When Business Password Managers and Hybrid SSPR Converge
Securing the Final 20% of Enterprise Identity
The Enterprise Reality Behind the Passwordless Push
The 80/20 Identity Gap
Most organizations can modernize 70 to 80 percent of applications with modern authentication. The remaining systems still rely on passwords, requiring a hybrid SSPR and business password manager model to maintain control in complex environments.
In this episode of Identity at the Center, Bart Allan, General Manager at Bravura Security, joins Jim McDonald and Jeff Steadman to discuss the uncomfortable truth about enterprise password management. While passwordless strategies advance, the final 20 percent still matters. How those credentials are managed can determine whether a breach is contained quickly or spirals out of control.
The conversation explores how treating enterprise passwords like privileged credentials—with centralized control, automated rotation, and removal of the human element—reduces exposure to social engineering, improves resilience, and simplifies recovery at scale.
Listen to the Episode
- Why the final 20 percent still drives real risk
- The difference between personal and enterprise password managers
- How help desk resets become social engineering entry points
- What coordinated credential rotation looks like during a breach
- The evolving role of password managers as passkey managers
Watch the Full Conversation
Where SSPR and Business Password Management Converge
Reset is reactive. Management is proactive. Enterprise control requires both.
- SSPR reduces friction and downtime.
- Business password management enforces lifecycle governance, rotation, and synchronization.
- Together, they remove credential ownership from users and place it under enterprise control.
Hybrid Environments Demand Centralized Password Discipline
Bravura Security’s roots in self-service password reset date back to 1992. Today, the Bravura Security Fabric delivers integrated identity, privileged access, and enterprise password management across on-premises and cloud environments.
The next evolution is Passwords as a Service: shifting password ownership from users to the enterprise. Credentials automatically update across connected systems and securely land in the user’s vault, keeping users productive while IT maintains control.
If your organization is pursuing passwordless while still managing legacy and hybrid complexity, this episode offers a practical perspective on securing what remains.
Trusted by global enterprises managing hundreds of thousands of identities across hybrid environments.
Jeff Steadman, Host
Identity at the Center
Jeff has worked in IT and IAM since 2001, delivering complex global identity programs for organizations across industries. A leader in RSM’s Digital Identity consulting practice, he has developed IAM strategies and led global security operations teams for Fortune 100 companies.
Bart Allan, General Manager
Bravura Security
Bart is a cybersecurity and identity executive with 15+ years of experience, including over a decade at Bravura Security. He has led large-scale IAM and privileged access programs supporting 300,000+ employees and 10M partner accounts. A CISSP and General Manager, he drives enterprise identity strategy and operational transformation.
Jim Mcdonald, Host
Identity at the Center
Jim leads RSM’s Digital Identity Advisory Services team and brings 25 years of IT experience, including 20 years delivering complex global IAM programs for large enterprises. He has developed workforce and customer IAM strategies for 100+ organizations across manufacturing and financial services.
Who Should Listen
• Identity architects managing hybrid IT
• Security leaders preparing for breach recovery
• IAM teams dealing with legacy password systems
• IT leaders evaluating business password manager strategies
Listen Now
Identity at the Center® Podcast
Identity at the Center® is a weekly vendor-neutral podcast all about digital identity in the context of identity and access management (IAM). With decades of real-world IAM experience, hosts Jim McDonald and Jeff Steadman bring you conversations with news, topics, and guests from the digital identity industry.
Do you know who has access to what?
