Secure your Corporate Passwords

"123456", "password,” "qwerty" ... in 2019 many employees were still using insecure passwords to access private data or business applications. At a time when cyber attacks are increasing in the business world, data security has become a major issue. Ignoring the importance of a secure password is exposing your business to security breaches or data loss. Most business tools involve logging in with a password, so there are a few best practices to follow in order to keep data secure in business. We offer you a “best practices” article to help you organize password management in your company.  

1.      Define Access Rights for Each Employee

Every day, your employees have access to many tools containing data. However, not everyone needs to have access to all your business data. To increase the safety of your tools, it is relevant to define access rights for each employee. Name one person responsible for passwords and only assign access to the people who need them. Critical data is then shared with a minimum of people, reducing the risk of hacking or data loss. This method also makes it easier to identify the source of the problem during data leaks.  

2.      Increase the Difficulty of Your Passwords

Sensitize your associates and employees to making complex passwords. There is no universal rule for setting a good password. However, some good practices can be followed to reduce the risk of cyber attacks:

• Use upper and lower-case letters, numbers and special characters
• Create combinations with at least 12 characters,
• Do not use personal data (surname, first name, date of birth, etc.),
• Choose several words with no direct relation to each other,
• Use a unique password for each tool,
• Keep your password confidential.

There are also several methods to create a random password respecting the above criteria. Random passwords are sometimes difficult to remember, here are some examples of methods to create a secure password: Method 1: Retain the first letter of each word making up a sentence. Example: It is snowing this 1st day of the year in Canada! The password: Iist1sdotyiC! Method 2: Use the phonetics of a sentence by converting sounds into characters. Method 3: Choose a password that is easy for you to remember and shift each letter by one touch. Example: JeanPierreDupond The password: KrsmôrttrFi^pmf Method 4: invent your own rule, it's all about remembering!  

3.      Use a Password Manager

The main rule to follow is to keep your password confidential. It is important not to write down all the passwords in a notebook or even an Excel file that can be discovered by anyone. Forget the note placed on the computer screen or the file "Passwords" saved on your desktop! Since it is not always easy to remember each password by heart, we recommend using a password manager. These managers tools memorize the passwords of all the websites used in the same secure database. Using this system, you will only have one complex password to remember. Here is a list of a password manager to remember your passwords: LastPass, Dashlane, NordPass...  

4.      Opt for Double Authentication

Whenever possible, it is recommended to use double authentication, i.e. two-step verification. This method verifies a person's identity in two steps. The first step can be the insertion of the password and the second authentication by SMS, email or PIN code.

5.      Conclusion

It is better to regularly change your sensitive passwords to avoid any security issue. Change your passwords if you suspect an intrusion. The important thing is that everyone is aware of the importance of passwords and their role in protecting their business data. Respecting the basic rules does not avoid cyber attacks, but significantly strengthens the security of each company. Need advice on establishing your password policy? Contact us!