Customer Sign In 1-888-250-8971
  • Products
  • Solutions
  • Pricing
  • Why Samanage
  • Company
Start Free Trial

Products

Service management solutions that grow and evolve with your business.

5 Benefits to IT Service Management

Samanage Service Platform

The smartest employee service management platform to run your service business.

Features

  • Incident Management
  • Service Portal
  • Change Management
  • Service Catalog
  • IT Asset Management
  • Knowledge Base
  • Problem Management
  • Reporting
  • SEE ALL FEATURES arrow-icn

Platform

  • Automations
  • Mobile
  • Internationalization
  • API
  • Documentation

Integrations

  • Google Apps
  • Slack
  • Jira
  • Zendesk
  • Zapier
  • Salesforce
  • SEE ALL INTEGRATIONS arrow-icn

Samanage for Salesforce

Extend your Salesforce Service Cloud investment with Employee Services

Samanage for Salesforce is built on on the Salesforce Service Cloud and provides customers a way to manage employee and customer service operations in an integrated way...

Learn more about Samanage for Salesforce.

Solutions

Best practices and solutions to meet your service needs.

Raising the Bar

IT Management

  • ITSM
  • ITIL
  • Computer Inventory
  • IT Service Desk
  • Microsoft Audit
  • IT Audit

Department

  • IT
  • Human Resources
  • Facilities Management

Industry

  • Financial Services
  • Healthcare

Why Samanage

We listen closely and quickly align solutions accordingly.

Demo

Our Customers

  • Awards
  • Reviews
  • Case Studies
  • Compare Service Desks

Our Commitment

  • Customer Service & Support
  • Community

Our Insights

  • Blog
  • White Papers
  • Datasheets
  • Webinars
  • Videos
  • Infographics

Company

Our leadership and team bring a fresh vision to the service industry.

How IT Plays a Lead Role

Who We Are

  • About Us
  • Leadership
  • Meet The Team
  • Investors
  • Partners

What We're Up To

  • Careers
  • News
  • Events
  • Contact
  • Products

    Samanage Service Platform

    The smartest employee service management platform to run your service business.

    Features
    • Incident Management
    • Service Portal
    • Change Management
    • Service Catalog
    • IT Asset Management
    • Knowledge Base
    • Problem Management
    • Reporting
    SEE ALL FEATURES arrow-icn
    Platform
    • Automations
    • Mobile
    • Internationalization
    • API
    • Documentation
    Integrations
    • Google Apps
    • Slack
    • Jira
    • Zendesk
    • Zapier
    • Salesforce
    SEE ALL INTEGRATIONS arrow-icn

    Running your enterprise on Salesforce?

    Try Samanage for Salesforce
  • Solutions
    IT Management
    • ITSM
    • ITIL
    • Computer Inventory
    • IT Service Desk
    • Microsoft Audit
    • IT Audit
    Department
    • IT
    • Human Resources
    • Facilities Management
    Industry
    • Financial Services
    • Healthcare
    • Education
  • Pricing
  • Why Samanage
    Our Customers
    • Awards
    • Reviews
    • Case Studies
    • Compare Service Desks
    Our Commitment
    • Customer Service & Support
    • Community
    Our Insights
    • Blog
    • White Papers
    • Datasheets
    • Webinars
    • Videos
    • Infographics
  • Company
    Who We Are
    • About Us
    • Leadership
    • Meet The Team
    • Investors
    • Partners
    What We're Up To
    • Careers
    • News
    • Events
    • Contact
Start Free Trial

IT Service Management

What Makes a Good Password Policy?

Written by Paul Vandre (LinkedIn IconPaul Vandre) on March 3, 2017 at 10:00 am

  • Tweet
  • Share 0
  • LinkedIn 0

Password Policy

People today jealously guard their Facebook passwords for fear of their pranky brother-in-law logging in as them and posting embarrassing status updates. The fact is, smart password practices cost next to nothing and aren’t time consuming. So, what is a “strong password” and how do you make strong passwords that don’t have to be written down on a Post-It or copy/pasted?

Complexity Has to Be Done Right

Password complexity is good, but when ordered to use special characters, most people use one of only 40 or so to strengthen their password (like substituting “1” for the letter i). Complexity works best when it’s random, however. It turns out length is more important than complexity as far as defeating password crackers, so increasing password length to 12 characters can increase password security significantly. This is good news, and it means you don’t have to devise passwords that look like the stand-in comic strip curse words (!%*##$*) from back in the day.

Complexity should mean a case-sensitive combo of letters, numbers, and special characters that’s at least eight characters long. Phrases interrupted by spaces, numbers, or special characters are typically robust, yet easy enough to remember that people aren’t tempted to write them down. Passwords need to be changed regularly too: every 60 days is OK, but every 30 is better.

Don’t Reuse Passwords

This is one case where recycling is bad. Reusing the same password across multiple systems can turn a minor data bleed into a rushing hemorrhage. When an employee’s personal Twitter password is hacked, it’s one thing, but when that Twitter password is the same one he uses across the entire company network, it can turn into a security nightmare. Make sure your end users understand this.

When It’s OK to Lie

Urge people to lie on the answers to their password reset questions. A little superficial research can yield a mother’s maiden name or pet’s name.  It’s better for people to pick a reset answer for each website consisting of an unrelated root phrase that’s meaningful to the user, but varied slightly for each site.

Passwords and Mobile Devices

A lost or stolen mobile device can be a huge headache for your organization. Require staff to use a device lock feature that times out after a couple of minutes of inactivity. If your organization has a BYOD policy, don’t let employees bring jailbroken iPhones or Androids, because these bring increased security risks. You should also have a policy that users must sign out and exit business apps when they’re not using them rather than keeping them running in the background. It’s a hassle, but it can save your organization from bigger problems later.

Social Engineering

Keep in mind that you can have the best password policy in the world, but even with mature authentication systems and lockouts for failed attempts, the weak link is still the end user’s trusting nature. Giving a strong, complex password to someone engaging in social engineering can undo all your hard work in an instant. Educating every end user about social engineering attacks should be part of your organization’s password strategy.

Here’s a handy list that can take a risky password policy and strengthen in considerably without spending much time or money:

  1. Increase minimum length of end user passwords to 12 characters
  2. Encourage end users to answer reset questions untruthfully
  3. Keep software up-to-date to ensure you have the latest security fixes
  4. Bust users who use plain text passwords on your network
  5. Educate end users on creating strong passwords
  6. Educate end users on social engineering and how to avoid being victims
6 tips for strengthening your organization's #password policy. Click To Tweet
  • Tweet
  • Share 0
  • LinkedIn 0

Tags:

IT ManagementIT Security and Risk Management

Related Posts

  • How Consumerization is Changing IT Support Models
  • Why Your Organization Needs an IT Risk Management Tool
  • Your Credentials are Compromised — Now What?
  • Turning Toxic IT Service Desk Teams Into Positive Environments
  • Why is the ISO 27001 Certification Important For Your Service Desk Vendor?
Subscribe to our Blog
  • Blog Home
  • IT Asset Management
  • IT Service Management
  • Enterprise Service Management
  • Help Desk Software
  • Cloud
  • Company
  • Friday Fun
  • Insights

Register Here:

How to Increase Employee Productivity
Products
  • Samanage Service Platform
  • Samanage for Salesforce®
Resources
  • Blog
  • Community
  • Webinars
  • White Papers
  • Datasheets
  • FAQ
  • API Documentation
Company
  • About Us
  • Leadership
  • Investors
  • Careers
  • News
  • Partners
  • Events
  • Contact
Contact Us
  • Samanage North America
    117 Edinburgh South,
    Suite 100
    Cary, NC, USA 27511
    1-888-250-8971

    San-Francisco address
    535 Mission St,
    14th floor
    San Francisco, CA 94105

  • Samanage Australia
    300b Glenmore Rd,
    Paddington NSW 2021,
    Australia
    +61-2-8319-5874
  • Samanage Europe B.V.
    Westblaak 180
    3012 KN Rotterdam, NL
    +31-10-8920398


    United Kingdom Office
    1 Fore St,
    6th floor
    London EC2Y 9DT, UK
    +44-20-3868-1381
  • Israel
    P.O box 8733
    5 Ha Melacha St.
    Netanya 4250540

© 2019 Samanage Ltd. All rights reserved. | Terms | Privacy | Sitemap

X
Don't take our word for it!
Check out real service desk vendor reviews from G2 Crowd
  • This field is for validation purposes and should be left unchanged.
6 ways to close tickets faster (without even looking at them)
  • This field is for validation purposes and should be left unchanged.
Whitepaper