As previously discussed in Part 1, employees use passwords several times daily to access data and software for their work. A company’s passwords also protect these resources from hackers. However, careless practices can make them vulnerable to cyber criminals, jeopardizing the very foundation of a business. Part 2 will continue discussing why and how companies should safeguard its passwords. Remember to consult with an experienced IT support expert to formulate and implement an effective password policy.
A company’s passwords must always be safely stored, controlled in terms of access, and be strong by using numbers, symbols, and capital letters. The AVG survey of June 2016 regarding passwords found that among respondents 72% believe that their company passwords are stored in a safe place, 40% use the same passwords for different log-ins, and 50% use 1 to 10 passwords for different networks, software, and accounts.
Human error was involved in 95% of all security incidents according to the 2014 IBM Cyber Security Intelligence Index. Social engineering is now used to trick employees into unknowingly provide access to sensitive data. The AVG survey also found that 67% of employees work with 1-2 people who have access to their company passwords, and 43% with company passwords are not contractually required to maintain confidentiality. As mentioned in Part 1, individual usernames and passwords should be assigned for accountability. Another serious vulnerability found was 16% of non-employees, such as contractors, can access company passwords. In such cases, temporary log-ins and passwords should always be utilized.
AVG’s survey found that half of employees saved all or some of their passwords through web browsers, which is a security risk because of devices and shared access to computers. It is highly recommended to instruct staff members to stop saving passwords on browsers and totally clear them.
In one-third of businesses, according to AVG, the owner, president, or CEO is responsible for managing company passwords. However, this task would be better handled by dedicated personnel, especially when the company, along with its IT infrastructure, grows significantly.
Small businesses are now the favored prey of cybercriminals because they are more vulnerable. Security education, stringent password policy, and deployment of two-factor authentication would prevent most breaches. American businesses suffered an average of 160 cyber attacks weekly in 2015. Last year global cybercrime stole $400-$500 billion, which is projected to jump to $2-3 trillion in 2016.
Choosing an expert computer technology-support provider is an important decision for your business. Alpha Engineering Associates has been a trusted partner of many companies in the Washington, Baltimore and Annapolis areas since 1990 and offer:
For affordable client-focused network consulting services and solutions, please call Alpha Engineering Associates today at 410-295-9500.