Password Managers is something we should all endorse, with a security-conscious world, we need to take corrective measures to make sure you are secure.

Cyber Security is a key aspect we need to look at in today’s connected world, from our children finding entertainment on YouTube to major businesses transferring billions over the internet.

Often overlooked is who has access to what? An IT Department / IT Company is often trusted with secure passwords to access all their systems.

This is fine but you should have checked in place to make sure a single employee doesn’t control access.

Such in a case in the USA, a college fired an employee and the password was then held to ransom for $200,000.

We provide some guidelines to follow below.

Make sure no personal addresses are used as a Recovery Option

A recovery method is essential in case of forgetting passwords and somehow not having access to a stored password or in the case of a Cyber Attack.

This can cause the password to be changed. In the case of the linked story above the employee had his personal email as the recovery address, for a while Google said no to reset it due to their policy.

Make sure the recovery address is linked to the organisation, even if it is a throwaway email address not associated with the domain (recommended),

you should ensure the policy does not allow the use of personal Email addresses.

Unique Passwords for every site

This sounds obvious but the number of people even in the tech world that uses a variation of the same password.

We went to help someone recently that had 1234 and changeme in their password, clearly left as a placeholder to encourage the user to change it but this was their only password on multiple machines.

Regardless of how complex your password may be it needs to be unique.

The reason is simple if a site was breached and passwords leaked if you used one complex password that password would then be out in the open for all to try.

Consider Password Managers

Consider a Password Manager to make sure you can keep track of the many different passwords you will end up with,

most Password Managers also have the functionality to generate a password and this is useful when creating unique passwords.

Make sure the CEO/CFO have access to Passwords

You don’t want any IT company to hold all the keys to your kingdom,

best practices are to have the main password locked away in a safe so if an employee leaves, is fired, or if an IT company goes out of business then you won’t be locked out of your crucial systems.

For example, when we encrypt systems we set a unique key, this is stored in a secure place that our clients can access as without this key recovery is impossible.

Security awareness training

Keeping staff clued up on what to do can make the difference between your company making the right steps towards a secure environment, and staff accidentally opening up the doors to a breach.

With GDPR if such a breach occurs you have to report it to your customers and the Information Commissioners Office (ICO), along with the potential fines it is not worth it.

Quite a few companies offer Security Awareness Training including CHTSI, look at booking a session with whoever you choose to use. The difference it will make to your staff will pay dividends to protect your business.

Subscribe To Receive The Latest News

Subscribe to find out first about new content.

See our Privacy Policy.

Leave a Reply

chtsiserve-com

Need help or want to know more?

If you would like to learn more or are in need of support. Or would like to discuss working together, book an appointment or call 01423 423068

Interested and want to help smooth the process? Install our Onboarding toolYou can also try to reach us via our HubSpot Live Chat.

Schedule An Appointment

We would love to hear from you regarding any Outlook or Microsoft 365 Support, IT Support, Cyber Security, WordPress Website Design, or any Computer Support request you may have. Get the best out of Harrogate & Yorkshire IT Support.

Please note if you are a client and need to request IT Technical Support,  please use our Client Portal

Contact Us

Tel: 01423 423068

E-mail: hello@chtsi.uk

Online Support Portal: Client Portal

Need a quick chat or request? Try our HubSpot Chat from this page. Alternatively, use our WhatsApp Chat

Book with us

Loading...

REMOTE APPOINTMENTS NEED TO BE PAID FOR BEFORE WORK IS CARRIED OUT

Cygnatech

Book A 15 Minute Video Call

IT Support in Harrogate

Carl Hamilton

Managing Director
  • 20+ Years IT Experience

  • Business Phone Systems (VOIP)

  • Cyber Security Specialist

  • Experts in Outlook Support &  Migrations

  • IT Support in Harrogate

  • Outsourced IT

  • Social Media Management

  • Website Hosting & SEO Management

“Extremely helpful and proficient technical support. Provided one-off troubleshooting when I required support to recover Outlook. Carl was knowledgeable, polite, and patient in resolving my issue Highly recommended.” – Pras Legal Corp.

Book Your 15 Minute Video Discovery Call
Published On: March 11th, 2019 / Categories: Security, Business Security, Buying Guides, Cloud, Gadgets, Microsoft, Microsoft 365, Tech, Windows /