An old saying tells us that a chain is only as strong as its weakest link, and for many enterprise businesses that weakest link almost always comes down to password security mistakes in terms of their network. If even one of your users falls victim to a hacker with malicious intentions, it puts your entire business (and your customers) in harm's way. Out of all the password security mistakes that your enterprise business is making, there are a few key in particular that you'll want to focus on.
Are you making these file password security mistakes?
Your Passwords Aren't Secure in the First Place
Perhaps the most important on the list of common enterprise password security mistakes comes by way of the fact that most passwords leave a lot to be desired in the way of actual security. The safest passwords will always be long strings of unrelated numbers, letters and special characters. The challenge of this is that these are often the most difficult passwords to remember, which can make managing individualized passwords of dozens of employees a challenge to say the least. One of the biggest ways to combat this issue is through the use of a service like FTP for all of your file storing and hosting needs. In addition to a password layer of security, administrators can dive deeper by assigning individualized sets of permissions based on account status. Even if an account’s password is compromised, the entire file server is not at risk - to say nothing of how easy it is to simply deny access to the rogue account in question in the first place.
Your Employees Are Reusing Their Passwords
In an effort to help make complicated passwords as easy to remember as possible, many businesses allow (either directly or via inaction) employees to use the same password for multiple accounts. If an employee is using a single password for both your business enterprise and their own personal smartphone and they lose that smartphone, suddenly your entire organization is at risk. One of the best ways to combat this issue is to make a firm rule in your IT security policy forbidding the use of repeat passwords for this very reason. In addition to the rule, the consequences for a failure to comply should be very severe as the potential risk to your entire business should even a single user become compromised is just as serious.
You're Not Changing Your Passwords Frequently Enough
Another common mistake that many businesses make in terms of password security involves not having a policy that requires passwords to be changed at least once every 90 days or so. Long passwords are difficult for hackers to guess, but it isn't impossible - it just takes a lot of time. If you make your employees constantly change their passwords, you essentially "reset the clock" each time - provided that the new passwords are just as strong as the old ones.
Services such as Sharetru allow you to set password strength and expiration rules to enforce your IT security policy on your users and thereby prevent them from choosing passwords that are too simple, to make them change the passwords regularly, as well as to prevent them from reusing old passwords.