We’re halfway through June and I’m sure you’ve read more best practices and tips on Internet safety than you can even recall. However, our focus for today is one you don’t want to overlook. Today, we’re talking passwords – both what you can do from an IT perspective and what you can recommend to employees.
In previous posts, we’ve talked about how employees tend to be our biggest weakness when it comes to security; poor or uninformed habits open the door for phishing attempts and hackers. One of those biggest doors is through passwords, which we now use in nearly every facet of our workday – computer logins, wi-fi access, email, servers, and so much more. Knowing that almost two in three consumers (65%) either mostly or always use the same password, and nearly half store (and share!) passwords in a spreadsheet, it’s not difficult to see how serious problems could stem from password habits.
Tip #3: Establish password policies: Almost a quarter of people do not consider themselves informed on the best practices for password protection, so you can enhance your company security with a rather simple focus on passwords.
On the corporate/IT systems end, set up requirements for employees, including mandatory password changes every 30, 60, 90 days (you choose the increment), requirements for strong passwords, and enabling two-factor authentication on all systems that house important data.
For employees, setup a password security crash course and highlight the value this has not only on their work life, but also helps them prevent a breach in their personal accounts as well. Educate employees on what it means to have secure passwords. This means not only creating strong passwords for your accounts, but also not sharing them with co-workers, friends and family, using a password manager to store passwords, changing passwords often, and using unique passwords for multiple accounts. Also, it might sound like a no-brainer but make sure employees are not using the same passwords for both personal and work accounts.