An admin staff member at an MSP nearly exposed the passwords of multiple customers. The MSP used LastPass as their Password Manager, but one admin had a habit of storing passwords in a text file for quick access, especially when visiting customer sites without LastPass access. This text file was stored in the SharePoint technical utilities folder, which was accessible to several team members.
GuardWare INSIGHT’s data discovery scan detected the stored password file, prompting immediate deletion. However, a tech staff member had already shared the utilities folder with a customer’s team while working on an issue. Fortunately, the customer hadn’t accessed the password file.
MSP’s data handling practices. The MSP would have faced the difficult task of explaining the situation to all their customers and requiring them to change their passwords.
