How Omgevingsdienst Noordzeekanaalgebied got a grip on password use with MindYourPass

About
OR NZKG
Government/Environment Service
700+
North Sea Canal Area (regional government department)
The Omgevingsdienst Noordzeekanaalgebied is a regional government organization that works to create a safe, sustainable and healthy living environment in the North Sea Canal Area. Commissioned by eight municipalities and three provinces, the Environment Service provides licensing, supervision and enforcement in the fields of the environment, soil and construction.
How OD NZKG uses MindYourPass
  • Insight into the application landscape and accounts outside Single Sign-On
  • Get a grip on password policy and BIO compliance
  • Sign in securely without centrally storing passwords
  • Part of a broader security, policy and awareness approach
Customer Story
identify
How Omgevingsdienst Noordzeekanaalgebied got a grip on password use with MindYourPass
Merijn de Jonge
Founder & CEO
Customer Story
identify
How Omgevingsdienst Noordzeekanaalgebied got a grip on password use with MindYourPass
Merijn de Jonge
Founder & CEO

Start making vulnerable passwords impossible today

Thank you for your request! We will contact you within 1 business day.
Please fill in all fields before submitting the form

Challenge

More secure, insightful password management

In order to comply with the BIO (Baseline Information Security Government) and be prepared for NIS2, Omgevingsdienst Noordzeekanaalgebied (here after OD NZKG) needed to ensure good password management and clear guidelines for employees. But central password management was lacking: employees used their own solutions, from browser password managers to mediocre or difficult-to-manage tools.

“Most people used Chrome, Edge and iPhone password managers,” says Harald Inen, ICT advisor at the Environment Service OD NZKG. “Although these solutions are user-friendly, we missed a central solution that also provided insight into usage.”

There was also another major risk: password reuse. “We know that passwords are repeated. Passwords that you use to log into Windows are also used outside the home.” This led to too great risks for the organization, says Harald.

Approach

From IT to the rest of the organization

The organization investigated the market and ultimately chose MindYourPass because of its unique approach: not a traditional “password vault” that itself is an attractive target, but a technique that generates passwords dynamically and therefore does not store them centrally. Another factor was that MindyourPass is a Dutch party, with short lines of communication and good contact.

Before implementation, a baseline measurement was first done. By measuring login behavior, we identified which sites requested passwords, how often passwords were reused and where the biggest risks were. This provided valuable insight and provided a starting point for discussions about policy and awareness.

The rollout itself was a learning process. Initially, they started with the IT department. “You shouldn't do that,” laughs Harald. “IT uses a password manager differently than the rest of the organization. You're now taking on the most complex, complicated piece.”

That's why the approach was changed: small teams of 15-30 people who are motivated to use it. They are intensively supervised and trained - after which they can then motivate and manage the rest of the organization.

Outcome

Grip and insight

Thanks to this phased approach, the OD NZKG is getting more and more control over its password landscape. There is now better insight into the application landscape and accounts that fall outside Single Sign-On.

“In addition to being a password manager, it also offers great functionality to gain even more insight into the security of your environment,” explains Harald. “And that's worth money.”

The tool supports the organization's password policy by enabling enforceable requirements, such as not reusing passwords. 50-60 people are now working with MindYourPass and usage is slowly growing.

Reflection

Building a safer organization

The rollout brought valuable lessons. The first group (IT) did not appear to be a logical pilot group because of their technical needs and critical attitude. Adoption also appears to be challenging in general, especially because browser password managers seem much easier. That is why the organization is now focusing on better information and more visual communication, and exceptions to the policy are carefully motivated and recorded.

The cooperation with MindYourPass has been positively experienced: the team is involved, thinks along and the technology fits well with the strategy of not storing passwords centrally. The solution not only helps to meet the BIO requirements, but especially to manage risks in an increasingly complex digital environment. For example, the North Sea Area Environment Service is gradually building a safer organization.

Heading 1

Heading 2

Heading 3

Heading 4

Heading 5
Heading 6

Lorem ipsum by sit amet, consectetur adipiscing elit, sed do eusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Dis aute irure door in reprehenderit in voluptate velit se cillum dolore eu fugiat nulla pariatur.

“Juist de collega’s die in het begin sceptisch waren, werden later de grootste ambassadeurs,”- addsadasd

Ordered list

  1. Item 1
  2. Item 2
  3. Item 3

Unordered list

  • Item A
  • Item B
  • Item C

Text link

Bold text

Emphasis

Superscript

Subscript

Get in touch with us.

Let MindYourPass make your organization safe.

Thank you for your request! We will contact you within 1 business day.
Please fill in all fields before submitting the form
Want to read more?
See other articles
More articles
The MindYourPass Solution

Log in securely with ease.
At home and at work.

Triple-i™ improvement method

Wachtwoordveiligheid meten om doelgericht te verbeteren

Elke verandering begint met het verkrijgen van volledig inzicht in de huidige situatie. Om vanuit daar met behulp van een concreet en praktisch plan toe te werken naar de gewenste situatie: het gebruik van kwetsbare wachtwoorden binnen jouw organisatie onmogelijk maken.

Learn more about Triple-i™

Learn more about cybersecurity

See all articles
Nieuws
Peter Bronkhorst: “Cybercrime also affects small companies - are you prepared?”
Nieuws
Peter Lahousse: “Password management is key to digital security”
Nieuws
Dick Berlin: “Digital independence? Only if we start to trust each other.”
Customer Story
How the Eindhoven Library makes digital safety part of digital literacy