Painful Password Management Tips

Yes, that’s right you know what this is. It’s a reminder that without the right password management practices in small business there is a significant increase in the chances of a cyber security intrusion. This article will outline some handy tips on password management practices that your business should implement immediately.

If you’re not sure, then ask an expert for help and that’s where you should contact us!

Why is password management an important topic for any business?

The Notifiable Data breach scheme was introduced in February 2018 and since its introduction – 964 notifiable breaches have been reported and the leading cause of breaches has been phishing. People being tricked into revealing information such as passwords. This represents around 16% of all breaches – 153 in number. Human error was a third of all notifiable breaches.

Passwords are the first line of defence to the valuable information on your computers and electronic devices. It makes sense to be vigilant and ensure that you have the right practices in relation to password creation and management.

Here are some basic password principles –

  • Create Strong Passwords

By having a strong password makes it so much more difficult for a hacker to crack.  A strong password will be at least 10 characters long, not contain a complete word, a place, name or pet name that can be linked to you. The password is a mixture of numbers and letters and special symbols. Spread the numbers and special characters through the password. I find this website handy to generate ones for you.

  • Avoid writing passwords down

Writing a password down on paper or in a notebook is not a smart move – if you lose the notebook or it is stolen, then somebody has your passwords. Yes, it is hard to remember all the passwords so make sure your business is using a password management tool.  Train your staff on how the tool works and make certain they understand so they don’t start writing the passwords down.

  • Different applications, accounts = different passwords

Research has indicated that 73% of online accounts use duplicated passwords. What this means for the hacker is that if they crack your password, then they are likely to have all your information at their fingertips. Overcome this by using different passwords across various accounts. It is another reason to ensure that you have a password management tool for staff.

  • Two factor authentication

Easy to implement and a highly effective safety measure in keeping your data safe and hackers out of your system. It enables you to verify the access by asking the person who is logging in to verify they are who they are by sending a code via text for example. Links below to download to your mobile device.

  • Change passwords regularly

Have a policy about the frequency of change and if necessary, force the change by using technology solutions that ask staff to reset their passwords before being allowed back into the system. Too often people keep the same passwords for year’s, so they don’t forget the password.

  • When an Employee leaves change passwords

Not all employees leave on good terms and often they are disgruntled and therefore potentially are a business worst enemy. Make sure you have an IT person who can immediately change passwords, remove access to email and your network for ex-employees.  Think about what is at stake and for a simple management fee per month with your IT Support provider you can overcome this.

  • Safety first mentality

Would you leave the front door unlocked when your away on a holiday for six weeks? I guess not, and it is the same for your business. Instill a safety-first mentality across your organisation. Passwords are not safe if a hacker has already installed some monitoring software, so they capture what you key on your keyboard, so ensure you have installed up to date anti-virus software with regular scans scheduled across your network of computers. Make sure your IT support provider can demonstrate that your anti-virus is up to date with the latest virus definitions.

Cybersecurity is broader than password management and it is highly recommended that a business completes an initial cyber security assessment so they can understand all the elements involved and potential areas of risk.