Top Password Management Mistakes That Businesses Make

Increased use of technology and a rising concern for keeping data safe and secure has led to the need for using passwords for virtually everything; be it a firm’s database or electronic gadgets such as a cellphone. This concern for data protection and financial security especially applies to businesses and large organizations that store information related to hundreds and thousands of customers as well as sensitive company information such as financial records and strategic plans of the company.

Many of these companies, however, do not pay much attention to management training and password administration and often have succumbed to heavy losses in the form of hacking of company website, defacement of the company (cyber-vandalism) as well as huge financial losses. Briefly described here are a few password management mistakes commonly made by companies as well as their after-effects:

Relying Too Much on Security Policies

A security policy is an important part of an enterprise, which lays down the rules, policies, and practices pertaining to the storage, protection, management, and distribution of sensitive information. It also includes rules for managing the passwords and the authorized users of those passwords etc. However, it is one thing to design security policy and another to make sure that it is well understood by everyone in the company. Relying too much on the fact that a security policy is in place without actually considering whether or not it’s properly communicated to all can prove to be the biggest security and password management mistake a company could make. This is where companies need to turn to management training.  

Sharing Passwords Among Users

The biggest drawback of sharing passwords between multiple users over a shared network is the loss of accountability. If the password somehow gets leaked out of the company – which it does because of the number of people involved – or even stays within the company and an unauthorized person gets hold of it, it becomes nearly impossible to pinpoint where the slip occurred, making your entire system vulnerable to unapproved access. 

Not Using Password Managers

Needless to say, everyone in the company should use a password manager software so that they do not have to remember every password to gain access to data. If everyone uses a password manager, it can also eliminate the need of sharing passwords every time with other staff members, as everyone would be having all the passwords with them. Using a password management tool also increases operational efficiency and strengthens the company’s security system. It stores all passwords in an encrypted form in a central database, and the authorized members of the staff can control their access.

Connecting to Unsecured Networks

It is perhaps one of the most commonly made password management mistakes by employees of a company; they heavily undermine the consequences of this. Employees often try to access their company details and accounts using public Wi-Fi networks. What they fail to realize is that once they login using these unprotected public networks, their credentials and login information including passwords are no longer safe and could result in a possible security breach for the company.

Posted in: Personal Finance

Top of page