User and device credentials play an important role in IT security. If you don’t take passwords or security seriously enough, it can someday be big trouble for your business. Cybercrime is on the rise, even as security solutions grow more sophisticated. Here are the multiple factors to check to make sure that your business network is safe from harm:
It Starts With Security Configuration
The configuration of your security system can involve setting usernames, passwords, enabling options, and establishing encryption controls. Many organizations allow employees to create their own logins, especially in bring your own device (BYOD) environments. Others restrict these tasks for the IT staff to oversee. In most cases, IT departments are expected to handle encryption, unless they outsource to another service.
Ideally, the best way to protect digital assets is to use as many layers of security as possible. Some cloud providers even go much further by using multiple virtual servers. Knowing that some of the largest tech, health, financial, and even government organizations have been hacked in recent years, sends a clear message to all businesses that intense focus must be placed on protecting your data and applications from cyberattacks.
Four Commonly Overlooked Configuration Issues
1. Use of default administrative passwords for peripheral devices
2. Enabling services not in use
3. Lack of strong encryption
4. Improper configuration for operating system updates
Strong vs. Weak Passwords
Any type of passwords assigned by IT security or created by employees need to be strong, whether it’s for routers, switches, printers, or network security. You need strong passwords because they are much more difficult to crack than simple 4-digit passwords. All it takes is high speed software to test out all the possibilities in a matter of hours or days for simple passwords to be breached.
Examples of incredibly weak passwords are: 1234, user1, and password1. As annoying as it is to keep track of multiple different passwords for different platforms and applications, strict security measures can no longer be downplayed in this era. You must come up with unique passwords that are both hard to read and hard to remember.
The more complex and confusing the password, the better. An example of a strong password will encompass a mix of language variations. It should be alphanumeric, include both upper and lower case letters and look more like a foreign language code than something you can easily absorb. It helps to mix in special characters, such as dollar signs, asterisks, and exclamation marks. Don’t be like the 80% of financial institutions that learn from third parties when their systems have been breached.
Steps to Successful Configuration
1. Set passwords that defy normal language characteristics
2. Change passwords regularly
3. Enable unused services such as HTTP, FTP and SNMP
4. Disable weak encryption options during configuration
5. Make sure weak configuration items aren’t re-enabled during OS upgrades
The key to reliable IT security is to make your login information and encryption too complex for hacking software to crack. If you just use passwords that are easy to read without encryption or a disaster recovery plan, you are playing with danger. To learn more about how we at onShore Security can protect your business technology, contact us today. We’d be happy to explain modern options that bring you peace of mind.