In today’s rapidly advancing technology environment, new threats emerge every day which can prove problematic to your business. If you don’t consider yourself “tech savvy,” it can be tempting to throw your hands in the air because you can’t keep up with all the latest threats and how to combat them. The reality is that there are a multitude of easy ways you can make a difference for your personal and organizational security. From time to time, the enVista blog will give you a few easy-to-implement changes that can go a long way in keeping you safe.
One of the simplest fixes that everyone can implement is beefing up their password complexity. This is an important aspect of security whether we’re talking about access to your work laptop or your personal Facebook account. Passwords are a headache for most users. Often times we will spend 20 minutes trying to think of the perfect password only to have it fail to meet the requirements of whatever service we are creating a password for. But password complexity settings are an important control preventing attackers from accessing data by repeatedly guessing (brute force) your password. Sufficiently complex passwords are also harder to compromise, even if an attacker successfully steals a password database it is stored in. Consider the following rules and tips when you are creating your passwords in the future.
- Each character set (Alpha, Number, Case, and Special Characters) included in your password makes it exponentially harder to brute force.
- While 8 characters is the standard minimum, passwords up to 12 characters can be brute forced with relative ease.
- Avoid using items that are commonly guessed for passwords such as dates, sports teams, or company names.
- The strongest password on earth can fail quickly if written down.
- Password tools such as Lastpass will allow you to generate complex passwords and store them and retrieve them securely.
A strong password isn’t the only safeguard you should set up. Multi-factor authentication takes the secure password you created keeping in mind the above rules, and takes it to the next level. When authenticating to secured recourses, users are asked to supply something that verifies who they are. These Authentication factors always come in the form of either something the user knows (such as a password), something the user has (such as an authentication token), Or something the user is (such as fingerprint readers or iris scanners). Multi-factor authentication is the process of requiring more than one of these categories when accessing protected resources. The most common example of this would be a user entering his or her username and password and then typing a pin code that is sent via text message to their cell phone to access their bank account. This example presents both of the authentication factors: something the user knows (password) and something the user has (authorized cell phone). This type of authentication makes it virtually impossible for an attacker to access the protected resource, even if the password is compromised. It is recommended that multifactor authentication be enabled wherever possible when protected resources are concerned, but resources where multifactor authentication is going to provide the most benefit are bank accounts and email accounts.
These are just a couple ways to start on the path to security that everyone should implement. Stayed tuned to the enVista blog for more security tips to come! In the meantime, check out some of enVista’s Technology Security Solutions.