Understanding the relationship between your people, policies and password settings

Let’s talk about your password. Yes, the one you’ve configured to override the company policy.

We understand why you’ve gone rogue. You have a legitimate reason for changing your settings so that you never have to change your password. Maybe you’re making sure that your backup processes run automatically – without a password getting in the way. And besides, it’s just this one password. What harm could it do?

Actually, a lot.

We’re finding a disturbing trend in password settings. A large portion of company passwords have gone rogue. We’re not talking about a few accounts. We’re discovering 30% to 50% of passwords that override company password policies.

Most company leaders don’t even realize the problem. They think they’re okay because they have solid password policies in place. But password policies only work if you and your people play by the rules. You have to look at settings.

Because the fact remains that your people are still your biggest risk when it comes to cybersecurity. You can have the best cyber security policies, but if you have one weak employee . . . Well, you’re still at risk. And employees that routinely change password settings to override company policies are definitely exposing you to an attack.

So how do you make sure your password policies, settings and people are working together securely?

Assess your settings.

Get a free access rights assessment by a credible cyber security company right away. They’ll tell you whether your password policies and your people’s settings are in alignment. Then they’ll check everything else that could threaten the security of your organization.

Manage your issues now.

You should address your threats while your organization and the economy is strong. That way, you can make preventative changes before times get tough. It’s in the tough times of letting employees go that you’re at the highest risk of losing sensitive information and intellectual property.

Monitor your risks.

Continue to keep an eye on password settings and other risks. Your people never remain static, and neither does your cyber security environment. You need to be alerted to weak credentials, dormant accounts and excessive privileges after employees leave. Because if you don’t, your attacker will.

Don’t be lulled into thinking that a good password policy automatically means good cyber security. Even the best password policies can be undermined by your people and their password settings. Take a look at the rogue passwords that are increasing your risk of attack – and then take action.

Umesh Verma, CEO, Blue LanceUmesh Verma is the award-winning CEO and driving force behind Blue Lance, the global provider of cybersecurity governance solutions. For more than 25 years, Blue Lance’s automated software solutions have been protecting digitally managed corporate assets by assessing, remediating, and monitoring security of information systems. Call Blue Lance at 1-800-856-2586 for your 25-point Access Rights Assessment, or get social with us on LinkedInFacebook, or Twitter.