INSIGHTS
A few thoughts worth sharing
Inside the ProServ Process
- ARTICLES
- CASE STUDIES
- BLOG
Does it seem like cyberattacks are on the rise? It’s not your imagination. The last two years have witnessed the highest number of these criminal hacks on record, with malware attacks surging by over 350%.
Cybersecurity is more than a buzzword; it’s a necessity for every company. You want to guard your customers’ private data and protect your business as well. Your IT department, whether in-house or third party, has a multi-pronged plan in place to help keep your computer network secure. However, they can only do so much. What´s more, businesses have been slow to catch up with cybersecurity hazards. Only 5% of companies report having proper protection.
Cybercrime is a lucrative business that can devastate companies and may cost the world over $10 trillion a year within the next few years. In many cases, the cause is a single compromised password.
What is Disaster Recovery?
The humble password is often your business’s first and best line of defense against a data breach. A smartly created password, carefully protected by employees following best practices, keeps cybercriminals out of your computer network.
Passwords allow a user to open a door in your computers’ security system and access data. This is necessary for employees to do their job. It’s also one of the most popular targets for hackers. Just as burglars can use a spare key to break into a house, cyber-criminals will use a password to unlock your computer network.
It’s not just data theft that you need to worry about. With a high-level password for administrator’s privileges, hackers can cover their tracks, set up long-term surveillance in your computers, alter or delete data, and lock you out of the system to hold it for ransom.
Depending on the consequences of a data breach, you and your company may be held liable for damages done to customers who had their private information stolen. Lax password security might be used against your business in the courts. This has become such a big problem that the US government’s Cybersecurity & Infrastructure Security Agency regularly publishes tips for choosing a good password and protecting it.
Top 10 Tips for Password Protection to Implement Immediately
Sold on how important this is? Let’s look at what you can put into place right now to improve your password security.
1. Don’t Share Passwords
Every user should have a unique password. For multibranch companies, consider separate passwords in each building as well.
2. Use Longer Passwords
Issue passwords 12-15 characters long. Passwords less than nine characters will be pretty easy to brute-force crack, even if they are entirely random sequences of characters.
3. Use Mixed Characters and Numbers
Never use a password that is a word in the dictionary, as that’s one of the first things hackers will try. For more safety, include a mix of lowercase and uppercase letters, symbols, and numbers. Avoid passwords that spell out common phrases.
4. Don’t Use Personal Information
Avoid issuing passwords with any connection to the employee. This includes maiden names, birthdays, names of children, favorite color, etc.
5. Don’t Use Consecutive Letter or Number Combinations
These include qwerty, 1234, etc. For keypads, don’t issue consecutive passcodes or spell out easily guessed patterns, such as every odd number.
6. Consider Two-Factor Authentication
Yes, this can be a tedious extra step that slows down workflow, but it´s considerably safer than a single password. Consider it for the most sensitive data in your system.
7. Log Off When You Leave
Implement a policy that everyone in the company logs out when they leave their computer, even if it’s to grab a quick coffee from the break room. Remember to follow this policy yourself. Business owners are a popular target for cyberattacks.
8. Write Nothing Down
Never write a password down on a piece of paper or on a smartphone. There are memory devices that employees can use instead. For instance, if choosing the name of your favorite food as a password, you could select Ice9pp9eW for ‘I could eat pepperoni pizza every Weekend.’
9. Untick ‘Remember Password’
This is the digital equivalent of writing your username and password on a sticky note and sticking it onto the computer screen before you leave work. An increasing number of data breaches occur via unsecured browsers—don’t do half the hackers’ work for them.
10. Update Your Passwords Regularly
Some businesses do this monthly, others quarterly. If you or companies in your field have been targeted, stay ahead of the problem and update on the spot. Remember to issue completely new passwords; don’t just tack a number or the year onto the end of the old ones.
What Else?
You’ve kept the password secret, but if your computer is compromised, the secret could be out as soon as you type it in. Protect your security by:
· Keeping operating systems and antivirus software up to date.
· Scanning your computer for spyware.
· Watching for suspicious activity.
· Double-checking where a link in your email is coming from before clicking on it.
· Not opening any unexpected email attachments.
· Reminding employees regularly about ways to protect their passwords.
Prevent Cybercrime with a Smart Password Strategy
Even the most sophisticated IT security strategy can fail if passwords are broken and fall into the wrong hands. Want to avoid your business becoming another cybercrime statistic? The vital first step is to create strong passwords that can’t be guessed. Follow that up by removing easy ways for hackers to access the password, such as never saving them in an open browser window. Finally, keep your overall computer security in top form with the latest patches and updates.
Do you want to increase your St Joseph company’s cybersecurity measures, mitigate your risk, and protect your customers’ data? Contact ProServ Business Systems today for a free, in-depth assessment of your IT network’s infrastructure.