Importance of a Password Policy

Having a Password Policy may be obvious to some but in fact there are companies that still do not understand the necessity for one.

Q – Why is it so important to have a Password Policy?
A – Primarily to prevent unauthorized access to a company’s workstations and networks.

As hackers get smarter and more aggressive with their attacks, businesses should be responding accordingly by implementing and enforcing a Password Policy.  It’s one thing to have a Password Policy but if it isn’t enforced, then you might as well put a sign on your Network saying, “Hack Away”.  Sarcasm aside; it is imperative for the security of every business, regardless of the business size, to have and enforce a Password Policy in this day of ever changing attack methods.

Tips for Implementing a Password Policy

• Find a Password Policy that is best suited for the needs of the company. You can find Password Policy Templates on-line for free or your IT Support department or company can provide one for you.
• Include your Password Policy in your security training or Welcome packet for new employees.
• Provide a document that must be signed and dated by all employees, contractors, and vendors before they are given access to any device connected to the company network.
• Review the Policy verbally with existing employees annually to make sure they understand the importance of the policy.
• Post the Policy on your network and make it accessible to all employees.
• Actively enforce the policy.  Some companies have gone as far as reprimanding or terminating employees who do not follow the policy.

***Reference our May 22, 2017 Blog about Creating Strong Passwords for additional information.***