WHAT TOOLS DO I NEED TO POWER A PRODUCTIVE REMOTE TEAMS?

One might consider passwords “low tech,” yet they still protect all those high-tech assets, both on premises and in the cloud.

Passwords have been a part of our daily computer life since the beginning and they are still a vital part of any business workflow. But they’re also one of the most vulnerable parts of network security.

81% of hacking related data breaches are due to compromised passwords.

From business email to online accounting apps, passwords are often the only thing standing the way of your business data ending up in the hands of a cybercriminal.

Yet, many companies suffer from employees using poor password habits. These include:

• USING WEAK PASSWORDS
• REUSING PASSWORD ACROSS MULTIPLE ACCOUNTS
• STORING PASSWORDS IN AN UNSECURE WAY
• SHARING PASSWORDS

By getting a handle on good password management, you can significantly reduce the risk of a breach or account takeover by a hacker.

TIPS FOR PROTECTING YOUR LOGIN CREDENTIALS

With credential theft growing and continuing to get worse each year, good password management is more important than ever.

Here are several tips to improve your company’s password security.

TRAIN EMPLOYEES ON WHAT A “STRONG” PASSWORD MEANS

You can tell employees to use “strong” passwords, but not all may define that in the same way. Leave nothing to interpretation by training employees on good password habits These include:

• USING PASSWORDS AT LEAST 10+ CHARACTERS LONG
• USING A COMBINATION OF UPPER-CASE AND LOWER-CASE LETTERS
• USING AT LEAST 1 SYMBOL AND 1 NUMBER

If you have the ability, it’s also a good idea to require the use of strong passwords within cloud platforms by configuring security settings to reject weak passwords.

USE A PASSWORD MANAGER

People have an average of 70-80 passwords to keep up with. So, while you can tell employees to use long, difficult passwords and don’t duplicate them, it’s not realistic that they can remember all those passwords.

Using a business password manager reduces the number of passwords that an employee has to remember to just one.

Password managers have multiple benefits when it comes to password security, including:

• KEEPS ALL PASSWORDS SECURELY STORED IN A “PASSWORD VAULT”
• EMPLOYEES CAN USE MFA TO SECURE THE SINGLE PASSWORD THEY USE TO ACCESS THE VAULT
• WILL SUGGEST LONG, UNIQUE PASSWORDS TO USE
• AUTO-FILLS PASSWORDS IN WEBSITES
• CAN BE USED ON ANY DEVICE
• PREVENTS A COMPANY FROM BEING LOCKED OUT OF AN ACCOUNT IF AN EMPLOYEE LEAVES

SECURE PASSWORDS WITH MULTI-FACTOR AUTHENTICATION (MFA)

With the state of data breaches today, you may secure all your passwords on your end, but find out that a vendor has had their servers breached, exposing all customer logins (e.g. Marriott, and others).

When a hacker already has a password, the way that you can still keep them out is by using multi-factor authentication.

MFA adds an important additional step to the login process that most hackers can’t get past. The user has to enter a code that’s sent to a device in their possession before being granted access.

How effective is MFA?

• MICROSOFT STUDY: MFA IS 9% EFFECTIVE
• GOOGLE STUDY (ON DIFFERENT ATTACK METHODS AND MFA TYPES): MFA IS 76-100% EFFECTIVE

DON’T STORE PASSWORDS IN AN UNSECURE WAY

You’d be surprised at some of the ways that people save their passwords, which leave them completely exposed and easily stolen.

• STICKY NOTES: MANY PEOPLE PUT A PASSWORD ON A STICKY NOTE AND THEN STICK IT TO THEIR COMPUTER OR MOBILE DEVICE CASE.
• EXCEL SPREADSHEET: SOME ADMINISTRATORS WILL SAVE EMPLOYEE ACCOUNT PASSWORDS IN AN UNPROTECTED EXCEL SPREADSHEET. HACKERS GO LOOKING FOR THESE WHEN THEY COMPROMISE A COMPUTER.
• CONTACTS: ANOTHER INSECURE WAY THAT EMPLOYEES STORE PASSWORDS IS IN THEIR CONTACTS. THIS MAKES THEM EASILY SEARCHABLE, BUT ALSO VERY INSECURE. MULTIPLE SOCIAL MEDIA APPS IMMEDIATELY ASK FOR ACCESS TO YOUR CONTACTS WHEN THEY’RE SET UP.

Passwords need to be stored in a way that keeps them encrypted and protected, which is another reason to use a password manager.

USE OF A SINGLE SIGN-ON (SSO) APPLICATION

To streamline the login process for employees and reduce the time it might take to go through MFA on multiple accounts, you can use an SSO application.

This type of application gives employees a single point of entry for all their applications, but one that you can protect in multiple ways.

Besides enacting MFA with a single sign-on application, you can also create a variety of challenge questions for authentication. Such as requiring anyone in the Accounting Department to pass an additional question for authentication or adding a challenge when someone is signing in from a different country.

IS YOUR PASSWORD SECURITY WHERE YOU NEED IT TO BE?

Don’t leave your accounts unprotected! Unbound Digital can help your Tennessee business put safeguards in place to keep your login credentials secure and your accounts protected.

Contact us today to schedule a free consultation. Call 423-335-2461 or reach us online.