Whether you have 2 employees or 200, keeping tabs on their passwords is a crucial part of the security of your business and their personal information. Most data breaches occur because of compromised passwords, and a typical data breach can cost about $8 million in damages. From 2006 to 2019, data breaches increased 130%, and untold millions have been affected by major breaches in banks like Capital One and retailers like Target.
Even if you’re not a major bank or retailer, the cost and fallout from a data breach can easily cripple or bankrupt your business. Does your small business have eight million dollars hidden away? Likely not, and if you do, it’s certainly not for data breach costs.
Luckily, you can take an important step toward data breach prevention by simply keeping better tabs on your employees’ passwords. Here are five reasons why you need to pay attention.
1. Passwords Need Updating
An outdated password is a vulnerable password. If you have employees that have been using the same password(s) for years, you’re going to run into trouble. Passwords need to be updated at least a few times per year, but many employees don’t even think about that fact.
Let’s be honest for a minute. Most of us don’t think about our passwords as much as we should to begin with, especially when we’re creating them. We use self-identifying information like birthdays and addresses, and then use the same password for years without changing or updating it. This is poor password hygiene, and you can pretty much guarantee that at least a few people in your business operate this way.
Send out reminders via your network or email to remind employees to update passwords. You can also set up certain systems to force a password change by giving passwords a lifespan of a few months. Then, the system sends a notification that the password must be changed before a certain date.
2. Passwords Are A Double-Edged Sword
The thing about passwords is that they’re a double-edged sword. On one side, they can be one of the most effective cybersecurity measures your business takes. A complex, well-thought-out password can be almost impossible to crack, further securing the business’s networks as a whole.
On the other side, passwords can easily become the business’s weakest link. A poor password can last only seconds against a full-fledged dictionary attack or other method. This leaves the entire system vulnerable, and could have been prevented by a few more seconds of thought and effort.
The point? You have either an effective and reliable cybersecurity tool or a Trojan Horse at your disposal that will allow a hacker to breach the walls and wreak havoc on your business. It’s up to you to decide which you want.
3. They’re Not Always Thinking About Them
If employees aren’t taught proper password habits, they probably won’t even think about their password. And let’s be honest—we all live pretty busy lives. Between kids, work, social life, bills, and all of the other stressors modern life throws our way, our passwords are probably the last thing on our mind. This unfortunate truth is why so many passwords become compromised. It’s easier and quicker to create a memorable password and use the same one for several accounts.
It’s up to you to reinforce good password habits at your workplace. In fact, you need to make it a priority for everyone that works there. It’s not optional. Make it a part of the employee handbook. Password security should be one of the highest priorities at your business, and seen as such by everyone working there. Use password management software for business to increase your password security and encourage good habits.
4. If You Don’t, Someone Else Will
Of course, you can always choose to neglect your passwords and put your time somewhere else, but you can be certain that someone will pay attention to those passwords if you don’t. That someone likely has ill intent for your business, and is just looking for that opportunity. Don’t give them a wide-open door to walk through!
Don’t make the mistake of thinking that your business is too small to be affected, either. Small businesses are just as much if not more at risk of cyberattacks than large corporate entities. Smaller businesses tend to have poorer security measures in place, and are therefore easier to successfully breach. Don’t become a statistic—protect your passwords.
5. You Could Be Held Liable
In 2019, Capital One experienced a data breach that exposed nearly 100 million accounts. The courts ruled that Capital One was liable, and the major financial institution was forced to pay around $80 million in court settlements and legal fees. The point? You could be held legally liable for poor password management that leads to a data breach.
If you store any kind of customer information, it’s your responsibility to protect it at all costs. The easiest way to start protecting that data is to create better passwords and encourage better password hygiene among your employees.