Password Security Policies – Part 1 – Refresh the Fundamentals

A state-of-the-art security system won’t much matter if a hacker gets a hold of an employee’s password. That’s much more likely to happen if you take a laissez-faire approach–or none at all–to creating and protecting passwords.

Small and midsize businesses (SMBs) that struggle with information security because of resource constraints have particular reason to pay attention: Smart password practices require next to no budget. They don’t need to take up much time, either, especially once your policies and procedures are in place.

1. Use complex passwords. That means a case-sensitive combination of letters, numbers, and special characters–at least eight in total. Use memorable phrases broken up by spaces, special characters, and/or numbers. Those can create pretty robust passwords that are a lot easier to remember.

2. Don’t reuse passwords. This one’s a must, yet it remains a common danger. Employees that use the same password across multiple systems–often both professional and personal–to keep things simple can turn a minor, isolated issue into a major security breach.

Unique passwords help stop the bleeding much faster if a password is leaked or stolen–otherwise access to a Twitter account can suddenly turn into bank accounts, health information, customer databases, and other sensitive areas. The bare minimum practice should be to not re-use credentials for sensitive applications such as financial information across less sensitive–and often less secure–areas such as a blog publishing tool.

3. Change passwords regularly. It’s the last piece of the holy trinity: Change your virtual locks regularly to further minimize risks. Slain recommends updating credentials at least every 60 days; better yet, do it every 30.

next up – Go Beyond the Basics


About SCB Enterprises
System Solutions and Integration

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: