Cybersecurity Awareness Month was established more than 20 years ago to provide resources to enable organizations and their employees to stay safer and more secure online. It is an opportunity to focus on four key behaviors that will help everyone stay secure throughout the year:
- Creating strong passwords and using a password manager
- Enabling multi-factor authentication
- Updating software
- Recognizing and reporting phishing attempts
Each of these key behaviors are necessary to help keep organizations, their clients, and their employees secure.
Securing Digital Assets With Strong Passwords
The increase in online accounts, including subscription-based services, and the growing number of devices used in the office and at home have led to a seemingly exponential increase in the number of passwords—and the growing issue of password management. As a result, password security is a major concern for companies, and one of the biggest challenges is encouraging employees to use better password hygiene. How can organizations facilitate the secure management of employees’ corporate and personal passwords?
- Protect corporate accounts with passwords that are at least 15 characters long. Criminals have the tools to figure out short passwords in just minutes. Organizations’ information security teams should work to ensure employees use long passphrases as corporate passwords. A passphrase consisting of five unrelated words is easier to memorize than a string of random characters. Educate employees on how to create a phrase that they can remember but hackers can’t crack.
- Train employees to use unique passwords for all accounts. Using the same or similar password in work and personal accounts could open the organization to attack—if criminals figure out an employee’s password for one account, they could use it to try to access the employee’s other accounts, including their work accounts. Help employees understand the dangers of reusing the same or similar password and that each personal and work account should be secured with a long, unique password.
- Implement an enterprise-wide password manager to manage passwords. Password managers generate and save long, unique passwords for accounts, removing the need to remember them and lowering the possibility of password reuse. Passwords for communal corporate websites, such as research databases, can be shared amongst colleagues, and the account owner can obscure the password for additional security.
Long passwords are strong passwords—an important point for organizations to emphasize to employees. Following best practices for password creation and management will help keep work and personal accounts more secure.
