Coronavirus has opened the virtual doors to cyberattacks and hackers are becoming increasingly bolder with their attacks. Don’t let COVID-19 work-from-home set-ups compromise data security and invite a cyberattack. We offer 7 ways to safeguard company passwords, at a minimum.
Law firms and accounting practice technology teams are being pushed to its limits with the changes in their roles and monitoring company data that is now outside the company’s protected firewalls. Passwords and password management seems like it should be a simple element in technology management. We’ve found too many employees haven’t received proper password management training or companies don’t have a protocol for password management or the tech team doesn’t pay enough attention to passwords the staff are using.
A sobering fact is the passwords you and your staff are using are the first line of defense for protecting data from a cyber attack and one easy-to-hack password opens the virtual doors and invites in a full-scale cyberattack and the hacker will then have access to plant malware that could cripple your company.
Do you have an employee, or even more than one who is:
- Reusing passwords
- Using easy to guess passwords like: password1, monkey123 or any other simple password
- Using the same password for all company devices and services
Talk with your IT staff immediately to make certain passwords are changed and are difficult to hack.
7 Ways To Safeguard Company Passwords
Passwords are the currency that hackers use to get into your data, hold it for ransom and cripple your company. Use strong passwords; that’s the best – and the easiest – way to prevent unauthorized access. If you’re running a law practice, accounting firm or medical practice you are working with deeply personal and confidential customer data – it is your company’s role as a trusted advisor to protect that data from a breach.
We have put together a list of 7 ways to safeguard company records by requiring strong passwords
- It must be complex. The more characters used, the better. Use upper and lower case, symbols, spaces, etc. That’s the point. If the log in requires upper and lower case and numbers or symbols, work them into your random phrase
- Be random even though it isn’t easy to create a random password or phrase because our minds go to things we know about or think about and if you’re having a difficult time being truly random, look around the room you’re in and choose an item, then look outdoors for another item, choose a food you hate then the street next to the one you grew up on. For example: trampolinebirdlimesmillers. Makes no sense, right? That’s the point.
- The longer the better. Create a password of “at least eight characters” go above and beyond and double that. The longer the password, the harder it will be to hack.
- You must require different passwords for each site, device and account you get into. Recycling passwords or using a variation on the same password. For example: ihaveadog, ihaveadog123, ihaveadog345… is basically handing the keys to the company data to a hacker and anytime you use a password in more than one location, you have weakened all your passwords.
- Changing passwords regularly is a hotly debated topic in IT circles. Proponents believe passwords should be changed at least monthly and opponents believe a strong password or passphrase doesn’t require regular updating.
- Two-factor authentication, along with a strong password or passphrase will go a long way in protecting company data.
- Avoid using an email address as your log in credentials and if possible, create a username because using an email address makes it easier for a cyberattacker to access your account.
Talk with your IT department about company password protocols.
Use a password manager and give your employees access because you make it easy to access passwords, it is more likely your staff will use difficult, long random passwords. Password managers generate a complex password as an option for having to create your own and when using a password manager the only password to remember is the one for the manager. Remember, follow all of the steps above to create a complex, difficult-to-hack password for the password manager. This technology will be the gatekeeper for your company’s information and you need to guard it zealously.
If you have questions on password security, schedule a consultation with one of our technology and business continuity experts.
WareGeeks Solutions is a Roselle, New Jersey-based full-service IT solutions and service provider of cybersecurity, managed IT services and data backups protection and our expert team specializes in Data Protection, specifically Business Continuity and Disaster Recovery (BCDR and we work with medium and large companies, with a focus on law firms and the healthcare industry.
WareGeeks Solutions help organizations transform technology, operations and service delivery to meet business challenges. We first seek to understand your business needs and then apply our in-depth knowledge of Data Protection, Business Continuity and Disaster Recovery (BCDR), Cyber Security for drafting a roadmap for transformation.