Holloway
Security for EveryonePart V: Additional TopicsSecurity Concerns When Downsizing

Moving and Securing Shared Accounts

From

editione1.0.0

Updated October 9, 2023
Now Available
Security for Everyone

When scaling your business down, you should reduce the amount of money spent on software and other services. Sometimes these services are based on the number of user accounts associated with your account. You might find yourself deleting accounts for any employees who have left, and scaling down the number of accounts so that your team shares access to a single account.

controversy I am aware terms of service for some software services don’t allow this. But when a business is faced with surviving and paying bills and salary for the month, or paying for additional user accounts, most of us will choose the former.

When moving to a shared account, you will need to change the account password and disable 2FA that might be set up to be only accessible from your device. Don’t just stop there and consider this done. Instead, follow the same tips we covered in Part II:

  1. Set up the shared account to use an email that is accessible by the team, like a group email.

  2. Generate that new password from your password manager and make it long—over 16 characters. It shouldn’t be a password that is easy for your team to remember or write down on a Post-it Note.

  3. Share the password with your employees using your password manager.

  4. Set up 2FA using your password manager’s one-time password function.

These few steps actually help protect your business in a few different ways:

  • Setting up the new account with a unique, long password makes it harder for someone outside the business to guess it.

  • Storing the shared account password in a central place like a password manager makes it easier to reset when employees leave.

  • Having 2FA set up in the password manager makes it harder for employees who have left the business to get into the account after they leave.

  • Using an account email that is accessible by the team means any account changes, like password or account configuration changes, are visible.

These actions can help you regain control over accounts that will now be used and shared amongst your team, while also keeping them as safe as you can.

Downgrading or Canceling Your Subscriptions

Aside from reducing user accounts for your services, you might also be downgrading or canceling services you don’t need to keep your business alive. It drives me mad, but some services only provide security features for users on paid or higher-level service tiers. Service providers might not handle service cancellations with grace, which means copies of your data might be lingering around, which also leaves the security risk lingering around too. These changes can limit the amount of security protection your accounts and data has, and there are a few things to check before you hit “cancel service.”

For services you are downgrading, check what security and data protection features are included in the lower-tier plans. You can often find this information on the service provider’s pricing page, or you can search through their knowledge base or support documentation. If you can’t find this out after a quick search, ask the service provider.

To help you draft that email, you will want to ask if the following features are still available at lower or free service tiers:

You’re reading a preview of an online book. Buy it now for lifetime access to expert knowledge, including future updates.
If you found this post worthwhile, please share!
Related sections