Every business or organization should have a system in place for Password Management. In this video and blog post, we examine why passwords are a top target for cybercriminals and what your business can be doing to protect and manage your passwords.
What is Password Management?
Password Management involves the use of sustainable practices to secure and manage passwords throughout their lifecycle. Password Management allows users to safeguard their credentials against unauthorized access to accounts and services. Password Management can include developing company-wide policies as well as the implementation of a Password Management system.
Why Data is Under Greater Threat Today
Due to increased technology adoption and the impact of the COVID-19 pandemic, more important data is being stored on different networks. This means a larger amount of data is now vulnerable to unauthorized access. An organization with a broad network and large assets is at risk of being targeted by threat actors looking to identify flaws in their security posture or even lack thereof.
As we continue to grow and rely on technology, we need to ensure that the data we are storing on these networks are secure and Password Management is an excellent first step.
Why Your Business Should Pay Attention to Password Security
A password is your primary defense against cybercriminals looking to gain unauthorized access to sensitive information. According to a 2020 Data Breach Investigation Report, comprised passwords led to 81% of hacking-related breaches.
A strong password creates a protective barrier between your data and hackers and often times is the only thing stopping a cybercriminal. Businesses should pay attention to how they manage and train their employees to eliminate any human error or negligence that they can.
of hacking-related breaches in 2020 were caused by compromised passwords
Tips to Manage Your Passwords
Limit Access to Information:
To protect your data, ensure that only authorized individuals have access to important information. It’s also crucial to verify and maintain the integrity of your data as well as exactly what data you are in possession of.
Use a Password Manager:
A password manager is an encrypted, digital tool that stores your passwords and online credentials in a centralized location that’s secured by a single, strong master password. Password managers can also generate unique, strong passwords. This tool boosts data security by helping you create a password that’s unique to each of your accounts. This means that if one of your accounts is hacked, the breached password can’t be used to access other accounts.
Use a Multi-Factor Authentication System:
A multi-factor authentication system adds an extra layer of security to the password verification process. This makes the system an effective tool to enhance your organization’s security posture and prevent password breaches. In fact, implementing this system alone can help prevent 99% of account breaches!
Create a long, unique password:
Passwords should be a minimum of ten characters or more, and include both uppercase and lowercase letters, numbers and special characters (ex – !@#$%). Businesses should create and regulatory update their password security policy. Further, every individual in the organization should have a unique password.
Keep Your Passwords Complex but Memorable:
Refrain from using predictable passwords because hackers will likely be able to crack them in the event of a security breach. According to a National Institute of Standards and Technology (NIST) study, the following password types are very predictable and can be easily compromised:
- Passwords from previous breaches
- Specific words, such as the name of the service
- Dictionary words
While it’s important to generate passwords that meet basic complexity requirements, keep in mind that your passwords should also be memorable to minimize the likelihood that they’ll be written down or improperly stored.
Avoid ‘Remember My Password’ or Hint Options:
Try to skip the ‘remember my password’ option because newer web browsers are often susceptible to threats from hackers who may modify or circumvent the browser’s settings to access passwords. It’s also best to avoid storing passwords in digital documents or in the open.
Looking for assistance with Password Management for your business? GraVoc provides expert Information Security services including Governance, Risk and Compliance (GRC) Services to businesses nationwide. Click the button below to learn more about our services and how we can help.
– Risk Assessment Services
– Information Security Program & Advisory
– Security Awareness & Tabletop Training
-Disaster Recovery/Business Continuity Planning
– Incident Response
Join us virtually on Thursday, September 9th, 2021 from 4:00pm-5:30pm for an overview of how you can protect your business from ransomware & other cybersecurity threats.
In this article, we explore what Personally Identifiable Information (PII) is and why individuals and organizations need to ensure the security of this sensitive data.
GraVoc Security Consultant, Josh, demonstrates how a hacker can break an iPhone’s wireless settings using a rogue hotspot as seen in the most recent Apple bug, Wi-Fi Network %p%s%s%s%s%n.