4 Steps for Better Password Security in Your Company
One of the most frustrating things about having your own company is that you will always be responsible for everything. You can’t just call IT security to set up strong password policies, or email support asking them not to let people use “password123” anymore. Managed IT providers can help with this issue by helping monitor how employees are securing their passwords and what types of passwords they are using. This will not only make your Managed IT provider more attractive, but help solve a common problem for you and your employees:
Step 1: Require Complex and Unique Passwords Managers should require long and complex passwords, as well as change them at least every 90 days. If any employee changes their password, they need to let Managed IT providers know. Managed IT providers can then run password audits on all user accounts that are in the Managed IT provider’s system and report back when passwords haven’t been changed recently. Managers should also require employees use uppercase letters, lowercase letters, numbers, and symbols when creating their password. Managed IT providers can provide password managers to help enforce this.
Step 2: Set Secure Passwords Managed IT providers should disable shared accounts, so employees cannot share or use accounts that are not theirs. Managers should also tell Managed IT providers if one of their passwords has been compromised by a data breach and must change it immediately. This helps Managed IT providers monitor for breaches and protect all of a company’s Managed IT provider accounts. Managers also need to make sure their Managed IT provider has a strong password policy, so employees know what types of passwords are allowed.
Step 3: Protect All Accounts Managed IT providers should use two-factor authentication (2FA) to help keep accounts more secure. Managers should also make sure Managed IT providers are protecting all of their Managed IT provider accounts, including Active Directory, VPN, email, SMS/texting services, and phone account management if your Managed IT provider uses these services. Two-factor authentication is a great way to lock down accounts because Managed IT providers will need an extra code that Managed IT providers can get on their phone or email to log into the Managed IT provider’s system.
Step 4: Manage Passwords Managers should also make sure Managed IT provider employees are using secure passwords for cloud services like Dropbox, OneDrive, and Google Drive. Managers should also make Managed IT provider accounts and passwords are kept on paper and stored securely, and Managed IT providers should keep track of Managed IT provider accounts that have been inactive for more than 90 days.
Managed IT Providers can help with all these steps by saving passwords in a password manager, requiring complex passwords, checking for data breaches, enforcing password policies, protecting Managed IT provider accounts with 2FA, and keeping track of inactive Managed IT provider accounts. Managers can also outsource these tasks to Managed IT providers, which allows managers to concentrate on their actual jobs instead of worrying about password security for all their companies’ Managed IT provider accounts.