Bank account access, customer credit card numbers, personal patient health data, confidential company information… these are all things that are typically protected by a username and password combination.
Login credentials are a vital part of cybersecurity (some would argue, the most important part), yet many offices don’t really have a comprehensive password management policy and as a result, employees end up creating weak passwords that are easily hacked.
You can have the best managed IT security in the world, but if a hacker has your administrative password, they can bypass any measures meant to keep them out because they’ve logged in as an authorized user.
80% of hacking-related data breaches are due to weak or stolen login credentials.
Password control continues to be a challenge for many organizations, due in part to risky behavior that’s all too common. According to the 2019 State of Password and Authentication Security Behaviors Report, here are some of the bad habits pervasive in offices:
- 69% of people say they’ve shared their work passwords with colleagues
- 51% of people admit to reusing passwords between work and personal accounts
- 76% of surveyed organizations do not use a password manager
Passwords are one of your most important safeguards against a data breach or malware infection of your network and they’re the number one entry point for hacking-related breaches. Thus, adopting good credential management practices, can boost your network and data security pretty significantly.
Protect Your Passwords with These Proven Strategies
With login credentials being the “keys to the kingdom” for most hackers, ensuring you don’t have any weak links in the chain can help avoid a costly data breach.
No business owner wants to find out that a breach that just cost them hundreds of thousands of dollars was due to an employee using “password 123” as their login to the company network.
The good news is that there are several proven strategies that you can employ that are designed to improve password management and security without getting in the way of productivity.
Multi-Factor Authentication
One of the most helpful policies you can have in place to prevent unauthorized access to your network and devices is to use multi-factor authentication (MFA), also referred to as two-factor authentication.
With MFA in place, when you try to login to a webpage or application, you receive a code (via SMS, device prompt, phone call, or other method). You must enter the time-limited code to complete the login.
According to data by Google, this decreases your chances of being hacked significantly. They found that enabling MFA:
- Blocked 100% of automated attacks
- Blocked 96% of bulk phishing attacks
- Blocked 76% of direct, targeted attacks (This number increases to 90% when an on-device prompt instead of SMS is used to deliver the code)
Requiring Strong Passwords
You can keep your employees from setting weak passwords by employing tools inside programs like Office 365 that force them to create passwords meeting certain parameters.
Such as requiring a password to be a certain length, rejecting a password that doesn’t use a combination of numbers, letters, symbols, and so on.
While you can tell employees to use strong passwords, unless it’s required, there’s a good chance that they’ll fall back into the bad habit of using weak passwords because they’re easy to remember. By setting up your credential administration in an application to reject weak passwords, you ensure better security.
Password Manager
One of the main problems with requiring your users to create strong passwords for all their application logins at work is that there are so many, they’re hard to keep track of. The average worker has to remember 27 different login credentials.
Password management applications, like LastPass and 1Password, were designed to combat this problem. They store passwords for all logins and you only need to remember a single strong password to gain access to all the others.
The application will also suggest strong passwords for new logins or when changing passwords, Additionally, companies can ensure they’re not locked out of an application if an employee abruptly leaves, because they have the ability to set up an admin that can access all employee password vaults used for work logins.
Credential Management Application
Going one step farther beyond the password manager is a credential management application. These applications can be set up to give you complete control of all employee logins across all applications that your employees use and create a single sign in experience.
You have the ability to set up as many factors as you like for authentication, such as challenge questions and SMS codes. You can also set different parameters for authentication based upon an employee’s role or factors such as how many log in attempts someone has made.
For example, you may have your accounting department go through an additional challenge question before logging in. You could also require a code to be entered if someone is trying to access the system from a remote location.
Credential management applications give you the most control over how anyone can access your system using login credentials.
Are Weak Passwords Putting Your Business at Risk?
Does your business have a good password management policy in place? Excedeo can help you evaluate how your employees currently use passwords and help you with a strategy that will improve credential security and reduce your risk.