignisprotokollüberwachung
- Verzeichnisintegration
Beinhaltet Premium-Funktionen für alle Benutzer
Unternehmen
Erweiterte Funktionen für größere Organisationen
$6
pro Monat/per Nutzer
Nutzen Sie erweiterte Funktionen wie Unternehmensrichtlinien, passwortloses SSO und Kontowiederherstellung.
- Unternehmensrichtlinien
- Passwortloses SSO
- Kontowiederherstellung
Enthält Premium-Funktionen und einen kostenlosen Familientarif für alle Nutzer
Angebot anfordern
Für Unternehmen mit Hunderten oder Tausenden von Mitarbeitenden – fordern Sie ein individuelles Angebot an und erfahren Sie, wie Bitwarden bei Folgendem helfen kann:
Unternehmen mit Hunderten oder Tausenden von Mitarbeitenden können unser Vertriebsteam kontaktieren, um ein individuelles Angebot zu erhalten und zu erfahren, wie Bitwarden Ihr Business unterstützen kann:
- Verringerung des Risikos im Internet
- Steigern der Produktivität
- Nahtlose Integration
Bitwarden lässt sich an jede Unternehmensgröße anpassen und bringt Passwortsicherheit in Ihre Organisation
Die angezeigten Preise sind in USD angegeben und basieren auf einem Jahresabo