December 3, 2022

Making it tougher: How businesses can strengthen their security

© Digital Journal

The most common issue of weakness, from the perspective of the user when interacting with information technology, recurs with passwords. It remains commonplace that passwords are set too weak, enabling hackers to break them. This is a pattern common within businesses and with consumers.

Passwords can be strengthened by making them more robust and complex. However, the strength of a password can only be boosted to a given level. The process can be strengthened by having more than one method of authenticating the identity of the user, through dual or further stages (such as a password and a text message, for example).

Beyond this, further investment is going into biometrics, which is based on assessing a unique characteristic of the user such as a fingerprint.

Looking at the issue of password management for Digital Journal, is Geoff Bibby, senior vice president of small-to-medium-sized business and consumer (SMB/C) at OpenText.

According Bibby, now is “an excellent time for individuals, channel partners and businesses to reflect on their current password practices and ensure they are building the safest habits to protect themselves and their company from cybercriminals.”

However, too many people are complacent. Here Bibby firmly states: “Many are under the assumption that if they are taking the steps to create unique passwords for each platform and application, they are secure. But it’s not enough.”

These issues can be seen in news stories: “The number of headline-grabbing breaches that have taken place over the last year highlight the critical need for safeguards across the entire company network. While there are a few different ways to protect login credentials beyond a simple username and password, one of the most popular and effective options is two-factor authentication (2FA).”

What does this entail? According to Bibby: “Implementing 2FA provides an extra layer of security by making users confirm their identity, most often via a unique code sent to the user’s phone, email address or through an authenticator app, after entering their username and password. It’s getting easier for cybercriminals to breach even the most complex password, which is why implementing 2FA is critical.”

It is also important to understand where and how attacks can occur. Here Bibby  says: “Email is a common point of attack because it often contains sensitive and valuable communications.”

In terms of taking concrete action, Bibby recommends: “Organizations should also consider implementing an email security solution that conducts a security audit to analyze its admins, users, mailboxes, and rules for vulnerabilities such as outdated passwords so they can be resolved before a breach happens. This is especially true for ensure partners so that they can ensure the customers they support are protected against today’s cyberthreats and vulnerabilities.”

Bibby concludes, advising: “Organizations should evaluate their internal Password Policies and send reminders to employees and customers alike about the importance of good password hygiene.”