You can have all the locks on your data center and have all the network security available, but that may not keep your data safe if your employees are sloppy with passwords.
There are many ways data can be breached, and opening some link they shouldn’t is one of the most serious security sins employees can commit, but today we’ll just talk about passwords.
Here are some basic practices that you should require your employees to follow. These are basic tips. System administrators should implement other policies, such as those that forbid using passwords previously used and locking accounts after a few failed attempts to login. But just for you as a manager, here are a few tips.
- Change Passwords – Most security experts recommend that companies change out all passwords 90 days.
- Complex Password Requirements – Should include a of mix upper and lowercase, number, and a symbol.
- Teach employees NOT to use standard dictionary words (any language), or personal data that can be known, or could be stolen: addresses, tel numbers, SSN, etc.
- Do not share logins – Emphasize that employees should not access anything using another employee’s login. To save time or for convenience, employees may leave systems open and let others access them. This is usually done so one person doesn’t take the time to logout and the next has to log back in. Make a policy regarding this and enforce it.
- Use a unique password for every single site. This is easy if you use a password manager. Read more here: Why You Need a Password Manager
These are just a few basic password tips, but they can make a big difference in keeping your business’s sensitive data safe. Additionally, it is so important to layer on multi-factor authentication on every account. It only takes one open door to cause a breach.
Review our report card to see how you fare: