Recent reports show that 59 per cent of Canadians use easily hacked passwords, and that three-quarters of all data leaks worldwide are the result of breaches that take place inside a company's own offices. Since information is one of a company's most valuable assets, here's what you can do to protect your confidential data:
- Rather than using names of people, places and pets, choose more random passwords with numbers and upper- and lower-case letters in them. Use patterns to remember them — Clark Gable's famous parting shot from Gone With the Wind ("Frankly my dear, I don't give a damn!") works well when you take the first letter of each word and bookend it with the film's year of release, for example: 19Fmdidgad39.
- Avoid writing passwords on paper or sticky notes around your desk or near your monitor. Use hints instead and store them in a lockbox or wallet.
- Have different passwords for everything and never use the same password twice. That way, if someone cracks one of your passwords, all your eggs aren't in one basket.
- Never allow your software to save your password for a given website or program. Some operating systems and programs offer this type of auto-save feature, but it's best to ignore or disable it.
- Never give out your password and always be suspicious of callers who quiz you about your log-in information on the telephone. A surprising number of security breaches happen when a hacker, posing as an IT worker or company official, simply phones and asks a person for his or her password. Ask for some kind of website link or credential — most fraudsters will quickly hang up when pressured. Security-savvy companies set a formal policy and educate their IT staffs and employees to never discuss password-related information over the phone.
- Make sure your business has a formal password policy in place, that it's enforced, and always train employees in password use.
1
