Every small and medium-sized organization in and around Chicago is at risk both from outsiders and insiders. Your employees may unintentionally (or intentionally) leak your confidential data.

This is why you must deploy protections to keep this from happening. There are ways we can do this for you with network configurations. In addition, you must ensure that your employees practice appropriate password behavior.

What Are Some Ways We Protect Our Clients From Their Employees?

  • Disabling the ability for users to send any attachments to outside addresses using company email.
  • Using Microsoft Office 365, we can set up data loss prevention that watches for specific types of information, like confidential information from being sent via email.
  • We set up web-filtering solutions that block traffic to personal email sites like Yahoo and Gmail.
  • We can lock down USB ports so employees can’t insert a thumb drive and copy confidential business data. If needed, we can unblock them at the employer’s request for a specific period of time.
  • We’ll make sure that security is set up properly on all the file shares. Rarely does an employee need access to everything. We can set this up on a “need-to-know basis.”
  • Some of our clients ask for auditing software to notify managers when specific files or folders are being accessed or copied. This auditing software logs all user activity as well. When users logged on, off, and how long they were active.
  • There are other forms of software we can use to record all user activity. Every morning when the user logs in, it records their session until they log off for the day. This can be played back at a later time for reviewing. You can see everything they did on their computer.
  • Sometimes our clients want their servers moved to the Cloud where access to company information is only accessible from remote desktops. In this case, all users need to log into another system. This provides an additional layer of security. The company’s data never leaves the network.
  • We can install a disclaimer on a client’s system that warns their users that everything they are doing is being recorded. We find this to be a good reminder and a way to communicate company policies to employees.

What About Password Mistakes That Employees Make?

Your employees are your last line of defense. They need to be trained and remain on their toes. And password security should be top of mind.

Passwords are a big part of your cybersecurity – but many employees are cutting corners and using weak passwords anyway. Despite the fact that passwords are the most direct way to access a user’s private information, most passwords employees use today are simply not strong or complex enough.

Passwords protect email accounts, banking information, private documents, administrator rights and more; and yet, user after user and business after business continues to make critical errors when it comes to choosing and protecting their passwords.

Are Your Employees Making These 4 Common Password Mistakes?

  1. Length and Complexity: Keep in mind that the easier it is for you to remember a password, the easier it will be for a hacker to figure it out. That’s why short and simple passwords are so common. Employees worry about forgetting them, so they make them too easy to remember, which presents an easy target for hackers.
  2. Numbers, Case, and Symbols: Another factor in the password’s complexity is whether or not it incorporates numbers, cases, and symbols. While it may be easier to remember a password that’s all lower-case letters, it’s important to mix in numbers, capitals, and symbols in order to increase the complexity.
  3. Personal Information: Many employees assume that information specific to them will be more secure. The thinking, for example, is that your birthday is one of 365 possible options in a calendar year, not to mention your birth year itself. The same methodology applies to your pet’s name, your mother’s maiden name, etc. However, given the ubiquity of social media, it’s not difficult for hackers to research a target through Facebook, LinkedIn, and other sites to determine when they were born, information about their family, personal interests, etc.
  4. Pattern and Sequences: Like the other common mistakes, many employees use patterns as passwords in order to better remember them. But again, this makes the password really easy to guess. “abc123”, or the first row of letters on the keyboard, “qwerty,” etc., are extremely easy for hackers to guess.

How Can You Help Your Employees Use Strong Passwords?

Creating and using strong passwords can be frustrating, but it’s incredibly important. Privacy and security are major concerns for businesses these days. You must be sure that your employees aren’t making it easy for hackers to access your private data.

One of the best ways to maintain complex passwords is with a password manager. Password managers are the key to keeping your passwords secure. There are a number to choose from.

What Exactly Does A Password Manager Do?

A password manager generates, keeps track of and retrieves complex and long passwords for you and your employees to protect vital online information. It also remembers your PINS, credit card numbers and three-digit CVV codes if you choose this option. Plus, it provides answers to security questions for your employees to use. All of this is done with strong encryption that makes it difficult for hackers to decipher.

The following are 3 popular password managers:

1. LastPass

  • This manager creates long, randomized passwords that protect against hacking.
  • It will sync your passwords with all of your devices, including your smartphone.
  • This will save you time when shopping online by completing forms with your address and phone number.
  • It also provides two-factor authentication using your mobile device.

LastPass Premium is billed annually for $36 per year.

2. Dashlane

Dashlane provides many of the same benefits as LastPass. However, if you want to sync your passwords to a mobile device or use two-factor authentication, you must pay $4.99 a month for their Premium Plan. They also offer a Business Plan for $48 a year.

3. 1Password

1Password offers a free 30-day free trial. After this expires a personal account costs $2.99 a month, or $4.99 a month for a family with five members. They also offer a “lifetime license” for $65.00. 1Password is the only password manager that allows you to store passwords locally via their Local Vault rather than in the Cloud. 1Password 6 for Windows does not currently support local vaults, but 1Password 7 for Windows does. If you’re worried about losing access to the Internet, you might consider this.

How Do You Set Up A Password Manager?

Using a password manager is pretty simple. When using LastPass, Dashlane, or 1Password, you simply download and install the software. You must also download and install the extensions for the different browsers you use. If you want to use these password managers on your smartphone, you must download their mobile apps. None of this is complicated and should only take a few minutes.

To set up an account, you must provide your email address, and you’ll also need to come up with a master password—a long, random, complicated one. Then you must provide information about your various accounts.

You can either import passwords that you have stored in your browsers or let the password manager store your username and password when you log in to a website. Once you get started, the password manager will help you along the way.

Is It Okay For Employees To Save Passwords in Browsers Like Google Chrome or Safari?

We don’t think you should. Why? Because having your web browser remember your passwords and/or credit card details can seem convenient, but it presents security risks.

The risk depends on the browser you’re using, if you sync computers with other devices, and whether or not you take the time to use the browser’s extra security features.

If your employees save passwords in a browser, not only can others who have access to their computers login and see their actual passwords, but a thief can do the same if they lose a laptop, smartphone or tablet.

In Conclusion

In the end, it’s important to do everything you can to ensure your employees use secure computing behavior.

Creating and using strong passwords can be frustrating, but it’s incredibly important.

And, be sure to ask us about setting up your network to deploy protections to keep your employees from leaking your confidential data either unintentionally or intentionally.

Privacy and security are major concerns for businesses these days, and you must be sure that you aren’t making it easy for unauthorized individuals and hackers to access your private business data.

In the meantime, be sure to stay up to date on the latest IT news and info. Check out our Blog. Here are some articles that should interest you:

Malware attack hits US accounting firms

Microsoft Accounts Targeted For Months, Hackers Serve A Security Reminder

Microsoft Data Breach Highlights Need for MSP Collaboration and Security