fbpx
Boyce, VA 22620
540.850.4226
contact@db-c2.com

How Password Policies Protect Your Business

How Password Policies Protect Your Business

How Password Policies Protect Your Business

As mentioned in an earlier article Combat the Password Crisis, Passwords are a necessary part of protecting your business assets. We have had to deal with our almost universal dislike of using and changing passwords for a long time now. It is because of this dislike that password policies are not enforced and are often non-existent.

But lets go over a few things about password policies. Like I said earlier they are necessary in order to protect your network infrastructure and digital assets. But it goes much farther than that. They also help protect your business reputation, industry compliance, availability of services, insurance compliance, and legal rights and responsibilities.

Among the most hated parts of passwords is requiring users to change their passwords at regular intervals. They hate it, but again it is a necessary evil that must be enforced and followed. The biggest complaint is that it is too hard to always remember the new passwords. I remember that I always had that problem. In fact I used to have difficulty just remembering it as I was changing it. You know the error message that your chosen password and confirmation passwords do not match!. What a pain that was. Eventually I did catch on and now it does not really bother me.

Users are very smart as well. they will figure out how they can keep their same password if at all possible. If there is a rule that you cannot reuse your password for a minimum of 12 changes, they will try to change it 13 times in a row just to get back to their favorite. That is why there is also a minimum time that must elapse before a password can be changed.

Your employees are not the only ones who access your systems either. What about Vendors and Contractors who need access to your network to keep things running. They need to follow the policy as well.

While the end users or employees are generally targeted as being the worst offenders of bad password practices it is actually not really true. I have noticed that IT Admins and Techs as well as C-Level execs and managers are the really big offenders. To be honest those are the ones who need to be the most compliant. Their logins carry a lot more rights to business resources and are therefore more coveted by the bad guys. The elevated rights they have can literally be the keys to the kingdom.

There are several layers to a password policy all aimed to make your computing environment secure and to keep the bad guys out.

So while we are in this alternate work mode it is a prime opportunity to review your Company Password Policy. Please do not fool yourself into believing that your company is too small or that your people are better than that. Your business is only too small when it goes out of business!

If you would like we can perform a dark web scan that will show if any of your company credentials have been compromised and are for sale on the Dark Web. Click the Dark Web button to have us run a scan and show you the results. We can generally perform the scan within a 2 hour period.

Get Dark Web Scan

Don’t know where to start? We can help. We can provide you with a standard Password Policy that you can implement right away.Click the Get Policy button below to get started…

Password Policy

Leave a Reply