Drug testing

Passwords and the Human Factor

Passwords have a strange dual nature. The stronger and safer the password the more likely it will be undermined by human weakness.

It is widely known that passwords are the most common means of access control. It is also common knowledge that passwords are the easiest way to compromise a system. Passwords have two basic functions. First, they allow initial entry to a system. Next, after access, they grant permission to various levels of information. This access can range from public data to restricted trade secrets and pending patents.

The best passwords are a lengthy and complex mix of upper and lower case letters, numbers and symbols. The tendency for people when using these formats is to write them down, store them on a hand held device, etc. thus destroying the integrity of the password.

The integrity of passwords can be circumvented through "Human Engineering." People can unwittingly make grave errors of judgment in situations that they may view as harmless or even helpful. For example, a password is shared with a forgetful employee and a system can be compromised. In more ominous cases, a con artist or hacker can phone a na?ve employee and present themselves as senior executives or help desk personnel and obtain that persons password. People have also been duped by callers claiming emergencies, cajoling or even threatening the employees job if a password is not provided.

These human lapses can be addressed through employee training and written policies that provide solid guidance and procedures in these circumstances. Training in information security, including password protocols, should be mandatory for every employee of the enterprise. Management support of this training and the security policy is critical to its success. To be effective, training should be repetitive with quarterly reviews of the company policy. There can also be frequent reminders, such as banners, about password security that appear during logons.

Management must not only support security measures, they must also provide a written and enforced policy statement. These written policies should be developed with assistance from the I.T. department as well as the human resource and legal departments. Written policies should be a part of the employee's introduction to the company and should be reviewed at least twice a year. It is also critical that the employee sign off on the document indicating that they received, read, and understood its contents. Firms that ignore these practices do so at their own risk.

Enforcement is an important partner to training. A policy that is not enforced is far worse than no policy at all. In fact, haphazard enforcement or lack of enforcement can increase a company's liability in many legal actions. To work, a policy must have "teeth". There should be a range of consequences for lapses whether it is a single event or multiple or flagrant incidents. This can range from a verbal warning all the way to termination.

In summary, passwords can be kept more secure by recognizing the human factor. Through management initiative, communication and training, as well as written and enforced policies and procedures, companies can have more control over their information assets and keep their clients and partners much safer.

About The Author

Terrence F. Doheny

President, Beyond If Solutions,LLC

www.beyondifsolutions.com

terry@beyondifsolutions.com

In The News:

During their first sit-down, President Trump and Brazil’s new far-right leader, President Jair Bolsonaro, arranged to sign several bilateral agreements, including one that lets the United States use Brazil’s Alcantara Aerospace Launch Base for satellites.
Last week, marine experts at Seaside Aquarium fielded a call about a bizarre sea creature found buried in the sand at a beach in Long Beach, Washington.
Two Bronze Age women — one likely a teenage priestess — probably didn't travel far and wide across Europe, as previous research suggested, but instead were real homebodies who likely never left what is now modern-day Denmark, a new study finds.
It's the moment warm weather fans have been waiting for: the first day of spring has officially arrived in the Northern Hemisphere.
Dinosaurs and alligators may both be reptiles, but the similarities were thought to be few and far between. Dinosaurs are commonly thought to have been warm-blooded, while alligators are cold-blooded, meaning they can not regulate their own body temperatures. Now, a new study suggests that both dinosaurs and animals have more in common than previously thought – their ability to hear.
Rep. Alexandria Ocasio-Cortez, while selling her "Green New Deal", said that the world will end in 12 years if nothing is done to address climate change.
Formula One champion Lewis Hamilton repeated a long-held conspiracy theory during a visit to NASA's Johnson Space Center in Houston last week.  
For some creatures, the magnetic field that hugs our planet serves as a compass for navigation or orientation.
An astronomer at Columbia University has a new guess about how hypothetical alien civilizations might be invisibly navigating our galaxy: Firing lasers at binary black holes (twin black holes that orbit each other).
Skygazers are set for a treat this week when the third and final supermoon of the year occurs.

Cisco Certification: The Most Important Cisco Study Youll Ever Do

All of us are familiar with the pyramids of Egypt.... Read More

The Newbies Guide to Personal Computer Maintenance

When you turn on your computer, does it act like... Read More

Cisco Certification: A Survival Guide To The Cisco Cable Jungle

One of the most confusing parts of beginning your Cisco... Read More

Upgrading Your PC for Non-experts

IntroOne of the big advantages of PCs over earlier types... Read More

How to Save an Image in a SQL Server Database?

Most of the web applications have a lot of images... Read More

How To Increase Computer Speed And Performance - Great Tips & Tricks

Many computer users are worried about their computer's performance. After... Read More

Cache In Your Chips And Get A Bus!

Computer related terminology could sometimes be daunting to newcomers. These... Read More

Selecting a Personal Digital Assistant

A Computer in Your HandCarrying around an address book and... Read More

Compile .BAT Files into Native Windows Applications (.EXE)

Since the DOS days, batch files have been one of... Read More

Tips For Finding Great Deals On Computer Accessories & Supplies

Tip #1. Do a Google search. Don't be to general... Read More

How To Become A True CCNA

I've worked my way from the CCNA to the CCIE,... Read More

Apache, MySQL & PHP for Windows

Apache, MysQL and PHP for Windows could be a nice... Read More

Help, I Need a New HDTV! (Part 4 of 5)

Feeling overwhelmed in selecting a new TV? With all the... Read More

How To Remove One Operating System from a Dual Boot Windows XP Computer

In Windows Xp, you can install two operating systems on... Read More

Cisco Certification: What To Expect On Exam Day

Cisco Certification: Taking Your First Certification ExamYou've studied hard; you've... Read More

Seven Things to Consider When Choosing a PDA

In the early days, Personal Digital Assistants (PDAs) were not... Read More

Some Thoughts on Choosing a Flash MP3 Player

Flash mp3 players come with an exciting array of features,... Read More

Computer Consulting 101 PC Troubleshooting Advice

While most small businesses really do need to find a... Read More

Help, I Need a New HDTV! (Part 1 of 5)

Feeling overwhelmed in selecting a new TV? With all the... Read More

Favorite Things To Do With Home Technology

Save money. Save 10-15% on utility bills per month. Work... Read More

Cisco CCNA Candidate FAQ

CCNA FAQQ. What exams do I have to take to... Read More

The Benefits of the New Firefox Browser

You probably heard of the new Firefox browser version 1.0... Read More

Have You Invited A Spy Into Your Computer?

Yes, it's true. You may have inadvertently invited a spy... Read More

Spyware Remover

Your first step in removing dangerous infections from your computer... Read More

How I Started Working With 3D Modeling Programs

So I'll start from the very beginning.One day I was... Read More

street lighting fixtures street light savings Pete's produce ..