How to create a strong Password Policy in your Company
Creating a strong password policy is an important security aspect of any firm, organisation or business. Every company has a password policy, even if none appears to exist. For example, if your organisation has no password policy when you ask your manager, then your password policy is simply ‘create your own password’ while this counts as a password policy it is a very poor password policy but still a password policy.
A decent password policy sets out a set number of guidelines and requirements for passwords used within the organisation. They define aspects of password creation and use such as;
- Minimum length of passwords staff must use
- Guidelines on creating passwords (must use random numbers, no pet names etc.).
- When/ how often passwords should be changed
- Where passwords are stored in the organisation
- Who is in charge of removing login information of previous employees
Password policies have become more important in recent years as avoiding cybercrime becomes a standard aspect of everyday business priorities. Company password policies are a very easy and simple aspect for organisations to introduce and can add a lot to the security of organisations as well as much more resistant to different kinds of cybercrime such as brute force attacks, spear phishing.
Password policy is an aspect of the ‘Human Layer’ of IT Security, which is usually the most important layer and one of the most effective against malware and avoiding data breaches.
Read our full article on ‘The 7 Layers of IT Security’ here.