SUBSCRIBE TO OUR BLOG

Section Menu

Implement a people-centric cybersecurity approach

posted by Stephan Thomasee on Wednesday, October 16, 2019 in SHAZAM Blog

A recent report published by Proofpoint states, “More than 99 percent of cyberattacks rely on human interaction to work — making individual users the last line of defense.” Implementing a people-centric cybersecurity approach will benefit your institution and help reduce the threat of stolen data. During October’s Cyber Security Month, review best practices to protect your institution and your employees.

By now, we’re all aware of the need for developing and using strong passwords. Working, conducting personal finances and communicating on social media — all require passwords. What’s the best format for a secure password and why is it important?

Why it’s important

According to the 2018 Verizon Data Breach Investigations Report, stolen credentials is the number one action leading to a breach. Intrusion prevention systems that monitor network security show hackable passwords lead the list of attack types. Password hacking is widespread and correct password use is crucial for everyone’s security.

Best practices for password management

  • Complexity. Your password should have a minimum of eight characters, including numbers, uppercase letters and special characters. This will increase the strength of your password and make it harder to crack.
  • Sharing. It's dangerous to share your password with anyone. I repeat, anyone. Sharing a password means you lose accountability — you can't track what others are doing on your account. Plus, your shared password could be passed to others, and into the hands of an unethical person.
  • Dual usage. Don't use the same password for critical and non-critical accounts. Your Facebook password shouldn’t be the same or similar to your work or online banking password.
  • Public computers. Be cautious when logging into confidential sites or applications from public computers at coffee shops, hotel lobbies or airport terminals. These can be infected or a part of a compromised network. It's best not to enter any of your personal or business passwords while using public Wi-Fi. Consider using your phone’s personal hotspot or mobile connection instead of the public Wi-Fi.

Consider using a passphrase

Passphrases are a sound security practice and offer greater protection. They’re generally complex, meet password guidelines, and are easy to remember. Use one of these tips to create a secure passphrase.

  • Choose a line from a phrase, song or quote. Use the first letter of each word or spell it phonetically. For example, "Who ya gonna call? Ghost Busters!" becomes WyGc?GB! or, "98 bottles of beer on the wall" is now 98BoBotW!
  • Think of a phrase that means something to you and use the first character of each word in that phrase. For example, "I'm 43 wish I was 25" is now i43Wiw25!
  • Create an imaginary vanity license plate password, such as I8ItAll!

Implement a password manager

Passwords have infiltrated our corporate and personal lives, often causing frustration, but critical to protecting information. To help address the challenge, implement a password manager companywide. These tools help you generate and retrieve complex passwords, while keeping all your passwords in a secure location. For further safekeeping, use two tools — one approved for corporate use and one for personal use.

The protection of online data is important to us all. In our work and at home, access to online information is required. Take this responsibility seriously to keep your data safe.

Tags

  1. cybersecurity
  2. password
  3. security

About the Author

Stephan Thomasee Photo

Stephan Thomasee utilizes his technical background, proven business acumen and operational leadership capabilities to create value for internal and external customers. He utilizes IT to drive business growth by advancing security, enhancing performance, ensuring availability and refining function ... read entire bio

SHAZAM, Inc. and ITS, Inc. provide this blog for general informational purposes only. Our blog may be shared by a direct link wherein the content remains as originally presented and has not been altered. SHAZAM, Inc. and ITS, Inc. assume no responsibility for errors or omissions in the contents on the blog. By using this blog, reader agrees that the information published does not constitute nor is a substitute for legal advice which should only be sought from a qualified, licensed attorney. 

Comments

comments powered by Disqus