It's important to stay secure throughout the year, and in October, cybersecurity takes on even more significance: since 2004, it has been designated as Cybersecurity Awareness Month. In the 20 years since its inception, government and industry have worked together to provide resources to enable organizations and their employees to stay safer and more secure online.
In 2023, the focus is on four key behaviors:
- Creating strong passwords and using a password manager
- Enabling multi-factor authentication
- Updating software
- Recognizing and reporting phishing attempts
This is the first in a series of four articles discussing each of these key behaviors and providing tips and solutions that will help keep organizations, their clients, and their employees secure.
Securing Digital Assets With Strong Passwords
The increase in online accounts, including subscription-based services, and the growing number of devices used in the office and at home have led to a seemingly exponential increase in the number of passwords—and the growing issue of password management. As a result, password security has become a major concern for companies, and one of the biggest challenges is getting employees to use better password hygiene. How can organizations facilitate the secure management of employees' corporate and personal passwords?
- Protect corporate accounts with passwords that are at least 15 characters long. Criminals can figure out short passwords in just minutes. Instead, implement guidelines for using long passphrases as corporate passwords. A passphrase consisting of five unrelated words is easier to memorize than a string of random characters. Educate employees on how to create a phrase that they can remember but hackers can't crack.
- Train employees to use unique passwords for all accounts. Using the same or similar password in work and personal accounts could open the organization to attack—if criminals figure out an employee's password for one account, they could use it to try to access the employee's other accounts, including their work account. Help employees understand the dangers of reusing the same or similar password and that each personal and work account should be secured with a long, unique password.
- Implement an enterprise-wide password manager to manage passwords. Password managers generate and save long, unique passwords for accounts, removing the need to remember them and lowering the possibility of password reuse. Passwords for communal corporate websites, such as research databases, can be shared amongst colleagues, and the account owner can obscure the password for additional security.
Long passwords are strong passwords—an important point for organizations to emphasize to employees. Following best practices for password creation and management will help keep work and personal accounts more secure.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.