Best Practices for Your Company’s Password Policy – Part 1
August 16, 2018Secure Your Business Data from Cyber Criminals – Part 1
August 21, 2018As discussed in Part 1, passwords provide protection by preventing unauthorized entry into websites, programs, and networks. Part 2 will discuss eight more best practices for your company’s password policy. Consult with an established managed IT services team to get the best results for your organization.
6) Lock Outs
Companies should lock out users after they unsuccessfully log in after a certain number of attempts to prevent continuous programmed attacks intended to crack passwords.
7) Never Share or Write Down
Employees should never tell anyone else their passwords. They should not even let anyone watch as they log in. In addition, passwords should not be written down.
8) No Dictionary Words
Cyber criminals use dictionary attack programs that run searches for dictionary words so using unusual or long words won’t be a defense.
9) Policy Enforcement
Alongside employee training, it is crucial for companies to enforce their password policies with consequences that may eventually lead to termination.
10) Refuse Offer to Remember
Although convenient, employees should be trained to refuse the offer of e-mail programs and browsers to remember their passwords.
11) Revise Annually
A good policy would be mandating that employees change their passwords annually.
12) Separate Symbols and Numbers
Symbols and numbers should be used separately in passwords to make it even more difficult for cyber criminals to crack them.
13) Software Solutions for Sensitive Data
For personal or financial information, companies should implement even stronger policies for additional protection from attacks. Utilizing password managers and tools should be strongly considered. Along with the storage of credentials, the majority of these programs also provide password generators that conveniently create passwords that are extremely difficult for cyber attacks to compromise. They should have the features below:
Generation of passwords that are random and complex
Two-factor authentication using both a password and a secondary method like a PIN code
Alpha Engineering Business Support
Choosing an expert computer technology-support provider is an important decision for your business. Alpha Engineering Associates has been a trusted partner of many companies in the Washington, Baltimore and Annapolis areas since 1990 and offer:
- 24/7 Managed Services for Business Computing Systems
- Network and Mobile Computing Support
- Disaster Recovery Planning
- Software Development
For affordable client-focused network consulting services and solutions, please call Alpha Engineering Associates today at (410) 295-9500.