Witor’s S.p.A Meet NIS2 Compliance

Moving Beyond “Basic” Security

For Witor’s, the native password management tools provided by Microsoft were no longer sufficient. Users weren’t creating strong passwords and the IT team lacked a custom dictionary to block weak entries. Beyond security risks, the user experience was a major pain point, as employees would frequently find themselves locked out without clear guidance on what to do next.

As Alessio Tarantino (IT Manager at Witor’s) explained, the drive for change was twofold: “We carried out a scan of our Active Directory with Specops Password Auditor (SPA), which confirmed several areas where we wanted to tighten security. NIS2 compliance was the other key driver, as it requires organizations to implement strict password controls and provide proof of compliance.”

Zero Breached Passwords

Deploying Specops Password Policy gave Witor’s the granularity they needed to create a NIS2-compliant password policy. They’ve also made use of the Breached Password Protection feature, putting continuous scanning in place to catch and mitigate compromised credentials. Witor’s now runs audits regularly and reports zero breached passwords and a consistently healthy Active Directory.

The dynamic feedback provided at the Windows login screen now guides users on how to create a NIS2-compliant password, eliminating frustrating lockouts and helpdesk calls. Witor’s have also implemented ‘length-based aging’ where users can keep their passwords for longer if they’re sufficiently strong. “Happy users mean happy technicians,” noted Alessio.

Fast and Effective Purchase

Unlike many software deployments, Witor’s was so confident in the solution that they bypassed a trial period and went straight to purchase. Alessio said: “The PDF report from Specops Password Auditor was helpful for demonstrating the need for a better security tool and securing budget approval.”

Key highlights from the implementation included:

• Exceptional Support: The support team provided helpful guidance that extended even beyond the Specops product itself.
• Near-Zero Effort: The installation was described as simple and easy, with the entire setup completed in a matter of hours.

What’s Next?

Witor’s is already planning to expand its Specops footprint. The organization’s roadmap includes the implementation of Specops uReset to further streamline the password reset process. They are also looking into how the First Day Password feature can assist with the secure management of external technicians.