Passwords in the Workplace: Best and Worst Practices for Cyber Security
Using passwords for so many things that you need to access, is viewed as a necessary evil by many of us, which is presumably why passwords so often lack any real creativity, making it easier to remember the same easy-to-guess login details every time.
As someone like ATB Technologies will be quick to demonstrate, IT security and protecting your data and personal information, should be much more of an issue, if you want to avoid your system being hacked and your data compromised.
Holes in security measures
It seems that many of us have to cope with remembering an average of almost twenty different passwords, spread across our work and personal data.
It is therefore not much of a surprise that so many of us resort to taking more than a few shortcuts, when you are faced with a bad case of password fatigue. If you are struggling to remember a four digit pin for your bank card, it stands to reason that the temptation to use memorable information is too much to resist, which is when large holes in your security measures can appear.
If you conducted a poll amongst colleagues in your workplace, there is a fair chance that only about half of them would consider that their password usage habits and choices are what you could class as secure.
A good number of people in the workplace are not specifically instructed or guided by mandatory complex passwords, although the one good thing when comparing our business and personal password habits, is that password reuse is generally more often seen in our personal usage than in the workplace.
Regular breaches of security
There was a concerted effort within the cyber-security industry in 2014, to raise awareness of the regular number of security breaches, especially in light of some high-profile public examples of large companies mishandling their data security.
That year was described as “The Year of the Mega Breach”, but worryingly, 2015 turned out to be far worse, putting the previous highlighted problems into the shade.
The problem of highlighting such regular and alarming incidents, is that is seems to have induced a sense of breach fatigue amongst some of us, but that is a dangerous scenario.
Single password syndrome
There are a number of studies that all come to the same conclusion, which is that about three out of every four only users, simply works on the basis that they will memorize their username and password combinations.
This will undoubtedly create a temptation to choose a single password that the user will then attempt to use across as many of their accounts as possible, for ease of reference.
Using a single password will clearly provide a definite opportunity for a hacker to crack the code or even use dedicated software that is designed to decipher your password. Once they have achieved this feat, the weakness of a single password syndrome will be fully exposed.
Multiple passwords are obviously going to be more challenging for people to manage and keep on top of, but avoiding a single password system, will instantly add a much stronger layer of security.
Growing examples of remote access
There is an increasing level of flexibility in the workplace, resulting in more of us working from home and away from the office in general.
Whilst this level of work flexibility can be viewed positively, it does create a potential security issue, when workers need to log in remotely to a server in order to access the information they need to work with or update the system.
With a mobile workforce, it is of vital importance that the security of confidential information is not compromised in any way. This is where a password manager can help to maximize security on mobile devices and tablets. It can also allow the company to audit and track just who is accessing their system and what they are looking at.
Hard to crack
Using a password manager that generates a series of passwords that are difficult to decipher is an excellent policy to adopt.
When a system like this is in place, it obviously forces employees to adhere to the policy and automatically ensures that no one can use a weak password or attempt to use the same details across a variety of different applications.
If your business needs to generate a large number of these undecipherable passwords, most of these password management tools will give you the opportunity to generate strong passwords automatically.
If you want your cyber security in the workplace to be good, it is strongly recommended that you take a look at how strong your password security features are, especially if you don’t want any unwelcome visitors.
Madeleine Doyle works as a security analyst for a large corporation. A techy at heart she enjoys blogging in her free time, writing about cyber security, tech and gadgets.