
How Omgevingsdienst Noordzeekanaalgebied got a grip on password use with MindYourPass
- Insight into the application landscape and accounts outside Single Sign-On
- Get a grip on password policy and BIO compliance
- Sign in securely without centrally storing passwords
- Part of a broader security, policy and awareness approach






Challenge
More secure, insightful password management
In order to comply with the BIO (Baseline Information Security Government) and be prepared for NIS2, Omgevingsdienst Noordzeekanaalgebied (here after OD NZKG) needed to ensure good password management and clear guidelines for employees. But central password management was lacking: employees used their own solutions, from browser password managers to mediocre or difficult-to-manage tools.
“Most people used Chrome, Edge and iPhone password managers,” says Harald Inen, ICT advisor at the Environment Service OD NZKG. “Although these solutions are user-friendly, we missed a central solution that also provided insight into usage.”
There was also another major risk: password reuse. “We know that passwords are repeated. Passwords that you use to log into Windows are also used outside the home.” This led to too great risks for the organization, says Harald.
Approach
From IT to the rest of the organization
The organization investigated the market and ultimately chose MindYourPass because of its unique approach: not a traditional “password vault” that itself is an attractive target, but a technique that generates passwords dynamically and therefore does not store them centrally. Another factor was that MindyourPass is a Dutch party, with short lines of communication and good contact.
Before implementation, a baseline measurement was first done. By measuring login behavior, we identified which sites requested passwords, how often passwords were reused and where the biggest risks were. This provided valuable insight and provided a starting point for discussions about policy and awareness.
The rollout itself was a learning process. Initially, they started with the IT department. “You shouldn't do that,” laughs Harald. “IT uses a password manager differently than the rest of the organization. You're now taking on the most complex, complicated piece.”
That's why the approach was changed: small teams of 15-30 people who are motivated to use it. They are intensively supervised and trained - after which they can then motivate and manage the rest of the organization.
Outcome
Grip and insight
Thanks to this phased approach, the OD NZKG is getting more and more control over its password landscape. There is now better insight into the application landscape and accounts that fall outside Single Sign-On.
“In addition to being a password manager, it also offers great functionality to gain even more insight into the security of your environment,” explains Harald. “And that's worth money.”
The tool supports the organization's password policy by enabling enforceable requirements, such as not reusing passwords. 50-60 people are now working with MindYourPass and usage is slowly growing.
Reflection
Building a safer organization
The rollout brought valuable lessons. The first group (IT) did not appear to be a logical pilot group because of their technical needs and critical attitude. Adoption also appears to be challenging in general, especially because browser password managers seem much easier. That is why the organization is now focusing on better information and more visual communication, and exceptions to the policy are carefully motivated and recorded.
The cooperation with MindYourPass has been positively experienced: the team is involved, thinks along and the technology fits well with the strategy of not storing passwords centrally. The solution not only helps to meet the BIO requirements, but especially to manage risks in an increasingly complex digital environment. For example, the North Sea Area Environment Service is gradually building a safer organization.
Get in touch with us.
Let MindYourPass make your organization safe.

Log in securely with ease.
At home and at work.


Triple-i™ improvement method
Wachtwoordveiligheid meten om doelgericht te verbeteren
Elke verandering begint met het verkrijgen van volledig inzicht in de huidige situatie. Om vanuit daar met behulp van een concreet en praktisch plan toe te werken naar de gewenste situatie: het gebruik van kwetsbare wachtwoorden binnen jouw organisatie onmogelijk maken.