Comparing Costs of Password Managers for Business Use On-Premises vs. SaaS

Much of the level of actual cyber security of any business today depends on the password policy within the organization. Prime attack vector still today is social engineering, weak access codes, and improper password management solutions for businesses in use. Weak passwords can potentially compromise the whole organization. What is more, a poor password management solution can void even the hardest password policies in use. Secrets, however good they are, won’t hold if they are stored insecurely.

For hackers it still today is cheaper to get access to existing credentials than break into the system through existing application vulnerabilities. Automated software patching can ensure that vulnerabilities are fixed as soon as possible, but no automated solution can guarantee that password policies are strong enough and that the most valuable secrets are stored properly. Application vulnerabilities can cost a lot of money and search for them can cause alarms to get off, but gathering intelligence for passwords can be done under the radar for a long time.

When considering proper password manager for business use, the question quickly boils down to the choice between a custom on-premises deployment or a cloud-hosted or SaaS-based appliance. And there are trade-offs there, both technical, security-related, and, perhaps more importantly, specific to business use and its requirements. PassWork is one of the most advanced and secure password management solutions for business use. With truly international orientation and infrastructure maintained within stable parts of cyberspace, PassWork can help organizations to ensure that their most valuable assets, passwords, are stored properly and securely even during the most turbulent times of a business.

Benefits of on-premises deployed password management solution

Traditional security architecture consisted of bordered zones, with hardened guards on any crossing points and “walls” to separate the green zone from the red one. This used to be a de facto corporate security layout within IT for years as well, and why not, there are clear strengths to this kind of bordered architecture. In the case of the password management solution, this means, that passwords are stored, managed, and only accessed internally within the corporate or business network. There are, however, at least two drawbacks here. First, most companies need to integrate today more than before with various stakeholders and thus a bordered model becomes too bureaucratic, if not a hindrance for business altogether. Second, many small companies may not have the resources and budget to maintain up-to-date internal bordered zone, and thus, the architecture itself becomes a single point of failure for the organization.

Having an in-house installation of a password manager for business, naturally, gives complete control, which is the strongest argument for bordered security architecture. Full control comes with costs and responsibilities, something perhaps more suitable for large enterprises than small businesses of today. Similarly established institutions, with static sites and processes, may be better equipped with bordered zone security architecture. PassWork management solution can respond to these needs as well, with an in-house version available for those customers who want to ensure full control of the application as well as are equipped and competent to maintain the internal installation.

SaaS and Cloud — services for small and medium-sized businesses

Small companies may not be willing and capable to take the costs of bordered security architecture. Typical agile businesses today need to be flexible, mobile and their infrastructure be able to respond to global requirements from the first hour on. This is the key motive for software purchased as a service (SaaS) and hosting organized as a cloud service. These give businesses required flexibility and what is more when it comes to password management, increased level of security due to the benefits of shared infrastructure. Many small companies can achieve a higher level of security by using cost-effective SaaS and cloud services, by gaining access to advanced security and protection services that they on their own might never be able to afford.

Passwork comes in handy as a SaaS service. Prices are not high and the infrastructure is hosted in a secure country with a stable regulative framework. There is little to no risk of corruption or misuse within the law and enforcement organization, so customers can rest assured that their data is and remains secure and available whenever needed. Furthermore, Passwork services are hosted from and for member states of the European Union, so general data protection regulations imposed by the EU are taken into account at the same time, with low cost and low risk for customers. Businesses today have customers from all over the world and need to be able to serve various market areas. This requirement escalates also the way the passwords are managed and stored — with Passwork companies can be sure that they are ready to face the global markets and all the risks that it involves.

Barely any costs at all — for everyone according to their needs

Passwork comes with a competitive and aggressive pricing model, fit for both purposes, for in-house deployments as well as using the software as service purchased on a monthly or annual basis. The value of password manager for business use solutions must be calculated with the potential damage caused by password leakage. This estimation must include an evaluation of the risk, that is the likelihood of it occurring and the potential impact of such password compromise. Naturally, for just about any company, the likelihood of simple leakage of passwords is high – consider just the case of missing exit-process, where a former employee walks away and takes critical business-related passwords with. The potential impact of such compromise is bound to the role of such person, or in the worst case, the whole business. It is easy to come up with high numbers when estimating the realistic costs of risks involved with poor or improper password management. Now, a good level of security investment comes facing this risk on a proper level. Passwork SaaS service is priced very conservatively so that even small businesses can afford it so that as the business grows, every password and secret asset is properly managed already. This gives good scalability and outlook on business development well to the future as well.

Passwork SaaS pricing starts with $9/year today, for one user, and up to $180 for 20 users license. In-house installation license costs $490 for a small team, $990 for a company, and $1990 for unlimited use. Considering the risks involved, a good level of security investment does not necessarily need to be high – the key thing is that the investment is effective and the choice of service type, that is in-house or SaaS service. Security investment is an annual effort and must continue after a careful audit and review process in each budget. Annual SaaS service can help small businesses to allocate sparse resources, but it is good to remember that service costs are just a portion of any proper security investment – the key is to transform the organizational culture, not only to implement certain applications or tools. Applications like PassWork can, however, help small businesses to get on to the level of the corporate world, and in themselves also promote and advance the chance of the security culture within the organization.

Security is not an island, but a continuous journey through the jungle and oftentimes difficult terrain, if not even like a safari ride. For any endeavor like that, businesses must have been shielded from day one.

Essential questions to ask when choosing between SaaS and On-premises deployment

Choosing between SaaS and on-premises deployment can be a critical business decision. If nothing else, it can have a huge impact on the business recovery and resilience capabilities of the organization. Reasons for choosing either one, still, varies business by business. Some essential questions that can be helpful when considering which one to choose are listed below.

  • Are there strategic or regulatory demands that require bordered in-house architecture?
  • Do you have more than 20 employees in your IT department?
  • Are there people working as IT admins within the staff?
  • Are you planning to store important passwords externally?
  • Do you have your own servers?
  • Do you spend more than XXX on IT expenses?
  • Do the business resilience requirements require “full control” deployment in-house?

Furthermore, in-house deployment can bring more control over the application, but with added costs and responsibilities attached. Not all organizations are willing or able to take that added burden of IT management and maintenance costs – e.g. maintaining server updates, security patches, and regulatory system audits.

How much does it cost to have SaaS Solution

Cost — $18 per user per year.

Team 1 year 2 years 3 years
10 users $180 $360 $540
50 users $900 $1,800 $2,700
200 users $3,600 $7,200 $10,800

How much does it cost to have On-Premise Solution

Average Server Cost — $20 per month
Support — 2 hours per month
Support rate — $25 per hour
Support cost — $50 per month
Total cost — starts with $70 per month ($840 per year)

Team Solution Cost Updates
per year
per year
1 year 2 years 3 years
10 users $490 $90 $840 $1,330 $2,260 $3,190
50 users $990 $190 $840 $1,830 $2,860 $3,890
200 users $1990 $390 $840 $2,830 $3,670 $4,900