How to Protect Your Business From Password-Related Data Breaches

Data breaches can be crushing for your business. They can lead to a loss in customer confidence, reputation, and revenues. Some businesses don’t survive data breaches. There are several ways that hackers and criminals can access data and use it for illegal purposes, such as through phishing scams and malware, for example. However, one of the most common gateways to a breach is through passwords.

Passwords can be cracked in many ways. For one, there are certain passwords, such as  “12345” and “qwerty” that are extremely popular. Hackers can target a business and try the most popular ones and often find success. They can also get passwords through social engineering. If you’ve ever seen a twitter trend where someone asks what everyone’s favorite 80’s band is, then you’ve seen social engineering in action. Those questions are designed to find information that could lead to figuring out your password. It’s imperative for your business to be protected and prevent illicit access. Here’s how you can protect your business from password-related data breaches.

Staff Training

Your first step should be awareness. If your staff is not aware of what constitutes a threat, then they won’t be equipped to prevent them. If they are aware that the Facebook game that asks them for their month of birth and favorite animal is a social engineering effort, then they will be less likely to fall victim. Training should also focus on the risks involved. They must understand how important password security is. This training can be repeated every year to provide updates about new threats and methods for accessing passwords. You should also make sure that everyone is aware of any current threats through email updates or even staff meetings.

Password Management

The last thing you want is everyone on your staff writing down their passwords and storing them in notebooks, binders, or even sticky notes on their desks. Enterprise password managers help by making it easier to have good password hygiene. All passwords can be kept in a secure portal that can only be accessed by the user. There’s no way for someone to get a quick glance at their written down passwords. Since complicated passwords are the most secure yet hard to remember, a password management system will keep them safely stored so that they can be accessed whenever necessary.

Different Passwords for Every Portal

Most of us want to keep things as simple as possible. Having a special word that we use for most or all of our passwords does just that. It’s easy to remember, and theoretically difficult to guess. Besides, who would know what your mother’s maiden name and the street you grew up on? Sadly, that information is not as secure as you might think, and using a simple word for all of your portals puts you more at risk. If your password is compromised in one place, then it means that it’s compromised with all of the others, even if there are slight differences. By having a different one for everything you need to access, you can limit any possible damage.

Be Careful With Sharing

The more often a password is shared, the bigger the risk. Make sure that your business has separate logins wherever possible and where sharing a password is needed, it should be done via a password manager to keep things as secure as possible. It’s common for one coworker to give another a password to access something in order to complete a task or get information. If this is shared via other, vulnerable channels or seen by somebody else that has access to those channels, it’s vulnerable to breaches. Having a company policy in place around sharing login information is a vital component of breach risk management.

Make Passwords More Challenging

When you’ve made user profiles on websites, you’ve no doubt come across their password recommendations. In most cases they ask for a password of at least 8 characters, upper and lower case letters, at least 1 number, and at least 1 special character. While these guidelines will give you a strong password, the truth is that for business information, you should go beyond this. 10 characters is even better, and some enterprises will ask for up to 64 characters. This might sound daunting, but with a good password management system, you don’t have to worry about trying to remember them or forgetting where you’ve written them down.

Malware Protection

Even if you have the strongest passwords possible, you are still vulnerable if hackers can see everything you do on your keyboard. They can do this with malware that gets onto your computer by downloading dangerous content. To avoid this, make sure that you have up to date anti-malware and antivirus protection on all of your devices. This will make sure that all of your password efforts haven’t been for naught.

If you don’t have proper password policies in place for your business, then you are at risk. Hackers know what types of organizations to target, and if you are vulnerable, they will take advantage. Since password-related data breaches are a prime way for them to attack, it’s important to keep yourself protected. Make sure that you and your staff follow the best practices related to your passwords for any portal that you access. That way, you can keep the hackers at bay and your data safe.