Don’t You Just Love a Good Password???
Yes, we are talking about passwords again
but we think it is a worth while subject to
revisit and discuss some resent research.
Clifford Stoll
American Astronomer, Author and Teacher
“Treat your password like your toothbrush. Don’t let anybody else use it, and get a new one every six months.”
Passwords are the single weakest point in any businesses cyber armour, after humans..
OK, the two are intrinsically linked but it is easier to change a password than your staff! Although you should equaly be thinking about changing your staff through education.
A few weeks ago I had the pleasure of meeting Steve Leach, Head of Cyber and Innovation at North East Business Resilience Centre. We swapped some stories and frustrations about informing busineses about securing their systems and then we had to go our seperate ways as is usually the case….
Passwords are the single weakest point in any businesses cyber armour, after humans..
OK, the two are intrinsically linked but it is easier to change a password than your staff! Although you should equaly be thinking about changing your staff through education.
A few weeks ago I had the pleasure of meeting Steve Leach, Head of Cyber and Innovation at North East Business Resilience Centre. We swapped some stories and frustrations about informing busineses about securing their systems and then we had to go our seperate ways as is usually the case…
The biggest issue for businesses, especially small businesses is that they think that they are too small or insignificant to be targetted by cyber criminals. There is a myth that cycber criminals go around targeting individuals and spend hours trying to hack into their computers. If that were the case there would be a lot less low level cyber crimes occuring. The truth is it is more like a car thief taking a walk around a supermarket carpark trying car doors until he finds one that it unlocked. That car is probably one of the lower value, less secure models which are easy to start, similar to your small business!! After all the big expansive corporate businesses employ people to look after their security and pay them loads to do so.
Which brings me back to my chat with Detective Inspector Steve Leach. Steve and the team at the North East Business Resilience Centre are tasked with filling the cyber security knowledge gap for small businesses.
The North East Business Resilience Centre is a police-led, not for profit organisation providing 24/7 support to small and medium businesses, our trusted Centre forms a partnership network to protect businesses from risk. We offer a completely free membership, as well as many other affordable cyber resilience services.
I would highly recommend that you check out their website and register for the FREE Core Membership to stay up to date with what is available to help you and your business.
Online security is a bit of a passion, as you can probably tell if you have flicked through our blogs. Quite often it is not a complex or expensive task to vastly improve it. Especially if you focus on educating staff to be more aware of ways they can help prevent cyber crime in your business.
One of the simplest areas to areas is password security which our blog entitled How safe are your online accounts covers. However I don’t want to talk about how to fix the problem of password security but more about the fact that you are not alone.
LastPass, producer of a leading Password Manager application recently published the following thought provoking statistice. As always we take anything that appears in a vendors marketing material with a pinch of salt but let’s look at them in more detail anyway.
%
The percentage of people who haven’t changed their passwords in the last 12 months.
How often should you change your password?
My answer would be regularly, especially if it is one you use everyday. I think that 45% is somewhat on the low side, in my experience at least.
%
The percentage of people who are afraid of forgetting their login credentials.
Where should you store your passwords?
Not on a post-it note stuck to your monitor, that’s for sure! One of the problems with ensuring robust password security is that we need to manage large numbers of passwords. All of them should be unique, complex strings of random characters. The answer is simply to find a secure password management system that can take care of your passwords securely while allowing you secure access to them from all your devices. We have talked about this in more detail in our blog entitled “How Safe Are Your Online Accounts”. In addition you will find a video presentation that explains the ins and outs of Password Managers.
%
The percentage of passwords that contain information that is accessible to anybody.
itHave you posted your password on Facebook?
It’s not such an outlandish idea. We constantly post personal information on social media.
Happy Birthday little Jonny, not so little now you are 12 years old.
Hey loving parent, is your password “Jonny2010” by any chance. There are lots more options on your social media posts that can identify you and your pets. Along with where you live, your fave footy team, what car you drive, where you like to go on holiday and much, much more… Don’t use anything that is identifiable as a password or part of it.
%
The percentage of breaches that involve a human element.
Humans are the weakest link!
I’m probably both pessimistic and pedantic when I say that this figure has to be 100%. If it is a system or software failure then that system or software has been built by a Human, at some point, so I think that that should be factored in to this figure. However it is not unreasonable for the social engineering, bad practice, ignorant behaviour of humans to be singled out. The Human element is most definitely the weakest link in the chain and will continue to be. Once again this is covered in more detail in our blog entitled “How Safe Are Your Online Accounts”.
%
The percentage of people who don’t know if their information is on the dark web.
Is my personal data on the Dark Web?
Yes it is, I’d be very surprised if it wasn’t. Certainly if you have had an online account for any length of time it is almost a certainty.
If you would like to find out a little more about your online accounts and if they have been compromised I would highly recommend checking out the amazing website and project at https://haveibeenpwned.com/
How can I improve my online security?
Now that you have started to think a little more about your online security I would highly recommend checking out some of our blogs. From the blogs section of our site especially check out “How Safe Are Your Online Accounts”.
Why not register here and we will add you to our Newsletter list so you won’t miss out when we release our next info filled blog post!!! You’ll get a free eBook too.