The Notifiable Data breach scheme was introduced in February 2018 and since its introduction – 964 notifiable breaches have been reported and the leading cause of breaches has been phishing. People being tricked into revealing information such as passwords. This represents around 16% of all breaches – 153 in number. Human error was a third of all notifiable breaches.
Passwords are the first line of defence to the valuable information on your computers and electronic devices. It makes sense to be vigilant and ensure that you have the right practices in relation to password creation and management.
Here are some basic password principles –
By having a strong password makes it so much more difficult for a hacker to crack. A strong password will be at least 10 characters long, not contain a complete word, a place, name or pet name that can be linked to you. The password is a mixture of numbers and letters and special symbols. Spread the numbers and special characters through the password. I find this website handy to generate ones for you.
- Avoid writing passwords down
Writing a password down on paper or in a notebook is not a smart move – if you lose the notebook or it is stolen, then somebody has your passwords. Yes, it is hard to remember all the passwords so make sure your business is using a password management tool. Train your staff on how the tool works and make certain they understand so they don’t start writing the passwords down.
- Different applications, accounts = different passwords
Research has indicated that 73% of online accounts use duplicated passwords. What this means for the hacker is that if they crack your password, then they are likely to have all your information at their fingertips. Overcome this by using different passwords across various accounts. It is another reason to ensure that you have a password management tool for staff.
- Two factor authentication
Easy to implement and a highly effective safety measure in keeping your data safe and hackers out of your system. It enables you to verify the access by asking the person who is logging in to verify they are who they are by sending a code via text for example. Links below to download to your mobile device.