All businesses have confidential information that they want to protect from outside sources. As many employees have access to business servers and intranets there is a great need for password and security measures to be in place. In this article we will explain the importance of password security procedures and what they should include.
Why businesses require password security procedures
Although having to remember numerous passwords can be difficult and even sometimes frustrating, we take for granted the protection that passwords provide. Businesses require passwords to protect confidential information which may be crucial to their success. They may also want to protect financial data, intellectual property and client lists. When accessing an IT system employees are usually required to enter their email address or username along with a password, which proves they are who they say they are, before access is granted.
How to choose an effective password
Unfortunately there are people out there that use cracking tools which figure out people’s passwords, enabling them to gain access to their systems, files and important information. Cracking tools are able to process large quantities of letters and numbers until a match is found, so it is essential that employees choose strong and effective passwords for their business accounts.
Conventional words that are found in the dictionary are easy for hackers to figure out with the use of cracking tools. This also applies to words spelt backwards or with numbers added onto the end. Employees should also avoid using passwords related to their username, family members or pets, as it is easy for hackers to obtain this personal information.
Most businesses require their employees to create ‘strong’ passwords which are complex and hard to figure out. The longer the password, the harder it is to crack, so avoid using short passwords. Most systems and programs allow passwords to be up to nine characters long.
Special characters, alt characters and a mix of lowercase and uppercase letters should be used to create strong and effective passwords. Replacing letters with special characters is a fantastic way of making your passwords more complex.
Another idea is to think of memorable phrases rather than words. It is recommended that you use phonetic spellings or take the first letter of each word to create the most effective passwords.
What your password security procedure should include
Businesses should write down their password security procedures so that their employees understand why it is important to use strong passwords and how to create them. The policy should remind employees to avoid using the same password for multiple accounts and ask them to change their passwords on a regular basis. System administrators can set up password expiration programmes which will remind users that they need to change their passwords. It is also important to keep a record of previous passwords to prevent employees from reusing them.
The policy should warn employees not disclose their passwords to anyone unless they are authorised system administrators. If they have got to share their password it should be in person, as hackers may try to tap into phone lines or gain access to emails. It is important that employees sign the policies so business owners are reassured of their awareness and conformity.
If businesses want to keep their information safe and secure then it is essential to have strong password security procedures in place. Employees should be informed of the importance of security procedures and taught how to create the most effective passwords. A clear outline of your procedure should be given to all employees for them to sign off on. System administrators may also want to consider extra protection such as locks on accounts if passwords have been entered incorrectly after a certain number of attempts When it comes to keeping business data safe, there is no such thing as too much protection.
About the Author: Megan Hunt who suggests Cheeky Munkey IT Support if you need help getting your passwords and associated procedures set-up.