Passwords protect a huge amount of company data, but many organizations don’t follow best practices to keep their passwords safe. Even if your business has IT policies relating to passwords, are you sure all your employees are adhering to them? There are a few best practices every company should follow to ensure their cybersecurity.
Keep Things Interesting
Make passwords complex, or better yet, use passphrases.
Despite the rise of high-profile cyber thefts and data breaches, too many individuals and companies continue to choose passwords that are easy to guess. An annual survey by SplashData revealed the most commonly used passwords are “123456,” “111111,” and “password.” These obvious passwords leave your organization open to security breaches and data leaks.
To protect your company's data, your employees need to be forced to use secure passwords. This can be done through group policy enforced by your network admin or most admin consoles for ancillary applications. The best options are lengthy password phrases that include numbers, symbols and a mixture of lower and upper case. People don’t typically choose these kinds of secure passwords because they have trouble remembering them. Security experts often say “the most secure passwords are the ones you can’t remember,” as the simplicity and patterns that make passwords memorable also make them easy to guess. For personal or home use, we also recommend using a password keeper.
Mix It Up
Refrain from using the same passwords across the board
According to a recent study, 55% of people use a single password for all their logins. This is a dangerous habit, as even the most complex password is only as secure as the weakest system that uses it. A hacker who gains access to a password by breaking into one of the systems where it is used can gain access to a variety of services if the same password is used. Using a password manager allows employees to use different passwords for all their logins, without the burden of having to remember them all.
Keep Everyone in the Loop
Educate every employee in security practices
It’s not enough for your company’s IT team to understand and implement best practices in password creation and protection. Hackers typically target the weakest link in any system. In the case of your company, this could be the bottom-of-the-ladder employee who thinks the least about security practices. To keep your whole company secure, you need to educate every employee about security practices, such as password protection. You can do this through training sessions and by making company IT policies available for everyone to read. Above all, make password protection as easy as possible for employees by providing password manager software on company devices.
All members of your organization need to play their part in keeping company data secure. By sharing these password tips with your employees, you can help to get them on board with the effort to improve your organization’s cybersecurity. For more information on best security practices, check out our free webinar on social engineering.