According to a recent survey, only 56% of employees are confident that their passwords at work are secure. Another survey finding stated that just 54% of UK businesses take precautionary steps to maintain good password habits. These days, passwords are being proliferated at an alarming rate, which is exactly why every workplace should manage their passwords effectively.
What every employee should understand is that keeping the work place secure is not exclusively the IT departments’ job, as this is a shared responsibility that every employee should take into perspective. Front line employees are the first line of defence when it comes to cybercrime, which is exactly why every office should manage password security with a high level of diligence. To help every workplace manage their password security effectively, we have provided a few tips below on work place password security measures. Here are four minimum steps you must take to ensure password security at your workplace:
1. Understand What Your Office Needs To Protect
The very first step towards optimum password security is understanding what your workplace has to protect. Businesses that have recently entered the market will have to setup a cyber security strategy and educate their employees on how crucial their passwords really are. Every business should implement a training session where employees are educated about how important their passwords are and how they can effectively manage their information.
2. Watch Out For Shady Emails
Many employees are not aware that their computers can easily be hacked through a simple phishing email. These emails, originating with criminal gangs or opportunists, will normally ask you to open an attachment and might even request for personal information such as passwords or other sensitive information. Many will pose as a trusted organisation, such as a bank, PayPal, Google or HMRC. Every employee should be wary of these emails, and under no circumstances should a suspicious email be opened or replied too. Even if the source is trusted, every employee should double check before taking any action.
3. Every Employee Should Create A Unique Password
Most employees never bother changing the generic passwords attached to them and this is a serious security threat. Most of these generic passwords are allotted through the company’s network and can easily be hacked in a matter of minutes. This is why it is imperative that every employee is told to create a unique password that has a mixture of capital letters, numbers and even symbols.
Many businesses prompt their employees to change their password every 3-6 months, which is a positive practice. You should also consider guidelines that rule out basic and easily hacked passwords, such as the name of the employee’s child, their birthday, or commonly used phrases. When changed, an old password should not be reused for at least 12 months. For their own security and yours, employees should also be encouraged not to use the same password(s) at work that they do for personal use.
4. Employees Should Stop Sharing Passwords
Password sharing is a very common mistake that is found in almost every office. Some employees view sharing passwords as a sign of openness and trust between colleagues, with important passwords sometimes left openly on a person’s desk or tacked to a notice board during absences.
However, password sharing amounts to a serious data security threat even if the passwords are being shared within the company. Every office should take strict action against employees that liberally share their account information and passwords with other employees.
This includes storing passwords in accessible spreadsheets on the company intranet… Most hackers will first target the office’s internal communication network to find any information that they can use to their advantage. Therefore, the first line of defence you have is to ensure that passwords are created properly and only shared with authorised personnel.
These four steps mentioned above are just a glimpse into the array of different steps that a business can take in order to effectively manage their passwords. They are, however, fundamental steps that must be taken. To learn more about how your business can effectively manage their IT assets, please have a chat with one of our data security specialists.
Disposing Of Redundant IT Assets
An important part of a robust data security strategy is managing how your assets are handled at the end of their effective life. It is common practice to recycle old IT equipment, frequently using a ‘free’ service. However, when recycling or reusing an IT asset, extreme care must be taken to completely remove all sensitive data from the device. Simply wiping a hard drive or using conventional cleaning software does not eliminate all the data, it simply removes the shortcuts to the files, which themselves remain in place. A cyber-criminal could, with the right software, restore the data from the hard drive and make malicious use of customer information.