a man sitting at a desk using a laptop computer

One thing that has remained a constant in the battle against data breaches in business technology. The importance of adhering to a well-rounded password policy. This should be outlined by the company’s network administrator and supported by management. 

If a data breach should occur, poor passwords such as “1234” or “password” are no match against hackers.  Any organization that wants to avoid a data breach should create and strictly adhere to a comprehensive password plan.

Password Essentials

A good password plan requires some effort on both the part of the systems administrator and individual staff members.  An effective system administrator will make use of tools that lock someone out after a few failed login attempts, force the requirement to select new passwords every 30-90 days and require staff members to use new passwords rather than simply reusing old ones. 

They also may be able to control the content of passwords by requiring the inclusion of numbers, symbols, and both upper and lower case characters when passwords are created.

Staff members should be informed not to use personal information such as their date of birth, addresses, or SSNs for passwords.  In addition, staff members should be instructed to always log out of applications after use, or employ a password-protected screensaver when they leave their desks in order to discourage others from gaining access under their login.

Termination – Voluntary and Involuntary

Many organizations allow their employees to log in to corporate applications from home or from their own smart devices.  When employees leave a company, it is imperative that the former employee has zero ability to gain access to corporate systems.  Employers must keep a comprehensive, up-to-date list of every application an employee has access to. Additionally, all devices from which they access corporate systems.  If an employee is fired, all passwords must be changed. Also, access cards, hardware equipment, and keys to buildings must be accounted for.

In the case of voluntary terminations, some employers will ask their former employees to vacate the premises immediately.  In other cases, an employer will allow the employee to fulfill what is typically two weeks’ notice.  Regardless, employers need to have a system access policy already in place. This ensures a smooth transition of the employee over to a former staff member.

If you would like to know more about creating a comprehensive password policy for your business technology, please contact us.

Recommended Posts

No comment yet, add your voice below!


Add a Comment

Your email address will not be published. Required fields are marked *