When the topic of identity theft is discussed, people automatically think about individuals and their personal information. However, identity theft is a real concern (or should be) for businesses and business owners. The practices used in password protection in the workplace should be well thought out and communicated to all parties involved. Keeping the information of your employees and clients safe should be of the utmost importance.
Is Your Information Protected?
Businesses owners, how confident are you in the security of the information you store? How confident are you in the confidentiality of your employees and the information they have access to? Here are a few survey results concerning this topic:
- 61% of employees are more likely to share their work passwords than their personal passwords. – LastPass, 2016
- 20% would sell their work passwords for less than $1000. – Sailpoint Market Pulse Survey, 2016
- 22% share their passwords with co-workers. – Sailpoint Market Pulse Survey, 2016
- 40% of terminated employees still have access to corporate accounts, even after they leave. – Sailpoint Market Pulse Survey, 2016
Even though your employees may value their work and their position, they may not value the protection of information as highly as you do.
How To Better Protect Your Information
In order to protect the valuable information you store, you must employ company-wide security measures. Each and every employee needs to be held accountable for their actions, but they also need the tools necessary to protect the information they have access to.
- Prioritize Passwords and Maintenance:
- All employees in the company should use the same secure password manager which will store their passwords. Password managers will allow you to use longer, stronger passwords (12 characters minimum, uppercase and lowercase letters, numbers and symbols should all be used) as well as giving their superiors access to their passwords.
- Passwords should never be saved directly in a web browser, only in the password manager.
- Passwords should be changed semi-frequently (once every 3-6 months) to maximize protection.
- No passwords should be shared between employees without the consent of a supervisor.
- When an employee is terminated, passwords should be changed on any account they had access to.
It is the responsibility of the business to ensure safe storage of information. The easiest way to gain access to valuable information is by obtaining a current password. Your use of password protection in the workplace can be the difference when it comes to keeping information secure.