2018 served as a watershed moment for IT security. However, some of the most basic yet crucial measures are still being overlooked - such as password security. Passwords are the fundamental failsafe in the security of your digital devices and the first line of defence when accessing on-premise or cloud-based services such as a CRM system or Office 365 account.
The GDPR (General Data Protection Regulation) has raised awareness for the individual, of both the importance of keeping their data safe as well as the right to control their personal data in the hands of others. Furthermore, the headline, global scandal that was the fallout from the actions of Cambridge Analytica, and its use of data harvested from Facebook, has raised the topic of password security within the global consciousness.
Importance of password security
Many of us are still using unsophisticated passwords and basic login credentials which severely compromise the security of our computers and online accounts, making us susceptible to cybercrime, fraud and identity theft. According to a recent study by security researchers, 4iQ “Password” is still one of the most commonly used passwords in the UK despite all the warnings.
When creating a sophisticated password, you should follow the guidelines below and create different passwords for each account you have:
- Passwords should consist of 12-14 characters
- Avoid singular, full words
- Utilise both uppercase and lowercase letters, as well as numbers
- Use special characters – don’t use them to replace letters like ‘@dm1n’ instead of ‘admin’
We understand that this can be difficult to manage, but you should not underestimate the importance of setting strong credentials. A password vault service such as LastPass, 1Password or Dashlane will help you set and manage complex passwords for all your accounts.
Increasingly, a password and username alone is not good enough – no matter how complex it is.
Multi-factor authentication is a login process in which the user must provide multiple pieces of information, to gain access to the system. Instigating a multi-factor authentication process within your IT infrastructure is a great way to enhance the security of systems and data.
Microsoft Office 365 offers a multi-factor authentication facility that includes a layer of physical authentication – whereby a text message is sent to the user’s phone with a randomly generated access code. Adding this element to the login process dramatically increases the level of security and significantly reduces the risk of an account being breached.
Air IT can advise on and facilitate the implementation of an enhanced and more secure login process for your IT system, including multi-factor authentication.
National Cyber Security Centre
The government has set up the National Cyber Security Centre, part of the Government Communications Headquarters (GCHQ), to investigate and advise on the threat of cybercrime to UK citizens and organisations. Its vision is to help make the UK the safest place to live and do business online.
The NCSC’s website provides a wealth of useful information on how to maintain a strong level of protection against viruses and malware, maintain GDPR compliance and the latest updates on cybersecurity threats.
We would advise any business owner or CEO considering how to improve the cyber security of their organisation to get in touch and discuss your requirements with one of our security experts.
Want to find out more?
Air IT provides managed IT and cyber security services to businesses across the country. If you’d like to know more about our services, please don’t hesitate to get in touch.