• Making IT Work
  • 0800 8047 256
  • information@eacs.com
Is It Time To Rethink The Password? 04/09/2017Is It Time To Rethink The Password? 04/09/2017Is It Time To Rethink The Password? 04/09/2017Is It Time To Rethink The Password? 04/09/2017
  • About Us
    • Our Story
    • Customer Charter
    • Customers
      • Case Studies
    • ISO Certifications
    • CSR Statement
    • Awards & Recognition
    • Policy Statements
  • Services
    • Services News
    • Managed Services
      • 24/7 Services
      • Device Services
      • Device as a Service
      • Infrastructure Services
      • Security Service
      • Print Service
      • Managed Support Services
      • Managed WAN
      • Case Studies
      • Datasheets
    • Modern Workplace
      • Digital Transformation
      • Strategy Consulting
      • Current State Assessment
      • Desktop Deployment
      • Hardware Products
      • Data Management Solutions
      • Software & Renewal
      • Procurement Portal
        • eacs Selector
      • Lifecycle Management
      • Benefits of Hardware & Software Services
      • Case Studies
      • Datasheets
    • Hybrid Cloud
      • Journey to the Cloud
      • Optimise Virtual Workspace
      • Cloud Migration
      • Cloud Solutions
      • Architecture & Planning
      • Project Management
      • Cloud Availability Suite
      • Case Studies
      • Datasheets
    • Cyber Security
      • Predict
      • Prevent
      • Detect
      • Respond
      • Cybersecurity Made Simple
      • Cyber Essentials
      • Datasheets
    • Apple Services
      • Case Studies
      • Datasheets
    • Apps & Data
      • The Power Platform
      • Data Intelligence
      • Case Studies
      • Datasheets
  • Partners
    • Hybrid Cloud
    • Modern Workplace
    • Security
    • Frameworks
      • Shared Business Services
  • Optimise IT
    • Agenda
    • Exhibitors
  • News & Resources
    • News
      • Featured News
      • eacs in the news
      • eacs Blogs
      • eacs Newsletters
    • Resources
    • Case Studies
    • Datasheets
  • Community
    • Charitable Activities
    • Environment
    • CSR Statement
  • Careers
    • Careers
      • Recruitment Process
    • People Stories
    • Policies
  • Contact
    • Marketing
✕
Image for Data Protection Blog. Image of someone pressing interactive security padlock
UK Proposed Data Protection Bill Looks To Go Further Than GDPR 08/08/2017
January 12, 2018
Image for scanning in citrix blog. Image contains someone scanning paper
Scanning in Citrix – Solved! 28/09/2017
January 12, 2018
Published by Marketing on January 12, 2018
Categories
  • Resources
  • WhitePaper
Tags
Image of time to rethink the password blog. Image is of someone typing typing password into laptop

Is It Time To Rethink The Password?

The regular occurrence of cyber-attacks is creating a cyber arms race between the IT industry and malicious hackers. The new threats that are appearing daily mean that designs that were once acceptable are no longer suitable to keep up with the pace of today’s digital economy -  the password is a perfect example of this.

In fact, Bill Burr - the author of an influential guide to computer passwords - says he now regrets several of the tips he gave. Popularising his best practice back in 2003, he had initially suggested that users change their passwords every 90 days, muddling words by adding capital letters, symbols and numbers. With this logic, a secure password might look something like ‘S3cUre*’.

Burr has recently acknowledged that he was “barking up the wrong tree”. Current guidelines no longer recommend frequently changing passwords, as people tend to respond by making a couple of small alterations to their existing passwords - for example, changing "password1" into "password2" - you’ll agree that these are fairly easy to deduce.

The National Institute of Standards and Technology (NIST) suggests that IT departments should only force a password change when there's been some kind of security breach, to avoid incremental changes. Another recommendation is to favour long phrases, rather than short passwords with special characters.

But if we delve a bit deeper into the concept of the password it becomes clear that this protocol on its own is not enough to protect an organisation’s data, even if you follow best practice.

Why is this? Let’s consider each and every time we have to sign up at a new website, open a new app, or log in to our emails at work, here we are confronted with the challenge of what we should enter as a password. Naturally, our human nature comes into play and a number of thoughts go through our mind:

  • How often will I access this?
  • How sensitive is the data within it?
  • Do I really want to remember yet another password?

Far too often employees opt for the route of least resistance and simply replicate and use an existing password so that they can access business applications and systems faster. But here lies the issue. Passwords that are easily entered and remembered are inherently weak and can be easily second-guessed and compromised by a hacker.

Critical business data comes from a multitude of sources – your board, your customers, your partners, but it often shares one important characteristic: if this information is compromised the consequences can be far-reaching and severe.

As such, conducting a full IT security audit can help to mitigate security risks and identify where certain elements needed to be adjusted, especially if you are just using the traditional password to protect your sensitive data. If this is the case, it’s a good opportunity to explore other options, such as identity management software and multi-factor authentication.

The results from your analysis can help remove complacency of existing cyber security systems and also indicate whether possible legacy systems are still able to handle modern-day threats. An audit has the ability to analyse where the vulnerabilities are across all areas of interest, including physical network access, server systems, physical access and human behaviour, thus providing a clearer picture to make improvements.

To find out more about how to keep your organisation safe, click here.

Share
1
Marketing
Marketing

Related posts

Hindsight Cybersecurity
February 2, 2022

Hindsight Cybersecurity


Read more
cyber insurance
January 27, 2022

What’s Next for Cyber Insurance


Read more
October 6, 2021

Incident Response Guide


Read more

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

eacs Blogs

  • Remanufactured Laptops
    Dispelling Myths About Remanufactured Laptops
    April 5, 2022 , Modern Workplace
  • Selector home
    Modernising your IT Procurement Process with eacs Selector
    March 24, 2022 , Modern Workplace
  • remote working
    Supporting a Remote Workforce with the Hybrid Cloud
    February 21, 2022 , Business Continuity
  • How can Schools Combat Ransomware Attacks?
    February 2, 2022 , Cyber Security
  • cybersecurity
    What’s Next for the IT Security Team?
    December 9, 2021 , Cyber Security
  • Zero Trust
    What is Zero Trust and Why is it Important?
    November 24, 2021 , Cyber Security
  • Outsourcing IT
    2021: The Year of Outsourcing
    November 8, 2021 , Managed Services
  • Beating the Productivity Challenge with Innovation
    October 26, 2021 , Managed Services
  • Image of time to rethink the password blog. Image is of someone typing typing password into laptop
    The easiest way to help prevent 80% of Data Breaches
    June 10, 2021 , Cyber Security
  • How can Phishing Attacks be Prevented?
    May 14, 2021 , Cyber Security
  • Supporting Productive Digital Workspaces
    April 23, 2021 , Business Continuity
  • Delivering Excellence Consistently – ISO20000-1 Certification
    March 22, 2021 , Compliance
  • How do you know that you’re secure?
    March 3, 2021 , Cyber Security
  • Digital Workplace Solutions Framework – Simple, Trusted with the Potential for Huge Cost Savings
    February 16, 2021 , Shared Business Services
  • eacsRevo – ‘Furlough’ your Assets
    January 18, 2021 , Business Continuity
  • 24/7 Support – A Necessity for the New Way of Working
    January 8, 2021 , Modern Workplace
  • Why do customers trust eacs?
    December 15, 2020 , Business Continuity
  • #Optimise2020 – The Biggest Show of the Year!
    November 20, 2020 , OptimiseIT
  • A taste of what you have to look forward to at #Optimise2020…
    November 3, 2020 , OptimiseIT
  • Taking Optimise Virtual – The Story so Far!
    October 8, 2020 , OptimiseIT
  • Supporting your Home Workers with the Power Platform
    October 1, 2020 , Modern Workplace
  • The clock is ticking, are you prepared…
    September 30, 2020 , Cyber Security
  • Why you NEED to attend Optimise 2020
    September 15, 2020 , OptimiseIT
  • Decision time for N365 is ‘nigh’?
    September 3, 2020 , Shared Business Services
  • Image for Data Protection Blog. Image of someone pressing interactive security padlock
    Cloud Security
    August 18, 2020 , Cyber Security

About

About Us

Corporate Social Responsibility

Customer Satisfaction

Services

Managed Services

Professional Services

Cloud Services

Apple Services

Cyber Security

Hardware and Software

Procurement Portal – eacs Selector

Get in Touch

Head Office:
7 Ramsay Court,
Hinchingbrooke Business Park,
Huntingdon, Cambridgeshire.
PE29 6FY

Tel: 0800 8047 256
Fax: 0845 – 3379 147
Email: Click Here

Policies

Cookies

Disclaimer

Policy Statements

Privacy

Supplier Code of Conduct

© 2020 EACS. All Rights Reserved