Home Verizon report uncovers alarming truth about employee passwords
News

Verizon report uncovers alarming truth about employee passwords

AFP
computer essay writing
Photo Credit: Wrangler

When it comes to creating a password policy, we have to balance security with productivity. But too often security rules seem at odds with productivity and employees find workarounds that put you at risk, or they ignore security rules altogether.

A recent report from Verizon’s Research found that businesses are too often on the losing end of this battle.

An astounding 81% of data breaches happen because of poor employee password management. 70% of employees use their work passwords at home as well, often on low-security websites. These are prime targets by thieves. With them, they can open Pandora’s Box and access to your systems.

Given this alarming truth about employee adherence to your rules about not using their work password anywhere else, we must have alternate ways to secure our business and customer data.

Cedric Brown, an IT professional with Charlotte’s IT services team at William Ives Consulting offers some password cybersecurity solutions you can implement quickly to do just that.

  1. Add Two-Step Verification

You’ve likely noticed that many high-security websites have moved to two-step verification. We now know that a single password is not a safe way to secure an account because of human nature.

Simply set up a second way to verify identity like:

  • Answering a unique question
  • Entering an auto-generated emailed code or daily department code
  • Alternate passwords like touch, tap pattern, eye scan, etc.
  1. Force Password Changes

Set up a system that forces employees to reset their passwords periodically. Using automated technology, alert employees when passwords are about to expire. And then don’t allow employees to log in with an old password after a certain date.

  1. Force the Creation of Unique Passwords

If 59% of employees use the same password everywhere, they need a system that forces them to get creative. For some time now, password creation tools have required a special character, upper and lower case, a number and no more than two consecutive numbers. So at this point, most employees have a password that meets those criteria, and they’re still using it everywhere. You’ll need to keep raising the bar to prevent data breaches.

  1. Teach Employees How to Create Strong Passwords They Can Remember

This isn’t automatic. And if you don’t, they will write them down or make them too simple. There are many password creation strategies to generate memorable strong passwords.

For example,

  1. Find an 8-word phrase from a movie or book you know
  2. Speak it aloud, giving at least one word some emphasis, not the first letter
  3. Take the first letter from each word to create a string of seemingly unrelated letters
  4. Put a capital letter where the emphasis word is
  5. Replace at least 2-3 lowercase with a number or symbol that looks like that letter (e.g, $=s, 3=e, @=a, 9=g, 7= l, #=h)

This is nearly impossible for someone else to crack but can be recalled instantly by the person who created it.

  1. Inform Employees About Phishing Scams

Cybercriminals have learned how to convince employees to give up their passwords or otherwise compromise the system. Learn about these scams and provide at least annual training on how to spot them.

With strategies like these and the right password cybersecurity technologies in place to back you up, you can protect yourself. To learn more about business technology and cybersecurity, contact your IT services team in Charlotte at William Ives Consulting..

Support AFP




AFP

AFP

Have a guest column, letter to the editor, story idea or a news tip? Email editor Chris Graham at [email protected]. Subscribe to AFP podcasts on Apple PodcastsSpotifyPandora and YouTube.

Latest News

terry waters fishburne
Etc.

Waynesboro: Hall of Fame wrestling coach Terry Waters announces retirement

Tom Dulaney Slonaker
Etc.

Greene County: Tom Dulaney Slonaker has had several SuperFun careers

Long-time Ruckersville resident Tom Dulaney Slonaker has had a plethora of successful careers, including sports broadcaster, financial engineer, stockbroker, and as an insurance agent he had an office in Charlottesville.

healthcare
U.S. & World

Making the case for universal health care: The message is the message

Republicans use framing to deride universal health care when they use the terms “free health care” and “socialized medicine.” UHC is neither free nor socialized medicine, but the terms stick.

flock License plate reader police
U.S. & World

While the political circus distracts us, Flock builds the Digital Police State

vdot road
Local

Local road construction, maintenance schedule update: July 20-24

waynesboro map
Local

Waynesboro: Is the city review of the Mimosa Farm permit request just a formality?

vape shop
Virginia

New state law aims to crack down on liquid tobacco, vape sales in Virginia