|
|
|
|
||
|
||
|
Passwords and the Human Factor
Passwords have a strange dual nature. The stronger and safer the password the more likely it will be undermined by human weakness.
It is widely known that passwords are the most common means of access control. It is also common knowledge that passwords are the easiest way to compromise a system. Passwords have two basic functions. First, they allow initial entry to a system. Next, after access, they grant permission to various levels of information. This access can range from public data to restricted trade secrets and pending patents.
The best passwords are a lengthy and complex mix of upper and lower case letters, numbers and symbols. The tendency for people when using these formats is to write them down, store them on a hand held device, etc. thus destroying the integrity of the password.
The integrity of passwords can be circumvented through "Human Engineering." People can unwittingly make grave errors of judgment in situations that they may view as harmless or even helpful. For example, a password is shared with a forgetful employee and a system can be compromised. In more ominous cases, a con artist or hacker can phone a na?ve employee and present themselves as senior executives or help desk personnel and obtain that persons password. People have also been duped by callers claiming emergencies, cajoling or even threatening the employees job if a password is not provided.
These human lapses can be addressed through employee training and written policies that provide solid guidance and procedures in these circumstances. Training in information security, including password protocols, should be mandatory for every employee of the enterprise. Management support of this training and the security policy is critical to its success. To be effective, training should be repetitive with quarterly reviews of the company policy. There can also be frequent reminders, such as banners, about password security that appear during logons.
Management must not only support security measures, they must also provide a written and enforced policy statement. These written policies should be developed with assistance from the I.T. department as well as the human resource and legal departments. Written policies should be a part of the employee's introduction to the company and should be reviewed at least twice a year. It is also critical that the employee sign off on the document indicating that they received, read, and understood its contents. Firms that ignore these practices do so at their own risk.
Enforcement is an important partner to training. A policy that is not enforced is far worse than no policy at all. In fact, haphazard enforcement or lack of enforcement can increase a company's liability in many legal actions. To work, a policy must have "teeth". There should be a range of consequences for lapses whether it is a single event or multiple or flagrant incidents. This can range from a verbal warning all the way to termination.
In summary, passwords can be kept more secure by recognizing the human factor. Through management initiative, communication and training, as well as written and enforced policies and procedures, companies can have more control over their information assets and keep their clients and partners much safer.
About The Author
Terrence F. Doheny
President, Beyond If Solutions,LLC
Vancouver Sun, Canada - Sep 4, 2008
With Canadians taking on increasingly longer workdays, a recent survey conducted by Leger Marketing indicates Canadians are using their personal tech ...
CRN, NY - 9 hours ago
Although Microsoft says the guru idea is adapted from the Nordstrom model of "personal shoppers," it also sounds like the type of experience one gets ...
Wall Street Journal Blogs
Wall Street Journal Blogs, NY - 11 hours ago
... medicine is a low-tech business. Most doctors still use paper records, and it’sa rare patient who has created an electronic personal health record ...
OverTheLimit.info
Cnet Asia, CA - 17 hours ago
He has a personal tech blog named The Most Authoritative Technology Blog. He loves networking with friends & the tech community at large and can be found at ...
NetSuite: Chrome-ing it up for fun and profit Internet News
all 190 news articles
CanesTime.com - 22 hours ago
The same thing versus Florida State and Virginia Tech. We put it up quotes and stuff that is said in the newspaper or in the media because a lot of guys ...
Salt Lake Tribune, United States - Aug 19, 2008
By Vince Horiuchi "Crash Kart,"a Mario Kart-like driving game, is shown running on Apple's new iPhone 3G. With all the hoopla over the iPhone 3G and its new ...
ESPN - Sep 4, 2008
Tech picked up six personal fouls, all in the first half. They were flagged five times in the second half, with two of them for pass interference. ...
Dispatch Online, South Africa - 1 hour ago
Tech lovers can feast on concepts for home, office, cool gadgets and personal device 2200 The Riches: Fearful of losing the Bayou Hills deal, Wayne attempts ...
Salt Lake Tribune, United States - Aug 12, 2008
Boulder, Colorado - More than 18 million college students will head back to school this fall and nearly every one of them owns a personal computer. ...
USA Today
Forbes, NY - 6 hours ago
Google is pushing cloud computing to accomplish this--and challenging tech's old top dog Microsoft (nasdaq: MSFT - news - people ) to pick up the pace or go ...
Video: Google: World's Most Powerful 10-year-old AssociatedPress
all 236 news articles
Freezing - Time To Warm Up Your PC
Freezing is also known as crashing or hanging. It's frustrating. The computer locks up and the mouse and keyboard do not respond. You may lose data and you certainly lose time and patience.... Read More
Taking Advantage of the iPod Experience
Music lovers have been carrying around radios and other bulky music devices in order to take their tunes along with them as they go from place to place. With the iPod ? a... Read More
MCSE 70-290 Certification Primer
Microsoft Certifications are one of the most widely acclaimed, pursued, and achieved technical certifications in the IT industry. The demand for Microsoft Certified Professionals in the job market is increasing every year.Microsoft offers... Read More
DVD The Ultimate Consumer Digital Media
Digital Video Disc or as it is sometimes referred to Digital Versatile Disc (DVD) has for the last several years been Hollywood's primary video delivery method and with good cause. This inexpensive, compact... Read More
The Help Desk
When you think of a help desk, what do you picture? Do you see a large desk with an elderly woman sitting behind it pencil behind the ear? Maybe it has a computer... Read More
What Exactly are Screensavers? - part II
Here are some tips on how to use screensavers:First of all you should be careful when you use a screensaver on a LCD. A pixel it's on when it's dark on a LCD.... Read More
Learning To Navigate Ciscos Online Documentation
When studying for your Cisco CCNA, CCNP, or CCIE exam, you've got a powerful online weapon at your disposal. It's Cisco Connection Documentation, found at www.cisco.com/univercd. This site contains product, code, and protocol... Read More
Put Order and Information into File Names
Unless you place your faith in internal search engine software or document databases to track your work, consider a relatively low-tech enhancement to your work methods. I promise it will pay big dividends.Consider... Read More
JVCs First Three-Layer Combo-Disc Blu-Ray / DVD
JVC developed and used a high-performance reflective film to produce this revolutionary three layer structure. The outer Blu-ray layer can be read by the blue light laser but it is transparent for the... Read More
Virtual Memory - What is It?
I recently got an e-mail asking about virtual memory. The person who sent me the question was getting an error on random occasions from their Windows operating system stating "Your computer is low... Read More
Can Movie Theatres Compete with Home HD TV in the Future?
The battle is heating up for market share, home movie theatre, X-Box, Playstations and virtual reality take on the big screen and theme parks. You might be surprised to learn that the war... Read More
Dynamite Comes in Small Packages - Tiny Personal Audio MP3 Players Pack Powerful Music Enjoyment
MP3 players are Hot! Playing music has come a long way since the transistor radio, portable tape and CD player days. Most players are no larger than a deck of cards. Eliminating the... Read More
Portable DVD Players - Things To Know
In my humble opinion nothing makes a long trip easier (especially if you have kids). A portable DVD player is the ideal solution for those long plane rides or endless drives in a... Read More
Best PC Pocket GPS
Stop Getting LostOne of the greatest uses for a pocket pc is for gps navigation. Now all those people who continually get lost can find their way anywhere with the various types of... Read More
7 Reasons NOT to Take Your Laptop on Holiday!
Heading off on vacation soon?Then perhaps you're tempted to take your trusty laptop along for the trip.After all, you bought it for its mobility, and it's nice to stay in touch via email... Read More
Image Formats: GIF, JPEG, BMP
When browsing the internet you are likely to come across many different image formats. However, the most common formats are: CompuServe GIF, JPEG, and Bitmaps.CompuServe GIFGIF stands for Graphic Interchange Format and was... Read More
Font Organizers Review, Part I
Do you know how many fonts are currently installed on your PC? What is the difference between OpenType, TrueType, PostScript Type 1 and Printer fonts? If the answer is 'No', it's time to... Read More
Why Build Your Own Gaming Computer?
The best way to get the gaming computer that you want, that will provide optimum performance is to build your own computer. If you think you do not have the technical knowledge or... Read More
Upgrading Your PC for Non-experts
IntroOne of the big advantages of PCs over earlier types of computers is that they're upgradable. If you get to the point where you need a faster computer, more storage space or whatever,... Read More
What Are You Looking For In A Cheap MP3 Player?
Are you stymied by the vast offerings in cheap mp3 players? Don't know which features best suit your needs? Here are some suggestions based upon product reviews by mp3 player owners.The first thing... Read More
Why Build Your Own Computer System
Have you ever thought about building your own computer system? Maybe you've heard friends talking about doing this sort of thing, but you were never sure what was involved. This article attempts to... Read More
Compare MP3 Players for the Coolest Features and Sweetest Deals
How can you compare mp3 players to be sure you're getting the best features and price? You've checked some mp3 player ratings, and they're helpful. But iPod reviews and ratings don't answer all... Read More
A Beginners Guide to Avoiding Viruses
"Aaaaaahhhhhh! I've been invaded by a virus!" Getting a virus means getting sick and no one in their right mind wants to be ill. Well, now that computers have become our close friends,... Read More
The Ipod Mini: Why Its Not that Hot
I got my eyes set on a iPod mini, as it looked good for quite some reasons: it's small enough to put inside a pant's pocket, it has a lot of accessories to... Read More
5 Steps to Remove Spyware for Free
Have you ever tried to remove Spyware off your PC only to find out it never left or it came back? Tired of all those annoying Popups, Viruses, and Ads on your system... Read More
Flash Your nVidia Video Cards BIOS
You will need the following:1. 1.44MB FDD (floppy)2. NVFLASH utility copy3. Compatible BIOS file for your video card. (search the manufactures website for bios details)4. Required Drivers. (check manufactures website)Alright nowFirst Make... Read More
Basic Computer Thermodynamics
That desk in front of you and everything else around you is made up of atoms. An atom consists of electrons orbiting around a nucleus. An atom is increadibly tiny. You could line... Read More
Printing Multiple Copies of Photos
I do a holiday letter every year and send them to friends so they know what's happening with my family and I ask them about theirs. Though addressing the envelopes and such is... Read More
More Cool Web Tricks
If you ask most people what frustrates them most about the Internet, many of them will tell you "It's the little things!"It seems like all the great tricks and tips that make people... Read More
Basic Diagnosis Guidelines for Your PC
Simone is exasperated. She has to work on her university assignment but her PC is not working properly. For example: She would like to open a single Internet Explorer window but a whole... Read More
Desktop Security Software Risks - Part 2
This is the third in a series of articles highlighting reasons why we need a new model for anti-virus and security solutions.Reason #2: the Desktop Security Software RisksThe risks of placing software on... Read More
Put Order and Information into File Names
Unless you place your faith in internal search engine software or document databases to track your work, consider a relatively low-tech enhancement to your work methods. I promise it will pay big dividends.Consider... Read More
How to Place Home Theater Speakers
You have your television and home theater receiver; you just bought your new speakers and subwoofer and are ready to test things out. It's time to break out the measuring tape because precision... Read More
This Page Cannot Be Displayed ? What to Do When Your Internet Breaks
The DNS (Domain Name System) servers are what your computer uses to figure out where to go on the internet. www.whatever.com means absolutely nothing to your machine. It's only with the help of... Read More
Upgrading Your PC for Non-experts
IntroOne of the big advantages of PCs over earlier types of computers is that they're upgradable. If you get to the point where you need a faster computer, more storage space or whatever,... Read More
Emulation Manual - A Complete Guide on How to Change Your Windows XP to Mac OS X
IntroductionMac OS X is the most technologically advanced operating system by Apple. The use of soft edges, translucent colors and pinstripes (similar to the hardware of the first iMacs) brought more color and... Read More
FTP - File Transfer Protocol Explained
File Transfer Protocol (FTP) is a protocol that is part of the TCP/IP suite. It is the standard for transferring large amounts of data from server to server and from servers to clients.... Read More
5 Steps to Removing PC Clutter
It's hard enough as it is these days to get organized and then remain that way for weeks and months down the road. We are all very busy people, some of us with... Read More
What Exactly are Screensavers? - part II
Here are some tips on how to use screensavers:First of all you should be careful when you use a screensaver on a LCD. A pixel it's on when it's dark on a LCD.... Read More
Is Your Web Browser Putting You At Risk?
It's free, it comes with Windows and it's used by approximately 94% of the Internet population. It also poses an unacceptable security risk. What am I talking about? If you guessed Internet Explorer,... Read More
Portable DVD Players - Things To Know
In my humble opinion nothing makes a long trip easier (especially if you have kids). A portable DVD player is the ideal solution for those long plane rides or endless drives in a... Read More
5 Simple Ways To Increase Your Computer Speed & Help Your Computer Run More Efficiently!
If you're a computer expert, you'll probably already know about these tips (hopefully this will provide you with a little reminder). If you're not an expert, don't worry - these tips are simple,... Read More
Advantages and Guidelines of Automated Testing
"Automated Testing" is automating the manual testing process currently in use. This requires that a formalized "manual testing process", currently exists in the company or organization.Automation is the use of strategies, tools and... Read More
Cisco Certification: Building Your Own Home Lab, Part I
CCNAs and CCNA candidates hear it all the time: ???Get some hands-on experience???. From my personal experience climbing the Cisco certification ladder, I can tell you firsthand that there is no learning like... Read More
How To Speed Up Your Aging PC And Make It Healthier Too
With a little tweaking and with proper tools, you can get a faster, healthier PC, virtually immune to spyware infections and browser hijackers. How is this possible? Find out about the latest tools... Read More
Digital Cameras: Hot Gear with the Coolest Features!
Cameras: still known for taking pictures but assumed as digital still today.We have to understand cameras are just as important today as they have always been to us. Most photographers thought when the... Read More
How To Have Two (Multiple) Copies Of Windows
Having two operating systems is not as difficult as many of us consider. It just requires little hard work and some good equipment. By equipments I mean good hard disk space and good... Read More
Cisco Certification: Taking Your First Certification Exam
You???ve studied hard; you???ve practiced your configurations; you???ve used your flash cards over and over again; and finally, the big day is here. Your first certification exam!For many Cisco certification candidates, their first... Read More
Digital Cameras + Photo Printers = Quality Instant Photographs
In the 1950's and 1960's Polaroid's instant cameras were all the rage. You could shoot a picture and have the finished print in a minute or so. The quality wasn't that great, but... Read More
Protect Your PC from Viruses, Worms & Trojans
Each of the items in the checklist below is part of a broad and easy to implement security policy. Install all windows critical updates for your operating system from the Microsoft Update site... Read More
Cisco Certification: A Survival Guide To The Cisco Cable Jungle
One of the most confusing parts of beginning your Cisco studies is keeping all the cable types separate in your mind, and then remembering what they're used for. This often occurs when a... Read More
Be Your Own IT Department
If you use a computer, you need to know more than just how to use your email and surf the web. You need to know that you are protected. If there isn't someone... Read More
Some Thoughts on Choosing a Flash MP3 Player
Flash mp3 players come with an exciting array of features, and can be used for more than playing music while you cycle at the gym. Here are some things to think about when... Read More
How Does My PC Get Hot
There are many sources of heat that can raise the temperature in your PC. No, I'm not talking about the Tabasco sauce you dripped over your keyboard when you ate that bowl of... Read More
Customize Your Portable Player with an MP3 Player Accessory
Everywhere you look today people are listening to personal audio players. And many look for ways to personalize and/or enhance their experience. That's where the mp3 player accessory comes in.Designer skins, carrying cases,... Read More
Setting File Permissions On A Unix Server
File permissions are one of the strengths that the Unix world has had over it's Windows contemporaries. Permissions are a means to control access to information on a computer, on a file by... Read More
How to Set Up Simple File Sharing WinXP
The first step is: Start > My DocumentsSo you have the My documents folder open.Second click the tools button, than select folder options.Now you will see a few tabs, we want the View... Read More
Why Build Your Own Gaming Computer?
The best way to get the gaming computer that you want, that will provide optimum performance is to build your own computer. If you think you do not have the technical knowledge or... Read More
| GOOGLE AD |
Personal Technology Personal Technology |