Your cyber security is more in your control than you think. I’ve seen too many people simply get overwhelmed by the words “cyber security” that it ends up paralyzing them to the point that nothing’s done about it. So, to get you going, and as is the case with most things, let’s start at the beginning.
What I mean by this is how you’re securing your information – primarily, what your passwords are, how you design them, and how you manage them. Everything starts here. As the business owner or key decision maker, how you run your passwords more often than not trickles down through your organization. We can get lost in how the specifications are set within your specific business’ cyber security policy, but for small businesses, more often than not these specs are what’s pushed down from above. If you don’t take cyber security seriously, there’s no chance your staff will.
So to that end, here are some of the key points to help you build a strong first line of defense – what your passwords should look like. And notice I’m using the plural here – passwords. I’m being very specific here. Using more than one password for different types of access reduces the impact of any one breach. So, here you go…
- Make the password at least 8 characters long. The longer the better. Longer passwords are harder to crack.
- Include numbers, capital letters and symbols. To make them that much more secure, use a couple of numbers or unique symbols in place of letters – ie: a “3” for an “e” or a “!” for an “I”. ie: “numb3r” or “n!ght”.
- Don’t use “dictionary” words: If your password is simply a word in the dictionary, not only is there a high chance that someone will guess it – but there’s no question a hacker will crack it.
- Create passwords that are easy to remember but hard for others to guess. When possible, use a short phrase rather than just a word. You can use a phrase like “Iliketowalkdogs” or “Iliketogotothebeach”.
- Never share your password. Never give it to co-workers or friends - even if you think “they’re really good friends”. Don’t share your password with anyone.
- Don’t post it in plain sight: Don’t keep it on a post-it on your monitor or in your desk drawer. This might seem obvious but SO many people disregard the obvious only to have it come back to bite them later on. If you must write it down, make sure you don’t include anything about what it’s for and certainly don’t include your Username right next to it. And make sure wherever this is written down, it’s hidden in a secure place.
- Don’t use just one password (see above). If your password gets compromised, your access has now become compromised across all the sites that you use it for.
- Consider using a password manager. There are a number of secure online password managers that allow you to store your login information while giving you tools to create your own very strong password for each of your sites. Some of these even have plug-ins that you can install into your browser so that you don’t even have to remember your password for each site.
- Consider using multi-factor authentication. Many services offer an option to verify your identity if someone logs on to your account from an unrecognized device. The typical method is to send a text or other type of message to a mobile device registered to you with a code you need to type in to verity it’s really you.
- Lock your mobile device! This means use a “password” or your fingerprint to secure your phone and tablet. Most phones can be locked so that the only way to use them is to type in a code, typically a string of numbers or maybe a pattern you draw on the screen. iPhones allow you to register your fingerprint to unlock them - which is quite secure.
While many of these seem like words to wise for individuals, all of these can (and should be) incorporated into your company’s cyber security policy. Again, when you start at the beginning – using secure passwords and having a strong methodology will only help to secure your information and make for a more secure computing environment for your business.
What's your experience like managing your passwords? Do you adhere to your company's Cyber Security Policy? Do you use a Password Manager? Please share your experience with us in the Comments section below.
Also, if you'd like to see how your security precautions stack up, please download our free Cyber Security Report Card and evaluate how you're doing.