Passwords are everywhere. From your Windows login to your banking software, to the online store where you purchase your “can’t put down” books from; everyone wants you to log in with your special login.
But how “special” is your login?
It’s simple. We are busy people with lots to do; so to remember long, secure passwords may not be high on our priority list. And if we have to have a different one for every site or device that requires one, then we are really in trouble. After all, we aren’t just speaking of websites, but phone apps, computer logins, email accounts, and well…you understand. The list can be endless.
So how can we make things easier for ourselves and harder for the criminals? Let’s break it down into 5 easy steps.
First, Don’t Share Your Login.
As simple as it sounds, it’s a very common problem. It could be a matter of you giving your login to a best friend, or it could also be a case of 8 employees all logging into a network using the same username and password. Either way, you’re setting yourself up for disaster.
Next, Make Your Password Secure
Believe it or not, password is still one of the most commonly used passwords. It actually was the second most common password for 2014, preceded only by 123456 that came in at #1. Others include 12345, qwerty, and letmein. For a complete list, visit gizmodo.com.
Best password practice would recommend that your passwords are 8-12 characters long and include alpha, numeric and special characters. Using both upper and lowercase is also good practice. A perfect example might be: h*3Dxy8vM.
Worried about remembering your password? There are multiple sources available for password keepers. Just always look for one that is secure and from a reputable publisher.
Our Next Recommendation is Locking Your Desktop
This may be the easiest of them all. If you’re walking away from your desk, “Just Lock It”.
In the “good ole days” when security wasn’t an issue, we would leave our desktops unlocked and leave. When we returned, we would have strange replies to emails that were sent from our account. We always knew who the usual suspects were and it was all in fun & humor, but now, leaving your computer available for anyone’s access is just not safe. Information is more critical than ever and customer data is everywhere. It’s our job to protect both our company and our customers.
Let’s Not Use the Same Password for Every Account
If someone steals your only username & password, they could access everything you own. Many of us are guilty of using one login for everything. When you add that to the simplicity of our passwords, we have just done a major portion of the legwork for the criminals. Use different credentials for different sites.
Finally, Don’t Use Your Username as Your Password
Again, this is done as a time-saver and for ease, but you are only making it easy for the password stealers. Your password should be unique, only used as a password and nothing else, and only by you.
Unfortunately, we are in a time where malware and viruses are accessible everywhere as little bots do nothing but infect networks and break passwords all day. And the sad truth is that, for some, creating these infections is a full-time job.
If you are concern about your network or how to determine where your network stands on security, contact a local IT provider, such as CMS IP Technologies in Beaumont and set up an appointment for a no-obligation network evaluation.
Sorry Star Wars Fans, But You Just May Need to Change your Password.
It’s that time of the year again. SplashData releases its 5th annual report of the most commonly used passwords in order to highlight the insecure password habits of Internet users.
The purpose of this list is to encourage users to become more conscience of Internet security and the threat of stolen passwords. Using weak passwords puts the user at risk for hacking and identity theft.
Here are the top 25 worst passwords that made it onto the annual list:
Numerical sequences have taken several spots on the 2015 list, along with keys that are in order on the keyboard, such as qwerty & 1qaz2wsx. Of course, pop references are always a hit and this year was about Star Wars, but even The Force can’t protect you from malware.
Longer keywords did appear, but using a longer password does not add security if the password is simple or has a detectable pattern.
The thing we want you to remember is that the list above was compiled from passwords that were compromised and leaked this past year, so they have already proven to be “hackable”. If you would care for a downloadable PDF document with the passwords and security tips from SplashData, you can safely download it from CMS.
In the past when a person needed new software such as Microsoft Office, they would simply travel to their nearest retailer and purchase a brightly-colored box with a CD and a license key inside. The next transition from this became visiting a website, purchasing online, and downloading a file directly from the website.
And now it seems that we have hit the next phase. Applications now are going a step further by not requiring a download or installation at all, but by logging into the application via the internet. Welcome to the Cloud!
So what are “Cloud-based Applications” & How Does it Work?
We often see the term SaaS. SaaS is a term for Software as a Service; meaning that instead of buying software in disk form, you are paying for a service that is provided to you. You are no longer getting a CD and installing it on your computer, but accessing it by visiting a website and logging in.
So are Cloud-based Applications Really Better than Installed Versions?
There are certainly advantages to moving to the cloud. Small businesses should really look at their goals and potential growth and evaluate their current network situation. Contacting a local IT company to help with this evaluation would also be beneficial.
Some of the benefits of cloud-based applications include:
- Less maintenance required
- Reduction of start-up costs
- Regular updates and patches, performed by the vendor
- Reliable backups controlled by the vendor
- Ability to access your data from multiple locations and devices
- Flexibility; typically a per user fee. Only pay for the users you have accessing it.
Questions to Consider:
As with any network changes, there are questions you should consider before making a switch in platforms. Again, it is always wise to involve your IT department or company to help with an evaluation beforehand.
System requirements; even cloud-based applications may have onsite needs. If so, what are they?
Network compliancy; is your environment compliant with current, up-to-date devices? This can be your PCs, the browsers that you use, and most importantly, your internet connection.
HIPAA compliancy; Do you require HIPAA compliancy and does the cloud provider you’re considering offer it?
For the most part, changing from an installed version to a cloud-based version should be a relatively smooth transition, especially if it is still with the same solutions provider or vendor. And as we are now seeing, it is becoming the current trend with most providers to move in this direction, forcing our hand so to speak.
The biggest point to make here is that if we don’t stay current with our technology, we only open ourselves to potential security threats or “old tech” that just keeps breaking. Staying current with your IT will help eliminate your downtime.
As technology has grown by leaps and bounds, so has the threat of compromised data. Imagine your medical records at your doctor’s office…they contain all your personal information including your date of birth, your social security number and address, not to mention every medical condition that you may have had. Patient records are the “all you can eat buffet” of cybercriminals.
So Why Not Work With Technology
Using technology in a smart way can be your greatest ally. Properly controlled firewalls and anti-virus software can help prevent a majority of unwanted programs from installing on workstations. Firewalls with security policies in place can limit your staff from visiting website unrelated to the work environment, which is one of the leading causes of malware & viruses. A professional IT staff can work with you to create policies that provide both access and security.
Managing your network security must include your server. Your server is the hub of your network, but where is it located? Is it accessible to just anyone walking by? The same can be asked about your computers. When your staff walks away from their station, is the screen locked, requiring a password?
And that leads to the Ultimate Question, “How secure is your password?”
According to SplashData, a California-based security-app producer, the most common password for 2013 was ‘123456’. This entry moved up a spot, replacing the previous number one password, which is simply ‘password’. Others in the top 25 included ‘12345678’, ‘qwerty’, ‘abc123’, ‘123456789’, ‘111111’ and well… you get the idea.
A simple rule, the easier the password, the less work that needs to be done to gain access.
So what’s the Solution?
Using a managed services provider such as CMS IP Technologies can take a big load off your worries. You want an IT provider that is a HIPAA compliant business associate. They will know what is expected of your network security, how to manage the details, and can assist in educating your users in best practices.