IT Security Basics
Additional Security Tips
Passwords are the first line of defence for IT security but are also one of the most common vulnerabilities. Poorly designed or insecurely kept passwords are both high risk for IT security. Having a workplace password policy can help avoid these issues as long as it includes IT best practice for passwords.
The National Cyber Security Centre has the following advice for small businesses on how to use and store passwords:
1
Implement Proper Password Protection
Make sure you are using password protection for any device/system or application with access to sensitive information. IT systems should not require staff to share accounts or passwords to do their job and all users should have the lowest level of access required for their role.
2
Use Two-Factor Authentication
Upgrade to 2 factor authentication if you are given the option.
3
Avoid Predictable Passwords
Avoid using predictable passwords (see image below).
4
Help Staff Manage Passwords
Help your staff cope with password overload. Do not regularly enforce password changes unless you suspect a compromise of credentials and supply safe storage for staff to record passwords. This could be physical such as a locked box or electronic such as a password manager app.
5
Change Default Passwords
Change manufacturer default passwords on all devices before they are distributed to staff. Regularly check existing devices for unchanged default passwords.
Passwords
