We live in a world where the internet is constantly changing and there is an evolutionary arms race against those trying to protect information and those trying to misuse it. There is no such thing as 100% security and the likelihood is that your organisation will probably experience some form of security breach at some point. The BIS 2014 Information Security Breaches Survey reported that 81% of large organisations had experienced a security breach of some sort. This costs each organisation, on average, between a staggering £600,000 and £1.5 million.
A securirty awareness campaign run by the government in 2014 discovered that 75% of survey respondents were failing to follow best practice guidelines when creating new passwords. A huge 47% admitted using particularly unsafe passwords such as notable dates and the names of their children/ pets just for ease of recalling them. You can guarantee that if people are not being so careful with their own data they certainly won’t be following best practices at work either!
Passwords are a big part of our everyday life. Whether you are using it in your personal life for a Netflix account or your own online banking, according to a recent study the average Briton now has an average of 19 passwords to remember! So the challenge is not only to get your employees to create complex passwords, but also get them to remember them. The type and complexity of a required password varies greatly from company to company, however, one thing all secure conscious individuals agree with is the more complex the password, the more difficult is it for a hacker to break down.
It is generally agreed that a mixture of upper and lower case letters and numbers with a minimum of 8 characters is a good bet, whilst some companies opt to include a special character also. The below online tool is a random password generator which you can set for various levels of complexity.
Getting staff to remember the complex passwords that you have got them to create can be a different kettle of fish! The good news is that if they are using them every day, the likelihood is that eventually they will remember…right in time for a 30 days mandatory password change which is also considered best practice for many organisations. If you are allowing users to create their own passwords, a tip for remembering a complex passwords and enabling them to be regularly changed is as follows. Say Jane has 2 cats called Fluffy and Honey. Her normal password could be “fluffyhoney”. However, this can be made many times more complex just by tweaking as follows “FluffyH0n3y!”. By adding a mixture of upper and lower case letters, numbers in place of letters and even a special character, the password becomes far more difficult for a hacker to conquer and is still easy for Jane to remember. For passwords which require changing every 30 days, she could have “FluffyH0n3y!1. The number 1 is then just changed every month numerically.
I hope this helps your organisation to stay safe and increase your basic security in a very cost effective manner. For more information on how you can protect your business, please contact Opus-UK on 01909 518811.