Monthly Archives: July 2015

Does Your Business Have a Password Management Policy?

In order to keep your business up and running and to avoid being hacked, your company must develop an effective password management policy. This is especially true for any business that must comply with HIPAA, PCI, and/or other regulatory compliances, as regulatory scrutiny and fines can be costly and time consuming. The following four steps can help protect your business from disruption.

Make Your Password Complex

Make passwords complex; don’t make it easy for hackers to access your company’s data. Include both uppercase and lowercase letters, at least one digit, and punctuation and special characters. Consider creating a passphrase that includes several words, but be sure to avoid expressions from movies or other everyday vernacular.

Avoid The Usual Suspects

Believe it or not, the most common password is “Password.” Whatever you do, do not use easy-to-guess passwords. Change all default passwords right away, and avoid obvious choices, such as your family name, your pets’ names, or your birthday. Also, not not allow employees to keep a Post-It on their desk with a list of passwords.

Change Passwords Often

Some systems automatically prompt you to change your password every now and then. For systems that do not already have this feature built in, consider making quarterly password changes mandatory for your organization. And remember: Recycling is good, just not for passwords.

Smart Management

Consider using a password management system or encryption email to secure your resources. Both can assist you in staying safe from malware and threats. Some malware programs are designed to “phish” for your password. While logging in, malware may transmit your password without your knowledge, so make sure you block against the latest malware in addition to keeping your antivirus definitions and operating systems patches up to date.

This is not a comprehensive list nor a guarantee to avoid getting hacked or having your password compromised; however, it is a good starting point for your company’s password management policy. For more information on secure sign-on, contact your Cloud professional today.

Is Your Business Ready for a Disaster?

Disaster recovery and business continuity planning are processes that help organizations prepare for disruptive events—this might include a hurricane, an earthquake, a power outage caused by a fire or a cyber attack by hackers. Your business should have a process in place ranging from overseeing a disaster plan, to providing input and support, to putting the plan into action during an emergency.

Having a Plan Is Important

Given the human tendency to look on the bright side, some business people are prone to ignoring disaster recovery because disaster seems an unlikely event. Business continuity planning is a more comprehensive approach to making sure you can keep making money, not only after a natural disaster but also in the event of smaller disruptions including illness or departure an employee or other challenges that businesses face from time to time. The critical point is that neither element can be ignored, and physical, IT and human resources plans cannot be developed in isolation from each other. At its core, BC/DR is about constant communication.
Don’t Forget to Test Your Plan
Once you have a plan, it is imperative to test your backup and recovery scenarios to make sure you can bring your systems up in a timely manner. For disaster scenarios, consider training employees on protocol in an emergency situation. Understanding the effects that a disaster can have on your company is extremely important. In order to prepare your business for a disaster, it is necessary to analyze the costs and risks associated with downtime of your critical applications and their data. Having a proactive business continuity/data recovery plan will save your business money, and may save your business. If you need assistance with your plan, contact your technical professional before a disaster strikes.