You can have all the locks on your data center and have all the network security available, but nothing will keep your data safe if your employees are sloppy with passwords.
There are many ways data can be breached, and opening some link they shouldn’t is one of the most serious security sins employees can commit, but today we’ll just talk about passwords.
Here are some basic practices that you should require your employees to follow. These are basic tips. System administrators should implement other policies, such as those that forbid using passwords previously used and locking accounts after a few failed attempts to login. But just for you as a manager, here are a few tips.
- Change Passwords – Most security experts recommend that companies change out all passwords every 30 to 90 days.
- Password Requirements – Should include a of mix upper and lowercase, number, and a symbol.
- Teach employees NOT to use standard dictionary words (any language), or personal data that can be known, or could be stolen: addresses, telephone numbers, SSN, etc.
- Emphasize that employees should not access anything using another employee’s login. To save time or for convenience, employees may leave systems open and let others access them. This is usually done so one person doesn’t take the time to logout and the next has to log back in. Make a policy regarding this and enforce it.
These are just a few basic password tips, but they can make a big difference in keeping your business’s sensitive data safe.
I enjoy working with some of the most talented and brilliant technical professionals in Columbus. I have the opportunity to let business owners focus on running their business, while EasyIT handles all of the network and infrastructure support. We provide IT Outsourcing and Co-sourcing agreements that let our clients rest assured that their data is secure, backed up, and their users always have a reliable and speedy help desk to call. Our virtual CTO services allow organizations to have guidance and advice from EasyIT’s CEO, Kurt Hoeft, without having him on their staff or payroll.
