1

We are a vendor that provides software to the healthcare industry, and our application is locally hosted on customer infrastructure. As such, we are provided with VPN access in order to be able to provide support for the software. Given the risk that a member of staff could see HIPAA protected information, almost all of our customers insist that each user be given their own unique credentials and passwords. This can cause havoc trying to remember usernames and passwords for each site that an agent has to connect to.

Have any of you come across this problem before, and how do you manage this among your teams? Short of writing them all down and locking them in a safe except when they are needed, I'm not sure of the best way to manage this. I've been researching things such as LastPass, but it appears to want plugins to try and insert passwords.

Any thoughts much appreciated.

James Daniels
  • 11
  • 1

1 Answers1

2

I use KeePass as it seems the most user-friendly. I have co-workers who use Password Safe, the arguably more secure alternative from the Chuck Norris of cryptography, Bruce Schneier. Both of these products have encrypted databases.

As far as actually managing those remote connections, collegues and myself have used RoyalTS. While not a completely free product, it does offer up to 10 connections for free. And does encryption on the whole connections file DB. This application also does SSH connections, however I still prefer PuTTY for SSH and Telnet connections.

PTW-105
  • 1,377
  • 9
  • 7