Enterprises & organizations around the world are concerned about cybersecurity. This becomes even more relevant in the current times, because more people are working from home due to the unfortunate global pandemic. Businesses are in charge of ensuring security of their resources and data, and one of the core concerns is password protection. Cybercriminals and hackers often use backdoor password to get entry into network assets, and even a small security breach can have serious consequences. In this post, we are reviewing the best password practices that businesses need to follow.
- Change all default passwords and usernames. This is an aspect that’s often ignored. Default passwords are extremely easy to guess, and even new hackers can manage to crack these. Ensure that once the resource has been deployed, default details are changed.
- Don’t forget other resources. While servers, data centers, and privilege accounts need more attention, businesses must focus on password protection of other important resources, such as IP cameras, video surveillance systems, and personal devices used by employees.
- Focus on long passwords. Long passwords are always hard to crack- Period. Ensure that employees are creating passwords that are at least 10 to 12 characters long, and there shouldn’t be any personal information.
- Complex passwords are necessary. A complex password has special characters, numbers, and uppercase & lowercase letters. Passwords must be as convoluted as possible, and it is okay if a password doesn’t make any sense.
- Recommend a password manager. If your employees are not using a password management tool as yet, you may want to recommend one. Keep in mind that employees should be able to retrieve and create passwords when necessary, and such platforms are always handy.
- Don’t miss on authentication beyond passwords. Multifactor authentication is the new norm, and it must be considered for sensitive resources. Consider security questions, special detail checks, and biometrics for selected accounts and network assets.
- Update firmware & software. All software programs and firmware must be updated to the latest version, so that latest security patches are deployed. Ensure that your employees are aware of how to store and change passwords for different systems.
Lastly, invest in cybersecurity training. If your company hasn’t trained employees as yet, it’s time to let them know of cyberattacks and how weak passwords can be used by hackers. Not to forget, do create policies for password protection for ‘Work from Home’ and BYOD.