Recent research by Deloitte Management Consultancy found that an overwhelming 9 out of 10 of B2C businesses suffered at least one security breach in the past year, and that three quarters of businesses do not have defined information security training and awareness schemes in place.
This leaves businesses significantly exposed to cybercrime and, with the escalating use of social media and networks within the workplace, the number of breaches is likely to rise.
Typically, security breaches can involve the theft of customer or employee databases, allowing confidential and often sensitive information to fall into the wrong hands and be used to commit identity fraud. Poor password management, the survey suggests, is one of the main threats to business security.
Secure your network with secure passwords
Strong passwords make for a secure network—it is as simple as that. However, the problem with insisting that all of your employees use strong passwords is that they’re probably not going to remember them. Instead they are likely to take short cuts, which can compromise the security of your business information.
They might use the same password for every situation, or they might write down their passwords on post-it notes and stick them on computer monitors, on the insides of desk drawers, or scribbled on notebooks that are left on desks.
This can be very frustrating and is far from secure. However, the reason why it happens is because people have far too many passwords to remember—from the network login for their computer and the verification code for their company credit card, to passwords to access the various services they subscribe to as well as for their hotmail, eBay, YouTube, Twitter accounts, and so on.
Creating strong passwords
Fortunately effective passwords are easy to create if you follow some basic rules: don’t use words that are easy to guess; use a combination of numbers, upper and lowercase letters and symbols, and arrange the characters in a way you can remember.
One simple technique is to take a familiar word and convert the letters into numbers and symbols. So, l becomes 1, o becomes 0, a becomes @, e becomes 3, s becomes $, and so on. Add a few uppercase letters and you have a pretty effective password. For example, ‘startrek’ might become $t@rTr3k.
Another tip is to use the first letter from every word in your favourite expression, lyric, poem or film. For example, ‘To boldly go where no man has gone before’ could lead you to the following password: 2Bgw^Mhgb4. You might also choose a password that you want to use and come up with a keystroke mapping system. For example, if you choose to do an ‘upper-left’ keystroke system you would choose the letter to the upper-left of the actual key you wanted. So ‘hellobob’ would become ‘t3ii9g9g.’
You should never use personal information in your password, such as your name, your child’s name, your occupation, telephone number or birth date. You also shouldn’t rely on Internet Explorer’s AutoComplete function or allow a website to store your password. These are insecure methods of storing your passwords on your computer. Don’t choose or change your passwords on a public computer or in a public place such as an Internet café and never use the same password on multiple accounts.
The most immediate and direct benefit of a strong password policy and an educated group of network users is increased security, which is certainly worth the time and effort. You don’t want hackers hunting through your network for your proprietary information, or, worse still, for customer data.
And if employees can get the message and follow some simple rules, it can save your IT staff or help desk lots of time—with fewer calls to reset passwords.