Importance of a Password Policy
Having a Password Policy may be obvious to some but in fact there are companies that still do not understand the necessity for one.
Q – Why is it so important to have a Password Policy?
A – Primarily to prevent unauthorized access to a company’s workstations and networks.
As hackers get smarter and more aggressive with their attacks, businesses should be responding accordingly by implementing and enforcing a Password Policy. It’s one thing to have a Password Policy but if it isn’t enforced, then you might as well put a sign on your Network saying, “Hack Away”. Sarcasm aside; it is imperative for the security of every business, regardless of the business size, to have and enforce a Password Policy in this day of ever changing attack methods.
Tips for Implementing a Password Policy
- Find a Password Policy that is best suited for the needs of the company. You can find Password Policy Templates on-line for free or your IT Support department or company can provide one for you.
- Include your Password Policy in your security training or Welcome packet for new employees.
- Provide a document that must be signed and dated by all employees, contractors, and vendors before they are given access to any device connected to the company network.
- Review the Policy verbally with existing employees annually to make sure they understand the importance of the policy.
- Post the Policy on your network and make it accessible to all employees.
- Actively enforce the policy. Some companies have gone as far as reprimanding or terminating employees who do not follow the policy.
***Reference our May 22, 2017 Blog about Creating Strong Passwords for additional information.***