The most recent Verizon Data Breach Investigations Report revealed that 70 percent of employees routinely reuse their passwords both at home and work and that over 80 percent of security breaches by hackers are the result of weak or illegally obtained passwords. With so much at risk, it’s imperative that your organization implement the necessary steps to ensure your sensitive data remains secure as cybercrime continues to increase and evolve, including those listed below.
Multi-Factor Authentication
Two-factor authentication provides an additional layer of protection, requiring the user to input their username and password as well as a unique, single-use code which is sent via text or email. This type of system is beneficial when accessing sensitive data and completing financial transactions, and is also a great way to track activity across your network.
Quantity Over Quality
Over that past few years Individuals and businesses have been encouraged to increase the strength and complexity of their passwords with the most recent trend involving a combination of upper and lowercase letters, numbers, and symbols. But, besides making memorization difficult, sophisticated software has been developed to crack this type of code. Experts now recommend using longer passphrases of up to 64 characters complete with spaces, which are nearly impossible to crack.
Password Encryption
End-to-end encryption techniques can render your passwords indecipherable as they travel across your network, eliminating the possibility of interception and detection.
Continuity
Encouraging users to routinely update their passwords is an ineffective method of security for a number of reasons:
- Many employees will reuse their current password.
- Users may make only slight modifications to their current password.
- Frequent changes entice users to write the new password down in order to remember it.
Employee Education
Experts estimate that 40 percent or more of data leaks occur as a result of negligent or untrained staff clicking on unsecured links or opening viral attachments. Routine employee training and education is the best method of prevention, teaching individuals how to detect and avoid phishing schemes and other online threats.
Secure Connectivity
With more types of devices in use than ever before, hackers can easily gain access to passwords if employees enter their information over an unsecured network. Utilize WPA-2 technology for network access or a secure VPN connection for remote workers.
