One of the primary protections when it comes to keeping data secure is the humble password. Attackers use various techniques to discover passwords, which include using powerful tools available for free on the internet. However, on many occasions, a powerful tool would scarcely be needed, with the most commonly used (and woefully inadequate) passwords being the easiest and quickest to crack.
Password security should be a number one priority when it comes to protecting your business' data. While you can have the most robust cybersecurity measures in place, it won't matter if you neglect password security.
How attackers crack passwords
Improving system security starts with understanding the variety of ways that attackers attempt to crack your passwords. Growing sophistication in techniques means that awareness is always crucial.
- Interception: Attackers intercept passwords as they are transmitted over a network.
- Brute Force: Automated guessing of billions of passwords until they find the correct one.
- Searching: Criminals search IT infrastructure for electronically stored password information.
- Stealing Passwords: Passwords stored insecurely are easily stolen – this includes handwritten passwords hidden close to a device.
- Manual Guessing: Hackers can use Personal information, such as name and date of birth, to guess common passwords.
- Shoulder Surfing: Observing someone typing their password.
- Social Engineering: Attackers use social engineering techniques to trick people into revealing their password.
- Key Logging: An installed keylogger can intercept passwords as they are typed.
How to improve your system security
The ever-expanding list of ways that attackers employ to get access to your data is undoubtedly worrying. However, putting a robust system in place, and following best practices, can go a long way in securing your business. Read on for our tips.
Help users cope with password overload.
The sheer number of passwords that an employee needs to do their job can be overwhelming. And so, asking them to ensure that each password is unique, secure and hard to guess can be a bit of a tall ask. Prevent 'password overload' by giving your users the technical solutions to record and store their passwords securely.
A password manager such as Keeper protects every employee, remote or otherwise, against password-related data breaches and cyber threats. Password managers can create random, high-strength passwords for any website or application that an employee uses and then store them in a secure vault on all devices. Each employee's vault is an encrypted and private space for storing and managing passwords, credentials and even files.
Help users generate appropriate passwords.
Putting technical defences in place, such as a password manager, means that employees can use simpler passwords. But it is always best practice to educate your staff and ensure that they use appropriate passwords. Do this by steering them away from predictable passwords and ban the most common. The average number of websites that users access with the same password is 4, and this can be a significant security risk – an attacker must only guess one to get access to all four. Encourage your employees never to re-use the same password, and especially if they use that password at home in their personal accounts.
Make sure to prioritise the secure accessing of administrator user accounts. Administrator accounts almost always store the most sensitive data, which has the highest cost in a data breach.
Taking the time to investigate and put controls in place will ensure that your organisation is on the path to better cybersecurity. Cyber Essentials Certification should be your next target, and SoConnect can help you on your journey to this.
Certification proves just how seriously your business is about cybersecurity and creates trust between you, your customers and business partners. Our team of IT experts will guide you through the process and implement measures, so you are safe knowing that your company is cyber secure.
If you would like to know more about Keeper Password Manager, or cybersecurity for your whole business, fill out a form on our website, give us a call on 03332401824, or email sales@soconnect.co.uk.
Reply a Comment