Drug testing

Passwords and the Human Factor

Passwords have a strange dual nature. The stronger and safer the password the more likely it will be undermined by human weakness.

It is widely known that passwords are the most common means of access control. It is also common knowledge that passwords are the easiest way to compromise a system. Passwords have two basic functions. First, they allow initial entry to a system. Next, after access, they grant permission to various levels of information. This access can range from public data to restricted trade secrets and pending patents.

The best passwords are a lengthy and complex mix of upper and lower case letters, numbers and symbols. The tendency for people when using these formats is to write them down, store them on a hand held device, etc. thus destroying the integrity of the password.

The integrity of passwords can be circumvented through "Human Engineering." People can unwittingly make grave errors of judgment in situations that they may view as harmless or even helpful. For example, a password is shared with a forgetful employee and a system can be compromised. In more ominous cases, a con artist or hacker can phone a na?ve employee and present themselves as senior executives or help desk personnel and obtain that persons password. People have also been duped by callers claiming emergencies, cajoling or even threatening the employees job if a password is not provided.

These human lapses can be addressed through employee training and written policies that provide solid guidance and procedures in these circumstances. Training in information security, including password protocols, should be mandatory for every employee of the enterprise. Management support of this training and the security policy is critical to its success. To be effective, training should be repetitive with quarterly reviews of the company policy. There can also be frequent reminders, such as banners, about password security that appear during logons.

Management must not only support security measures, they must also provide a written and enforced policy statement. These written policies should be developed with assistance from the I.T. department as well as the human resource and legal departments. Written policies should be a part of the employee's introduction to the company and should be reviewed at least twice a year. It is also critical that the employee sign off on the document indicating that they received, read, and understood its contents. Firms that ignore these practices do so at their own risk.

Enforcement is an important partner to training. A policy that is not enforced is far worse than no policy at all. In fact, haphazard enforcement or lack of enforcement can increase a company's liability in many legal actions. To work, a policy must have "teeth". There should be a range of consequences for lapses whether it is a single event or multiple or flagrant incidents. This can range from a verbal warning all the way to termination.

In summary, passwords can be kept more secure by recognizing the human factor. Through management initiative, communication and training, as well as written and enforced policies and procedures, companies can have more control over their information assets and keep their clients and partners much safer.

About The Author

Terrence F. Doheny

President, Beyond If Solutions,LLC

www.beyondifsolutions.com

terry@beyondifsolutions.com

In The News:

Two great white sharks were located off the coast of North Carolina this week after the massive predators traveled more than a thousand miles from Canada to reach the coastal waters.
They may sound cute, but they could cause a "giant-sized problem."
Archaeologists have uncovered cave drawings in eastern France that are more than 12,000 years old, but were hidden for hundreds of years under graffiti from the 16th to 19th centuries.
OAKFIELD, N.Y. (AP) — Cows that can withstand hotter temperatures. Cows born without pesky horns. Pigs that never reach puberty.
A massive mola mola sunfish was confused for shark during an open water race in North Carolina on Saturday.
An enormous crater, measuring 19 miles in diameter, has been officially found in Greenland, hidden under the ice. The find was likely caused by an asteroid that hit the Earth "less than 3 million years ago," and is said to have "rocked the Northern Hemisphere."
If you're experiencing a spell of bad luck, many people may ask you the same question: is Mercury in retrograde?
The mummified bodies of three climbers who went missing 59 years ago on Mexico’s highest volcano have been recovered by an army unit.
NASA's Jet Propulsion Laboratory (JPL) and Autodesk, a software company, have engaged in a multiyear collaborative research project to investigate new approaches for building interplanetary landers .
A bone-crushingly cold Super-Earth has been discovered approximately 6 light-years away from our Sun, according to a new study.

Cisco CCNA / CCNP Certification: OSPF ASBRs Explained And Illustrated

When I first started studying for my CCNP, some of... Read More

Repairing A Corrupt .RAR/.ZIP Archive

Step 1:Open WinRAR and browse to the folder with your... Read More

Gain Control Over Your Screensavers With These Simple Steps

We all enjoy our favorite screensavers but in the same... Read More

Plasma TV vs LCD TV

For those seeking to buy their first flat panel TV... Read More

Passwords and the Human Factor

Passwords have a strange dual nature. The stronger and safer... Read More

Setting File Permissions On A Unix Server

File permissions are one of the strengths that the Unix... Read More

Windows PDA Medical Software Benefits

PDA Medical BenefitsIf you are concerned about your medical history,... Read More

EDTV vs HDTV

Confused by EDTV vs HDTV? We don't blame you. The... Read More

This Page Cannot Be Displayed ? What to Do When Your Internet Breaks

The DNS (Domain Name System) servers are what your computer... Read More

Cisco Certification: Building Your Home Lab, Part II

In the first part of this home lab tutorial, CCNA... Read More

CCNA 640-801 Certification Primer

The Cisco Certified Network Associate (CCNA) Certification is meant for... Read More

Flash Memory, Part I: MMC and SD

MMC and SDFlash memory is available in so many formats... Read More

Build Your Own Computer

I'm eighty-one years old and I bought my first computer... Read More

Cisco CCNA Candidate FAQ

CCNA FAQQ. What exams do I have to take to... Read More

Basic Computer Maintenance

One of the most common questions computer users ask is,... Read More

Palm PC critique

I met an entrepreneur who hole heartedly disagree with an... Read More

Got Virus?

GOT VIRUS? Your Data is NOT lost forever!In the wake... Read More

How To Speed Up Your Aging PC And Make It Healthier Too

With a little tweaking and with proper tools, you can... Read More

Wordpress Plugins

Maybe you always wanted a feature that hasn't been available... Read More

How Does My PC Get Hot

There are many sources of heat that can raise the... Read More

Digital Cameras: Hot Gear with the Coolest Features!

Cameras: still known for taking pictures but assumed as digital... Read More

Why Using an Ad Blocker Can be a Bad Idea

Ad Blocking is getting to be a common sport on... Read More

Compare MP3 Players for the Coolest Features and Sweetest Deals

How can you compare mp3 players to be sure you're... Read More

Improve PC Performance - 6 Tips You Must Know

Are you frustrated with your PC?Is it feeling sluggish or... Read More

Bluetooth Technology: Tips for Buying Headsets or Headphones

The technological horizon has always got something new to offer,... Read More

white led lights led wholesalers Pete's produce ..