According to a study by IBM ‘95% of cyber security breaches are caused by human error’, this can be anything from clicking a phishing email to having a weak password. If any of these attacks are successful, you're likely to experience a halt to business operations, reputational damage, and even financial loss; and with the average cost of a data breach being the highest its been in 17 years at £3.36 million, according to a study by ITPro, password hygiene should be a top priority in 2023.
With this in mind, it’s clearly more important than ever to have a secure and streamlined way to manage your account data, and we believe we've found the tool to help you do so.
Introducing Bitwarden, the open-source password manager that enables companies to protect multiple accounts with robust passwords using end-to-end encryption without the hassle of needing to remember them. Whilst the password manager is Bitwardens' primary product, Bitwarden has continued to release more features, from 'Bitwarden send' to MSP plans, and due to having constant scrutiny from the open-source coding community, security is Bitwardens' number one priority. All this combined makes us believe that Bitwarden could be a security game-changer. In this blog, we'll take a deeper look at what makes Bitwarden so great and offer a solution to your account security problems.
Bitwarden Costs and Plans
During a time when it feels like everything is costing more, it’s a relief that Bitwarden is completely free. Bitwarden does offer extra-paid features which are generally just ease of life benefits that are aimed towards clients that want multiple Bitwarden users (typically enterprises). These are priced separately, but with the main features included as standard and the additional paid features working on a 'pay for what you need' basis you never feel pressured to spend.
Bitwardens Features and Benefits
Password Manager
Bitwardens' Primary service is a secure password manager, this can be accessed through a few different channels, from a desktop app and browser extension to the most commonly used mobile app. The initial setup of Bitwardens password manager is extremally easy, Bitwarden asks you to create a master password for the account which would be the only password that needs to be held outside your Bitwarden vault. Usefully, once you’ve created your account and are logged in, you will have the option to enable either face ID or a pin code for logging into Bitwarden on that specific device, instead of having to meticulously put in your (hopefully) complex master password, making the login and vault access process much more streamlined.
Passwords can be added and removed with ease, all you have to do is go to “my vault” section, press the "+' button, fill out the details, and then the password is saved. Once login details are saved within Bitwarden anytime you attempt to login via a browser (providing you have the desktop extension) Bitwarden can automatically show your login options in a clear list and then with one click, you can fill in both the username and password.
You may be concerned that a ‘one-click solution’ could have its security downfalls. But no, Bitwarden conducts regular third-party security audits and is compliant with Privacy Shield, HIPPA, GDPR, CCPA, and SOC 2 security standards making Bitwarden as secure as possible.
Data Sharing in Bitwarden
When Teams collaborate on a project, they often need to share an account, but giving out login information can be risky. That’s why Bitwarden provides an easy-to-use and secure password-sharing feature. The 'share' process only takes a few simple steps:
1) First of all, you have to create an organization account and then go to the 'manage' section.
2) Next, click the 'Invite User' button and enter the email address of the user you want to share data with.
3) If the person being sent the data already has a Bitwarden account, they can accept your request straight away. Otherwise, they'll have to create an account first. Finally, once they’ve joined your organization, just confirm their membership, and they could see the credentials that you want to share with them on their vault. This makes it a fairly straightforward system for secure password sharing.
What makes Bitwardens password sharing so secure is the use of end-to-end encryption. What this means is that as soon as the first user inputs the information, such as a password, it is automatically encrypted. Then as the password is shared, it remains encrypted so no other entity can view it in transit, nor can anyone see it stored within a cloud or server for syncing. Finally, the recipient, on the receiving end, will decrypt the information for use.
Password Generator
Bitwarden provides an efficient and reliable password generator that can create passwords with up to 128 characters that include a jumble of capitals and symbols making your password virtually impossible to crack. Once the random password is generated, it can then be used to create a login which when created will automatically store in Bitwardens vault and can be accessed whenever you need it, meaning you don’t even need to know your own password.
Bitwarden Send
“Bitwarden Send” is a lightweight utility used to share information with another person for a limited period of time. Bitwarden users can easily transmit a file or text, and rest easy knowing the sent information is protected with end-to-end encryption and will not last forever. Users choose an expiration date for the “send” link, after which it no longer works to access the information.
Some of the main features/benefits of Bitwarden Send:
- Transmit Securely – As mentioned, information shared is end-to-end AES-256 bit encrypted and can be 100% hidden from third-party applications with the addition of a password manager
- Limit exposure – Users can set expiration dates and access limits for shared information, reducing the risk of unintentional data leaks
- Share text and files – Bitwarden Premium users can use send to share any type of information, like passwords, documents, credentials, and more. Bitwwarden users with a free account have access to ‘Send’ for text information only
- Maintain confidentiality – Avoid exposing shared information to intermediary systems or people. The send is created and only accessible via a secure link. It can be password protected for added security
- Receive text and files – A Bitwarden Send secure link can be generated and sent to any online user, whether the link recipient is an existing Bitwarden user or not
Open Source Makes for Scrutinised Security
Bitwarden unlike other password managers is open source, what this means is that the source code for Bitwarden is hosted on GitHub and everyone is free to review, audit, and contribute to the Bitwarden codebase. Because of this the security of Bitwardens systems is constantly being reviewed and scrutinized, meaning nothing goes ‘under the radar'.
A quote by Bitwarden states “We believe that being open source is one of the most important features of Bitwarden. Source code transparency is an absolute requirement for security solutions like Bitwarden” this quote shows a clear commitment and understanding from the Bitwarden team to uphold a security standard that will be constantly reviewed and tested.
Keeping Your Business Secure
Cyber-security is going to be a top priority for businesses this year, and with everything from password managing and sharing to the implementation of their ‘send’ feature Bitwarden could be the app your business needs to keep on top of account security and password hygiene.
Accounts and passwords are only a couple of many elements that need to be protected to keep your business safe, with so many other security threats out there keeping on top of these whilst also running a business can become difficult. Because of this a lot of businesses have decided to partner with a reliable MSP that deals with security in-house, taking the stress off business owners and IT managers.
Here at entrust IT we see cyber-security as a top priority that’s why we obtained and continue to maintain our ISO 27001 accreditation and only use UK based datacentres that also have their own ISO 27001 certification. In addition to this, all the cloud services we provide are encrypted, including our hosted desktop and application products. Would your business benefit from putting your cyber security concerns on us? If so, please feel free to get in touch on 0330 002 0045 or email enquiries@entrustit.co.uk to be put in contact with one of our experienced consultants.
