There are multiple layers in any good cybersecurity plan. These include next-gen firewalls, antivirus software, apps that combat phishing and spam, and backup and disaster recovery strategies.
But, perhaps one of the most important layers when it comes to preventing data breaches is password security.
A full 80% of hacking related data breaches are the result of weak or compromised passwords. The danger with a hacker having a user password, is that they have more ability to bypass other layers of IT security because they’re logged in as a legitimate system user.
For Brisbane businesses looking for managed IT and security solutions, password security can be an area where they have some big vulnerabilities. This is typically due to poor password habits by users who find it a challenge juggling multiple passwords.
According to Ponemon’s 2019 report on password security, there are several statistics that illustrate the issues companies face when it comes to the security of user passwords. These include:
- 51% of respondents find passwords too difficult to manage.
- 57% of those surveyed said that even after a phishing attack, they haven’t changed their password behaviors.
- 69% of users say they share passwords with colleagues.
- 51% of respondents reuse an average of five passwords across both business and personal accounts.
So, in the face of passwords that are difficult to manage and poor employee password habits that tend to leave business applications vulnerable, how can you improve the security of your logins?
Password Tips to Improve Data Security
Making password security a priority will significantly reduce the vulnerability of your organisation to data breaches related to stolen or hacked login credentials. With all your business data being protected by the weakest password used by one of your staff, it’s important to position credential security as one of the top layers of your cybersecurity strategy.
1. Require Strong Passwords in Business Applications
A strong password is one that has certain attributes that make it harder for a hacker to compromise. This includes things like the length of the password and using a combination of letters, numbers, and symbols.
The best way to generate passwords is not by having your employees come up with them themselves, but by using a password generator that will automatically provide a password that’s difficult to hack.
You can avoid employees using weak passwords in applications such as Office 365, by adjusting your admin settings to reject easy passwords and require strong ones.
2. Use a Password Manager
The average employee has to keep track of an astonishing 191 different passwords. That makes it just about impossible for a person to remember them all and make them all “strong” passwords.
Password management applications offer companies and their employees multiple benefits when it comes to password security, including the most helpful, which is to remember all their passwords for them. Employees only have to remember a single password to access all the others.
Some of the advantages of using a password manager include:
- Securely stores all passwords
- Suggests strong passwords
- Auto-fills logins
- Has an admin feature, to access an employee’s password if needed
- Makes it easy to have a unique password for each login
Another benefit of password managers is that you can also use them for company payment cards, so card details aren’t being emailed or written down and left unsecure.
3. Implement Multi-Factor Authentication
Your username and password combination is considered one factor when it comes to user authentication. Adding a second factor to that significantly improves password security.
A common second factor used in multi-factor authentication is a code that is sent by text message upon login that has to be entered after the login to gain access to an application. This helps protect against data breaches from compromised passwords because in most cases the hacker is not going to have in their possession the device that receives the code.
Multi-factor authentication can be implemented on an application basis or by using a platform that allows you to implement it centrally across all apps your business uses.
4. Conduct User Awareness Training
Passwords are used by your employees every day, so it’s important that they understand how vital securing their passwords is to the overall security of your business.
If you just implement password security policies without fully explaining why to your team, users can potentially find ways around them. You have a much better chance of strengthening your password security by explaining the risks to your employees and providing them with recurring cybersecurity awareness training. This will help get their buy-in and understanding of just how important it is to protect their logins.
Need Help with Your Network Security?
Your network security is vital to the ongoing health of your Brisbane business. Make sure your network has the protection it needs. Connected Platforms can assist you with multiple security solutions that will prevent network leaks and breaches.
Contact us today for a free IT security consultation. Call 1300 866 096 or book a coffee meeting online.