November 30, 2021

Is your SaaS tech stack secure?

Optimal Workshop

Having access to the specialist subscription-based tools you need to do your work is a reasonable thing to expect. But what if you’re relying on someone else’s SaaS account to access what you need? Sounds like a good solution but think again. It’s risky - even fraught. Here are 3 good reasons to avoid shared login credentials and why you need your own.

1. Safety first - sharing account login credentials is a risky business 🔐

If you don’t know who’s signed up and using the subscriptions your organization pays for and holds, how can you protect their data once they’ve gone? As the account holder, you’re responsible for keeping the personal data of anyone accessing your subs safe and secure. That’s not only the right thing to do - it’s pretty important from a legal perspective too.

In today’s data-driven world safeguards around privacy and security are essential. You only need to look at the fallout from serious data breaches around the world to see the damage they can do. There’s a myriad of privacy laws around personal data out there but they’re based on the universal principle of protecting personal data.  One of the better-known laws is GDPR the EU’s data protection law. 

The General Data Protection Regulation (GDPR) regulates and protects the processing of the personal information of EU citizens and residents by establishing rules on how organizations such as companies and governments can process this personal data. It’s important to note the GDPR applies to those handling the data whether they’re EU-based organizations or not.

Avoid encouraging shared logins in your organization to ensure peace of mind that you’re doing everything you can to keep people’s personal data safe and secure - as well as keeping on the right side of the law.

2. Ease of administration - save time and energy managing multiple users 🎯

Having single logins rather than shared logins saves time and energy and makes the whole administration smoother and easier for everyone.

For instance, maybe you need to delete data as part of honoring GDPR rules. This could be tricky and time consuming if there are multiple users on one email as a generic email isn’t specific to a person. 

Generic email addresses also make it harder for SaaS providers to understand your account activity and implement the changes you want or need.  For example, customers often ask to retrieve information for account billing.   Having multiple employees using a single login can make this problematic.  It can be a real struggle to identify the right owners or users.  

And if the ‘champion’ of the tool leaves your organization and you want to retrieve information on the account, your SaaS provider won't be able to do this without proof you’re the real owner of this account. 

Another added benefit ,(which your IT & security team will thank you for), of having a personal login, is the way it makes setting up functionality such as single-sign-on (SSO) so easy. Given the way single sign-on works, shared emails just don’t cut it anymore. Also if your organization uses SSO it means you’ll be able to log into tools more quickly and easily.

3. Product support - access it when you need it 🙏

When things go wrong or you just need help using products or tools from your friendly SaaS it’s important for them and for you, that they’re in the best position to support you. Supporting people is a big part of the job and generic emails make it harder to connect with customers and create the people to people relationships that enable the best outcome when problems arise or training or help is needed.

You may be surprised to hear what a blocker multiple users on a single email can be. For instance, generic email addresses can make it harder for us to get to the right person and communicate with you.  We won’t know if you have another email active in the system we can use to help you.

Wrap up 🌯

We’ve given you 3 good reasons not to account share - still, need convincing?  

What about getting the right plan to meet your organization’s needs - so you don’t need to share in the first place? There could be all kinds of reasons why you’ve ended up having to account share: maybe a workmate signed up, shared it, and got you hooked too.  Or your organization has grown and you need more subs.  Whatever the reason there’s no need to account share - get in touch and sound us out to find a better, safer solution.    

Publishing date
November 30, 2021
Share this article

Seeing is believing

Dive into our platform, explore our tools, and discover how easy it can be to conduct effective UX research.