Protect Your SMB From Hackers With Better Passwords

Thursday, March 14, 2013
Posted by Brawlin Melgar

Bill Carey Siber SystemsBy Bill Carey, Vice President of Marketing & Business Development, Siber Systems Inc. 

Hacking is a growing problem for businesses worldwide, affecting small companies and large corporations alike. If your small business falls victim to hacking, you can lose valuable time and money identifying the source of the problem, fixing the issues that caused the leak and complying with increasingly strict mandatory reporting regulations. But the negative publicity you receive and loss of customer trust can be even bigger problems. 

The best strategy to avoid this scenario is to harden security at your company and make sure your vital business data doesn’t fall into the wrong hands. Passwords are the preferred gateway for hackers. This is because they have to be simple enough for employees to remember, which makes them relatively easy for hackers to guess.

The longer and more complex the password, the more secure it is. A Bloomberg Businessweek article noted that lowercase passwords containing only six characters take only about 10 minutes for a hacker to crack. Adding uppercase letters extends the length of time to required to guess it to 10 hours. Adding numbers and symbols makes it harder, taking up to 18 days.

Requiring longer passwords that contain upper and lowercase letters, numbers and symbols can make them nearly impossible to crack. But unless you can devise a system to help employees choose difficult-to-guess but easy-to-remember passwords, it can be a challenge to improve the security stance at your small business.

You can tackle that challenge by giving employees the training and resources they need to manage their passwords effectively. Training sessions can be formal or informal – the important thing is to pass along tips that employees can start using immediately. Don’t overlook common sense suggestions, like not using the names of sports teams, pets or children as a password: This is a surprisingly prevalent practice even among tech-savvy staff, and hackers can use social media sites to quickly find this information and breach business data protections.

If you’re looking for tips to pass along, there are a number of techniques employees can use to create strong passwords containing numbers as well as upper and lowercase letters that are nonetheless easy to remember. For example, employees can incorporate letters that resemble numbers into the mix, such as “G00dn19ht” for “Goodnight.”

Another effective technique is keyboard mapping, in which employees choose an easy-to-recall password and let an adjacent key represent each character. For instance, if the key above and to the left of each character in the word “rooster” were used in a keyboard mapping strategy, the password would be written as “499w534.”

As an alternative, you might consider an investment in an affordable password management system for your small business. Your vital business data would have better protection with a system that automatically encrypts passwords while logging employees into frequently visited sites without the time and hassle involved in creating hard-to-guess passwords.  

No matter which strategy you choose, the time to address password security is now – before your small company experiences a data breach. By making cyber security a priority and giving employees the education and tools they need, you can significantly reduce the risk of a hacking attack and safeguard important business information.


About the Author

Bill Carey is Vice President of Marketing & Business Development at Siber Systems Inc., which offers the top-rated RoboForm Password Manager solution. Find out more about RoboForm at http://www.roboform.com/.