It seems as though every day we hear of yet another data security breach. Carbonite recently announced a forced password reset after the online backup service was made aware of attackers attempting to access its user accounts. Carbonite required all customers to reset their account passwords as a proactive safety measure even though there was no evidence to suggest they had been hacked or compromised.
It’s theorized the 2012 LinkedIn data leak may be the cause of recent attacks, with the usernames and passwords obtained now gaining traction on the dark web. This is especially alarming if you use the same password on all of your accounts, as hackers can easily access them using a stolen password from one account against others.
AM Data Service cautions that as password-cracking tools become more advanced, it is imperative to arm your business with passwords that hackers cannot easily detect.
This can prove challenging when one in five organizations report they've never changed their default passwords on privileged accounts and three out of 10 still allow accounts and passwords to be shared.
Despite the inconvenience, it is imperative that every organization adopt a unified and well-defined password management strategy. It's important to keep your employees accountable for their network usage.
So what can you do to protect your company’s data?
Practice safe password creation methods backed by a corporate password protection policy that is consistently and effectively enforced. Ideally, you should use a password manager.
Start by making your passwords unique and completely unpredictable using some of our favorite tips below.
1. Avoid predictable password formulas.
Don't use an individual word, name or date in your password; use a mix of character types and make your passwords as long as possible. A good way to avoid using words is to use an acronym. It's secure because it can't be hacked by a dictionary hacker and it's easy to remember.
2. Use a unique password for each site.
If a security breach happens, the damage would be limited to the website associated with the leaked password.
3. Use a password manager for truly random passwords.
The only truly secure password is the one you can’t remember. Password managers are the only way to accomplish this.
4. Use two-factor authentication.
It is one of the best ways to hack-proof your accounts because others can’t access your accounts even if they know your passwords.
5. Say no to Post-its.
Do not stick a Post-it note to your computer, phone, mouse pad or keyboard that contains your passwords. This occurs more often than you'd think. If you write down your passwords anywhere, make sure they are locked up so they can't be found on your desk.
These are just some of the basics you can follow as a first step in your journey to securing your data. Don’t allow the increasing number of security threats prevent your organization from thriving.
We invite you to contact AM Data Service for a corporate password policy review. We can also provide related resources and recommend a password manager that’s right for you.
Contact AM Data Service at (734) 744-5300.