You, Yes YOU! are responsible for keeping your company data secure!
Most external access hacks are caused by employees being careless with regards to their user account security. Statistics prove that 60% of the businesses in Australia that have had their data held to ransom and not been able to get it back – have closed their doors in 6 months. Do you really want the loss of all your co-worker’s jobs to be because of you? If you hate them that much, do yourself a favour and quit working there.
ALWAYS REMEMBER that your password is the front door key to your business. If a hacker obtains it, there is NO WAY to prevent them from accessing your systems and doing really bad things with your company or customers data.
The good news is that it is actually easier than you think to have – and remember – a secure password.
Currently, the standard for being secure is to have a password that is a minimum of 14 characters long and contains UpperCase, Lowercase, Numbers and/or characters.
Sounds difficult! But, there are some simple tricks to make this easy to remember:
Easy Password creation examples:
A short sentence (called a PassPhrase)
- Eg: ‘1 have Br0wn Hair’ – 17 characters long (which includes spaces which are special characters), all requirements met, super secure, easy to remember.
- Eg: ‘Br1sban3 Br0nc0s t0 WIN’ – 23 characters long (which includes spaces which are special characters), all requirements met, super secure, easy to remember.
A keyboard sequence (called a PassSequence)
Eg: ‘1qaZse4rfVgy790-’ – (16 characters long, all requirements met, super secure, easy to remember)
CHOOSE YOUR OWN PATTERN! THIS ONE IS TAKEN!
The latest opinion and practice (Already adopted in the US Defence and Government departments) for keeping your password secure has now turned away from forcing you to change it every week or month (Finally!!) to instead having the risks and the rules of security explained to their staff and then trusting their staff to do the right thing.
The rules for keeping your password secure are:
- Do NOT tell it to anyone! Not ever!
- If you need to give someone else access, change your password first, give that to them and then when they have finished, change your password back!
- Do NOT use it for any other login type such as Facebook or Supplier Log-in or Gmail, etc.
- Hackers know a lot of people use the same passwords on multiple online accounts so purposefully harvest as many username and password details they can from less secure sites and then try that combination everywhere.
- Do NOT record it on your phone, computer, cloud storage or in your email.
- You may think your phone is secure and no-one can hack into it. After all the high-profile cases of actors and public figures having their phones hacked do you really still think that? Email is certainly not secure.
- If you suspect it has been compromised – Change it as soon as you can!
- You think a fellow employee watched you type it in, or you suspect that someone was looking over your shoulder when you were logging in remotely from the airport, or you did not realise that a security camera was right above you…
- If you know it has been compromised – Change it and tell your IT department what happened ASAP!
- You saw someone writing it down when you were logging in at the airport, or you know that at the staff Xmas party you may have mentioned how awesome your password was…
- If you FORGET it, just give your IT department a quick call and they can reset it. (Even they have no way of finding out what it was – they can only reset it to something new)
Yup, it is all fairly simple to protect your job, your company and your fellow employee’s jobs by keeping your password secure.
It is also easy to be lazy or believe it couldn’t happen to you and as a result, kill the whole company. Hackers know there are still a lot of people out there who think they know better when it comes to security. In fact, they make a living off it.
If you want more suggestions, tips or even a free basic assessment of your organisation’s password security (IF you are in the Brisbane Region) give us a call here at CCSiT. 07 3376 3033.