One of the greatest mistakes small business owners can make is thinking no one is interested in their business’s data. In truth, small- and medium-sized businesses (SMBs) are among the most prone to cyberattacks, with 67 percent of SMBs experiencing an attack and 58 percent suffering from a data breach in the last 12 months, says a study. What’s more, 47 percent of the respondents admit having little to no understanding of how they can protect their business from cyberattacks.
There are a number of tools, strategies, and methods to keep malicious parties off your data. One of the simplest and most effective of these is proper password management. Here are password management tips you can easily implement for your business:
#1. Avoid simple passwords
It’s completely understandable — most people have trouble remembering their passwords for each and every app or account they use for their job. Because of this, it’s not uncommon for people to use words and phrases that are easy to remember, such as their birthday, their full name, or, worst of all, the word “password” as their password.
Hackers take advantage of this all the time. For this reason, you must avoid common passwords and those that are easy to guess. Create one that combines letters, numbers, and, when allowed, special characters. For case-sensitive passwords, incorporate upper- and lowercase letters. The more varied and random your password appears, the stronger it tends to be and the harder it is for hackers to guess them.
#2. Change passwords regularly
Make your password even harder to crack by changing them regularly. Some applications compel their users to change their password after a set period. Even without anybody nudging you, make this a regular habit and remind your employees to do the same.
#3. Never write your password down
Some people remedy their inability to remember their login credentials by writing down their password on a notebook or sticky note, usually posted on their computer monitor or cubicle wall. This strategy practically spoonfeeds the password to anyone looking to access your files and, therefore, must be avoided at all cost.
Ideally, you alone should know what your password is, and writing your password down makes it easier for others to find out what it is. Even when you trust your colleagues to never log in to your computer or work devices without your consent, placing your password where everybody can see it still endangers your company’s information.
#4. Use a password manager
If you really have difficulty remembering passwords, you can use a password manager app. This is either a separate program or a web browser extension. It creates strong passwords or records those that you have already created. The tool then encrypts your login credentials so unwanted parties will not be able to read or use them. Your passwords, however, are protected by a master key, which is often a separate password.
#5. Implement a multifactor authentication system
Multifactor authentication (MFA) is quite simple, but it is highly effective. It is a system that requires more than one verification method before logging you into the account. This extra step could be a separate password, a code sent to your phone via SMS, or even your fingerprint. MFA bolsters the protection afforded by your password, making it much harder for hackers to get through.
When designing your password management policy, you must understand that there is no single absolute defense from cyberattacks. Combining different strategies will keep your bases covered and keep the risk of an attack to a minimum.
Chapter 5: Implementing MFA in your business
In what is considered to be one of the biggest data breaches of all time, a staggering 21 million unique passwords were discovered in an online hacking forum in January 2019.
